PhariaAI Helm Chart
This document provides an overview of the chart dependencies and configurable Helm chart values for PhariaAI. It covers global configurations, detailed dependency settings, image pull credentials, PostgreSQL settings, and resource management options, offering a comprehensive guide for deploying and customizing PhariaAI.
Requirements
| Repository | Name | Version |
|---|---|---|
| oci://alephalpha.jfrog.io/helm/assistant | pharia-assistant | 0.28.3 |
| oci://alephalpha.jfrog.io/helm/assistant | pharia-assistant-api | 0.43.0 |
| oci://alephalpha.jfrog.io/helm/assistant | pharia-chat | 0.42.6 |
| oci://alephalpha.jfrog.io/helm/assistant | pharia-translation-service | 0.23.3 |
| oci://alephalpha.jfrog.io/helm | creance | 0.1.41 |
| oci://alephalpha.jfrog.io/helm | document-index | 0.28.11 |
| oci://alephalpha.jfrog.io/helm | pharia-document-index-mcp(document-index-mcp) | 0.8.12 |
| oci://alephalpha.jfrog.io/helm | inference-api | 0.15.111 |
| oci://alephalpha.jfrog.io/helm | inference-api-proxy | 0.5.38 |
| oci://alephalpha.jfrog.io/helm | inference-worker | 0.22.18 |
| oci://alephalpha.jfrog.io/helm | mcp-code-sandbox | 0.9.5 |
| oci://alephalpha.jfrog.io/helm | mcp-firecrawl | 0.11.7 |
| oci://alephalpha.jfrog.io/helm/pharia-catch | pharia-catch-api | 0.0.118 |
| oci://alephalpha.jfrog.io/helm/pharia-catch | pharia-catch-ui | 0.0.71 |
| oci://alephalpha.jfrog.io/helm | pharia-common | 0.2.50 |
| oci://alephalpha.jfrog.io/helm | pharia-conductor | 0.7.12 |
| oci://alephalpha.jfrog.io/helm | pharia-data-api | 0.67.2 |
| oci://alephalpha.jfrog.io/helm | pharia-finetuning | 0.7.33 |
| oci://alephalpha.jfrog.io/helm | pharia-iam | 0.14.110 |
| oci://alephalpha.jfrog.io/helm | pharia-kernel | 0.3.21 |
| oci://alephalpha.jfrog.io/helm | pharia-numinous | 0.52.0 |
| oci://alephalpha.jfrog.io/helm | pharia-oauth-gateway | 1.4.2 |
| oci://alephalpha.jfrog.io/helm | pharia-reloader | 0.1.6 |
| oci://alephalpha.jfrog.io/helm/pharia-studio | pharia-studio-api | 0.17.61 |
| oci://alephalpha.jfrog.io/helm/pharia-studio | pharia-studio-ui | 0.15.79 |
| oci://alephalpha.jfrog.io/helm | pharia-temporal | 0.1.7 |
| oci://alephalpha.jfrog.io/helm | pharia-transcribe | 0.3.5 |
| oci://alephalpha.jfrog.io/helm | pharia-translate | 0.5.5 |
| oci://alephalpha.jfrog.io/helm/phariaos | feature-flags | 0.10.1 |
| oci://alephalpha.jfrog.io/helm/phariaos | phariaos-manager | 0.55.8 |
| oci://alephalpha.jfrog.io/helm/phariaos | phariaos-ui | 0.64.19 |
Values
Global
| Key | Type | Default | Description |
|---|---|---|---|
| global.imagePullOpaqueSecretName | string |
|
Default PhariaAI Secret name as an Opaque secret. Override name for existing image pull secret if required |
| global.imagePullSecretName | string |
|
Default PhariaAI Secret name to pull images from Aleph Alpha artifactory. Override name for existing image pull secret if required |
| global.inference.enabled | bool |
|
Activate deployment of Pharia AA inference stack (inference-api, inference-worker) |
| global.inferenceApiServicesSecretRef | string |
|
Secret to be used to authenticate inference api services. See |
| global.ingress | object |
|
Global config for all ingress resources |
| global.ingress.ingressClassName | string |
|
The ingressClassName globally defined for all ingress resources ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource Override possible on sub-chart level: |
| global.ingress.ingressDomain | string |
|
Domain for external access / ingress to services via |
| global.openTelemetry | object |
|
Global OpenTelemetry configuration that applies to all services |
| global.openTelemetry.enabled | bool |
|
Enable OpenTelemetry tracing for all services |
| global.openTelemetry.environment | string |
|
Deployment environment for service identification and tracing This field is REQUIRED - deployment will fail if not specified Used for service.environment resource attribute and as default for X-Scope-OrgID header |
| global.openTelemetry.grpcEndpoint | string |
|
OpenTelemetry collector endpoint for gRPC (OTLP/gRPC) Example: "http://opentelemetry-collector.tracing:4317" Services that use gRPC: inference-api, inference-worker, most backend services |
| global.openTelemetry.httpEndpoint | string |
|
OpenTelemetry collector endpoint for HTTP (OTLP/HTTP) Example: "http://opentelemetry-collector.tracing:4318" Services that use HTTP: frontend applications, some lightweight services |
| global.openTelemetry.sampler | string |
|
OpenTelemetry sampler type Options: "always_on", "always_off", "traceidratio", "parentbased_traceidratio" - always_on: Sample all traces (100%) - always_off: Sample no traces (0%) - traceidratio: Sample based on samplingRatio (consistent across services) |
| global.openTelemetry.samplingRatio | string |
|
OpenTelemetry sampling ratio (0.0 to 1.0) Only used when sampler is "traceidratio" or "parentbased_traceidratio" 0.0 = no sampling, 1.0 = sample all traces |
| global.permissionModel | object |
|
Permission model (Roles to Permissions) used in the PhariaAI stack |
| global.permissionSchemaConfigMapName | string |
|
Default PhariaAI Config Map for setting permission model |
| global.phariaAIConfigMap | string |
|
Default PhariaAI ConfigMap for setting environment variables |
| global.phariaAiEdition | string |
|
Default PhariaAI edition <-- Will be dropped soon once we have coordinated with all customers @schema type: string minLength: 1 @schema |
| global.phariaAiEnvironment | string |
|
Default PhariaAI environment |
| global.phariaAiFeatureSet | string |
|
Default PhariaAI feature set |
| global.phariaAiInfraId | string |
|
PhariaAI infrastructure ID. This is used to identify the infrastructure in the PhariaAI system. |
| global.phariaAiInfraName | string |
|
PhariaAI infrastructure name. This is used to identify the infrastructure in the PhariaAI system. |
| global.searchStoresEnabled | bool |
|
Enable search stores functionality |
General
| Key | Type | Default | Description |
|---|---|---|---|
| apiGateway | object |
|
Ingress configuration for API Gateway |
| apiGateway.ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| apiGateway.ingress.enabled | bool |
|
Enabled ingress creation |
| apiGateway.ingress.hostname | string |
|
Hostname for the Ingress (without domain). The domain is read from |
| apiGateway.ingress.tls | object |
|
Configure TLS for this Ingress |
| apiGateway.ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| apiGateway.ingress.tls.secretName | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| imagePullCredentials.password | string |
|
Password to login into artifactory registry |
| imagePullCredentials.registry | string |
|
Aleph Alpha artifactory registry |
| imagePullCredentials.username | string |
|
Username to login into artifactory registry |
| pharia-document-index-mcp.enabled | bool |
| |
| pharia-document-index-mcp.fullnameOverride | string |
| |
| pharia-document-index-mcp.ingress.enabled | bool |
|
Sub charts
pharia-assistant
| Key | Type | Default | Description |
|---|---|---|---|
| pharia-assistant-api.databaseConfig.external | object |
|
Provide an existing database if you want to use an external database |
| pharia-assistant-api.databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| pharia-assistant-api.databaseConfig.secretKeys.databaseNameKey | string |
|
The key in the secret that contains the database name |
| pharia-assistant-api.databaseConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the host of the database |
| pharia-assistant-api.databaseConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the password of the database |
| pharia-assistant-api.databaseConfig.secretKeys.portKey | string |
|
The key in the secret that contains the port of the database |
| pharia-assistant-api.databaseConfig.secretKeys.userKey | string |
|
The key in the secret that contains the user of the database |
| pharia-assistant-api.enabled | bool |
|
Set this to true to install the pharia-assistant-api subchart as a dependency |
| pharia-assistant-api.env.APPLICATION_NAME | string |
|
Name of the application to be displayed in the frontend's top bar @schema deprecated: true type: string minLength: 1 @schema |
| pharia-assistant-api.env.DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE | string |
|
DEPRECATED: Use pharia-chat.env.values.PHARIA_CHAT_DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE instead @schema deprecated: true type: string minLength: 1 @schema |
| pharia-assistant-api.env.GENERATE_MODEL_NAME | string |
|
Model name for generate feature @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| pharia-assistant-api.env.MAX_FILE_UPLOAD_SIZE_MB | float |
|
Frontend maximum file upload size in MB @schema type: number exclusiveMinimum: 0 @schema |
| pharia-assistant-api.env.PERSIST_TRACES | bool |
|
Enable/disable persisting traces in the Assistant's database @schema type: boolean @schema |
| pharia-assistant-api.env.QA_MODEL_NAME | string |
|
Model used for generating Agents @schema deprecated: true enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| pharia-assistant-api.env.REQUEST_TIMEOUT_IN_SECONDS | int |
|
Frontend request timeout in seconds @schema type: integer minimum: 1 @schema |
| pharia-assistant-api.env.SUMMARY_MODEL_NAME | string |
|
Model name for summarization subtasks in chat and NLS features @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| pharia-assistant-api.env.TRANSLATE_MODEL_NAME | string |
|
Model name for translation feature @schema enum: ["pharia-1-mt-translation"] @schema |
| pharia-assistant-api.env.TRANSLATION_CACHE_MAX_SIZE | int |
|
Maximum size for the translation cache @schema type: integer minimum: 1 @schema |
| pharia-assistant-api.env.TRANSLATION_CACHE_TTL | int |
|
Time-to-live for the translation cache in seconds @schema type: integer minimum: 1 @schema |
| pharia-assistant-api.favicon | object |
|
The favicon used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing |
| pharia-assistant-api.favicon.png | string |
|
The base64 encoded favicon.png |
| pharia-assistant-api.favicon.svg | string |
|
The base64 encoded favicon.svg |
| pharia-assistant-api.featureFlags | object |
|
Feature flags for pharia-assistant-api |
| pharia-assistant-api.featureFlags.enableAutoSidebarResize | bool |
|
Enable automatic sidebar resizing @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableChat | bool |
|
Enable inbuilt chat feature @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableCollections | bool |
|
Enable collections @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableExtensibleGenerate | bool |
|
Enable extensible generate feature @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableExtensibleSummarize | bool |
|
Enable extensible summarize feature @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableHomepage | bool |
|
Enable homepage @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableNls | bool |
|
Enable NLS feature @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enablePersonalAgents | bool |
|
Enable personal agents @schema type: boolean @schema |
| pharia-assistant-api.featureFlags.enableTranslate | bool |
|
Enable inbuilt translate feature @schema type: boolean @schema |
| pharia-assistant-api.fullnameOverride | string |
|
Override for the full name of pharia-assistant-api |
| pharia-assistant-api.logo | object |
|
The logo used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing |
| pharia-assistant-api.logo.png | string |
|
The base64 encoded logo.png |
| pharia-assistant-api.logo.svg | string |
|
The base64 encoded logo.svg |
| pharia-assistant-api.postgresql.auth.existingSecret | string |
| |
| pharia-assistant-api.postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| pharia-assistant-api.postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| pharia-assistant-api.privacyPolicyNotice | list |
|
If a locale is missing or no customization is provided at all, the frontend has an inbuilt default with the same values as those below. @schema deprecated: true type: array items: type: object properties: locale: enum: ["en", "de"] minLength: 1 text: type: string minLength: 1 link_url: type: string minLength: 1 link_title: type: string minLength: 1 required: - locale - text - link_url - link_title @schema |
| pharia-assistant-api.redis.auth.password | string |
|
If internal Redis is used, a dedicated password has to be provided for setup of application authentication |
| pharia-assistant-api.redis.enabled | bool |
|
This is used to indicate whether the internal Redis should be used or not. |
| pharia-assistant-api.redisConfig.databases.centralCache | int |
|
The database to be used as central cache for pharia-assistant-api |
| pharia-assistant-api.redisConfig.external.existingSecret | string |
|
Provide connection details if you want to use an existing external Redis instance |
| pharia-assistant-api.redisConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the Redis host |
| pharia-assistant-api.redisConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the Redis password |
| pharia-assistant-api.redisConfig.secretKeys.portKey | string |
|
The key in the secret that contains the Redis port |
| pharia-assistant-api.redisConfig.secretKeys.usernameKey | string |
|
The key in the secret that contains the Redis user |
| pharia-assistant-api.redisConfig.tls.enabled | bool |
|
Indicates whether TLS is enabled for the Redis connection (only for external Redis) |
| pharia-assistant-api.resources.limits.cpu | string |
| |
| pharia-assistant-api.resources.limits.memory | string |
| |
| pharia-assistant-api.resources.requests.cpu | string |
| |
| pharia-assistant-api.resources.requests.memory | string |
| |
| pharia-assistant-api.secret | object |
|
Allows to populate the secret identified by 'pharia-assistant-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-assistant-api.serviceUserSecret' for more information. |
| pharia-assistant-api.serviceUserSecret | string |
|
The name of a secret containing the service user token used by the pharia-assistant-api for sending requests to the inference. This allows to connect the pharia-assistant-api to an externally running inference. The secret must contain the field apiToken. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-assistant-api.secret'. |
| defaultRoute | string |
|
Set the default route when visiting Assistant |
| enabled | bool |
|
Set this to true to install the pharia-assistant subchart as a dependency |
| faroPublicApiKey | string |
|
Set the public API Key for Faro. |
| faroTelemetryFallbackUrl | string |
|
Set the fallback Faro endpoint to send telemetry. |
| faroTelemetryUrl | string |
|
Set the Faro endpoint to send telemetry. Empty value disables the Faro plugin altogether. |
| fullnameOverride | string |
|
Override for the full name of pharia-assistant |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| posthogApiHost | string |
|
Set the PostHog API host. |
| posthogToken | string |
|
Set the PostHog token. empty value disables PostHog integration |
| posthogUiHost | string |
|
Set the PostHog UI host. |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
|
pharia-assistant-api
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig.external | object |
|
Provide an existing database if you want to use an external database |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| databaseConfig.secretKeys.databaseNameKey | string |
|
The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string |
|
The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string |
|
The key in the secret that contains the user of the database |
| enabled | bool |
|
Set this to true to install the pharia-assistant-api subchart as a dependency |
| env.APPLICATION_NAME | string |
|
Name of the application to be displayed in the frontend's top bar @schema deprecated: true type: string minLength: 1 @schema |
| env.DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE | string |
|
DEPRECATED: Use pharia-chat.env.values.PHARIA_CHAT_DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE instead @schema deprecated: true type: string minLength: 1 @schema |
| env.GENERATE_MODEL_NAME | string |
|
Model name for generate feature @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| env.MAX_FILE_UPLOAD_SIZE_MB | float |
|
Frontend maximum file upload size in MB @schema type: number exclusiveMinimum: 0 @schema |
| env.PERSIST_TRACES | bool |
|
Enable/disable persisting traces in the Assistant's database @schema type: boolean @schema |
| env.QA_MODEL_NAME | string |
|
Model used for generating Agents @schema deprecated: true enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| env.REQUEST_TIMEOUT_IN_SECONDS | int |
|
Frontend request timeout in seconds @schema type: integer minimum: 1 @schema |
| env.SUMMARY_MODEL_NAME | string |
|
Model name for summarization subtasks in chat and NLS features @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| env.TRANSLATE_MODEL_NAME | string |
|
Model name for translation feature @schema enum: ["pharia-1-mt-translation"] @schema |
| env.TRANSLATION_CACHE_MAX_SIZE | int |
|
Maximum size for the translation cache @schema type: integer minimum: 1 @schema |
| env.TRANSLATION_CACHE_TTL | int |
|
Time-to-live for the translation cache in seconds @schema type: integer minimum: 1 @schema |
| favicon | object |
|
The favicon used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing |
| favicon.png | string |
|
The base64 encoded favicon.png |
| favicon.svg | string |
|
The base64 encoded favicon.svg |
| featureFlags | object |
|
Feature flags for pharia-assistant-api |
| featureFlags.enableAutoSidebarResize | bool |
|
Enable automatic sidebar resizing @schema type: boolean @schema |
| featureFlags.enableChat | bool |
|
Enable inbuilt chat feature @schema type: boolean @schema |
| featureFlags.enableCollections | bool |
|
Enable collections @schema type: boolean @schema |
| featureFlags.enableExtensibleGenerate | bool |
|
Enable extensible generate feature @schema type: boolean @schema |
| featureFlags.enableExtensibleSummarize | bool |
|
Enable extensible summarize feature @schema type: boolean @schema |
| featureFlags.enableHomepage | bool |
|
Enable homepage @schema type: boolean @schema |
| featureFlags.enableNls | bool |
|
Enable NLS feature @schema type: boolean @schema |
| featureFlags.enablePersonalAgents | bool |
|
Enable personal agents @schema type: boolean @schema |
| featureFlags.enableTranslate | bool |
|
Enable inbuilt translate feature @schema type: boolean @schema |
| fullnameOverride | string |
|
Override for the full name of pharia-assistant-api |
| logo | object |
|
The logo used in the Assistant frontend can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing |
| logo.png | string |
|
The base64 encoded logo.png |
| logo.svg | string |
|
The base64 encoded logo.svg |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| privacyPolicyNotice | list |
|
If a locale is missing or no customization is provided at all, the frontend has an inbuilt default with the same values as those below. @schema deprecated: true type: array items: type: object properties: locale: enum: ["en", "de"] minLength: 1 text: type: string minLength: 1 link_url: type: string minLength: 1 link_title: type: string minLength: 1 required: - locale - text - link_url - link_title @schema |
| redis.auth.password | string |
|
If internal Redis is used, a dedicated password has to be provided for setup of application authentication |
| redis.enabled | bool |
|
This is used to indicate whether the internal Redis should be used or not. |
| redisConfig.databases.centralCache | int |
|
The database to be used as central cache for pharia-assistant-api |
| redisConfig.external.existingSecret | string |
|
Provide connection details if you want to use an existing external Redis instance |
| redisConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the Redis host |
| redisConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the Redis password |
| redisConfig.secretKeys.portKey | string |
|
The key in the secret that contains the Redis port |
| redisConfig.secretKeys.usernameKey | string |
|
The key in the secret that contains the Redis user |
| redisConfig.tls.enabled | bool |
|
Indicates whether TLS is enabled for the Redis connection (only for external Redis) |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
| |
| secret | object |
|
Allows to populate the secret identified by 'pharia-assistant-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-assistant-api.serviceUserSecret' for more information. |
| serviceUserSecret | string |
|
The name of a secret containing the service user token used by the pharia-assistant-api for sending requests to the inference. This allows to connect the pharia-assistant-api to an externally running inference. The secret must contain the field apiToken. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-assistant-api.secret'. |
pharia-chat
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig.pool.hasPgBouncer | bool |
| |
| databaseConfig.pool.recycleSec | int |
| |
| databaseConfig.pool.size | int |
| |
| databaseConfig.pool.timeoutSec | int |
| |
| enabled | bool |
|
Set this to true to install the |
| env.values.PHARIA_CHAT_DEFAULT_MODEL | string |
|
DEPRECATED @schema enum: ["llama-3.1-8b-instruct", "llama-3.1-70b-instruct", "llama-3.3-70b-instruct"] @schema |
| env.values.PHARIA_CHAT_DOCUMENT_INDEX_FILE_UPLOAD_NAMESPACE | string |
|
Document-Index namespace for file uploads in the default chat @schema type: string minLength: 1 @schema |
| env.values.PHARIA_CHAT_PERSIST_DEFAULT_CHAT_TRACES | bool |
|
Enable/disable persisting traces in the pharia-chat database for the default chat @schema type: boolean @schema |
| env.values.PHARIA_CHAT_REASONING_MODEL | string |
|
Model name for agentic chat @schema type: string @schema |
| env.values.PHARIA_CHAT_RETRIEVER_QA_INDEX_NAME | string |
|
Document-Index index name for the collections used in the default chat @schema type: string minLength: 1 @schema |
| fullnameOverride | string |
|
Set this to override the fully qualified name for Pharia Chat |
| ingress.enabled | bool |
| |
| ingress.tls.enabled | bool |
| |
| jobInitMcpRegistry.enabled | bool |
| |
| jobInitMcpRegistry.env.configmap.MCP_CODE_SANDBOX_URL.key | string |
| |
| jobInitMcpRegistry.env.configmap.MCP_CODE_SANDBOX_URL.name | string |
| |
| jobInitMcpRegistry.env.configmap.MCP_CODE_SANDBOX_URL.optional | bool |
| |
| jobInitMcpRegistry.env.configmap.MCP_FIRECRAWL_URL.key | string |
| |
| jobInitMcpRegistry.env.configmap.MCP_FIRECRAWL_URL.name | string |
| |
| jobInitMcpRegistry.env.configmap.MCP_FIRECRAWL_URL.optional | bool |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_CONDUCTOR_URL.key | string |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_CONDUCTOR_URL.name | string |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_CONDUCTOR_URL.optional | bool |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_DOCUMENT_INDEX_MCP_URL.key | string |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_DOCUMENT_INDEX_MCP_URL.name | string |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_DOCUMENT_INDEX_MCP_URL.optional | bool |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_TRANSLATION_SERVICE_HOST.key | string |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_TRANSLATION_SERVICE_HOST.name | string |
| |
| jobInitMcpRegistry.env.configmap.PHARIA_TRANSLATION_SERVICE_HOST.optional | bool |
| |
| jobInitMcpRegistry.extraVolumes[0].configMap.defaultMode | int |
| |
| jobInitMcpRegistry.extraVolumes[0].configMap.name | string |
| |
| jobInitMcpRegistry.extraVolumes[0].name | string |
| |
| jobInitMcpRegistry.mcpServers | object |
|
MCP servers configuration @schema type: object additionalProperties: type: object properties: enabled: type: boolean description: type: string base_url: type: string path: type: string minLength: 1 scope: type: string enum: - system - selectable transport: type: string enum: - streamable-http - sse icon: type: string required: - path - description - scope - transport @schema |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| secret | object |
|
Allows to populate the secret identified by 'pharia-chat.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-chat.serviceUserSecret' for more information. |
| serviceUserSecret | string |
|
The name of a secret containing the service user token used by the pharia-chat for sending embedding requests to the inference. This allows to connect the pharia-chat to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-chat.secret.serviceUserToken'. This can be left undefined if the pharia-chat is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret. |
pharia-translation-service
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the pharia-translation-service subchart as a dependency |
| env.values.TRANSLATE_MODEL_NAME | string |
|
Model name for translation feature @schema enum: ["pharia-1-mt-translation"] @schema |
| fullnameOverride | string |
|
Override for the full name of pharia-translation-service |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
|
creance
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig | object |
|
"app user" |
| databaseConfig.external | object |
|
"os.pharia.ai/allowed-usecases": '["Creance"]' |
| databaseConfig.secretKeys.databaseNameKey | string |
|
The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string |
|
The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string |
|
The key in the secret that contains the user of the database |
| enabled | bool |
|
available in the assistant |
| fullnameOverride | string |
| |
| inference.secretKeys.baseUrl | string |
|
The base URL of the inference API |
| inference.secretKeys.token | string |
|
The inference token |
| inference.secretName | string |
|
"os.pharia.ai/allowed-usecases": '["Creance"]' |
| storageConfig.external | object |
|
"os.pharia.ai/allowed-usecases": '["Creance"]' |
| storageConfig.secretKeys.bucketNameKey | string |
|
The name of the storage bucket |
| storageConfig.secretKeys.bucketPasswordKey | string |
|
The Secret Access Key for the object storage |
| storageConfig.secretKeys.bucketUserKey | string |
|
The Access Key ID |
| storageUrl | string |
|
The host of the S3 compatible object storage |
| unleash.secretKeys.token | string |
|
The API token for Unleash |
| unleash.secretName | string |
|
with default values |
document-index
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig | object |
|
Config for database access; not required if postgresql dependency deployment is used |
| databaseConfig.external | object |
|
Config for external database access provided via Helm values |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| databaseConfig.secretKeys | object |
|
Keys in K8s Secret for database config values |
| enabled | bool |
|
Set this to true to install the document-index subchart as a dependency |
| fullnameOverride | string |
| |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| postgresql.persistence.size | string |
| |
| postgresql.resources.limits.cpu | string |
| |
| postgresql.resources.limits.memory | string |
| |
| postgresql.resources.requests.cpu | string |
| |
| postgresql.resources.requests.memory | string |
| |
| qdrant.requests.cpu | string |
| |
| qdrant.requests.memory | string |
| |
| qdrant.resources.limits.cpu | string |
| |
| qdrant.resources.limits.memory | string |
| |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
| |
| secret | object |
|
Allows to populate the secret identified by 'document-index.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'document-index.serviceUserSecret' for more information. |
| serviceUserSecret | string |
|
The name of a secret containing the service user token used by the document-index for sending embedding requests to the inference. This allows to connect the document-index to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'document-index.secret.serviceUserToken'. This can be left undefined if the document-index is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret. |
| sparse-embedding-service.defaultLanguage | string |
|
The language to default to if language detection fails. |
| sparse-embedding-service.languageDetectors | string |
|
The language detectors to load. Set this to the languages you want to support. Supported values: "arabic,basque,catalan,danish,dutch,english,finnish,french,german, greek,hungarian,indonesian,italian,norwegian,portuguese,romanian,russian,spanish, swedish,turkish" |
| sparse-embedding-service.resources.limits.cpu | string |
| |
| sparse-embedding-service.resources.limits.memory | string |
| |
| sparse-embedding-service.resources.requests.cpu | string |
| |
| sparse-embedding-service.resources.requests.memory | string |
|
document-index-mcp
| Key | Type | Default | Description |
|---|
inference-api
| Key | Type | Default | Description |
|---|---|---|---|
| inference-api-proxy.enabled | bool |
| |
| inference-api-proxy.fullnameOverride | string |
| |
| inference-api-proxy.ingress.enabled | bool |
|
Enabled ingress creation |
| inference-api-proxy.ingress.ingressSubdomain | string |
| |
| inference-api-proxy.ingress.tls.enabled | bool |
| |
| inference-api-proxy.ingress.tls.secretName | string |
| |
| admin.email | string |
|
Email of the admin user to create on startup |
| admin.emailKey | string |
|
The email key in the secret |
| admin.existingSecret | string |
|
Existing secret to use instead of email/password. |
| admin.password | string |
|
Initial password of the admin user. If no existing external secret is provided via admin.existingSecret, a password value has to be applied during installation |
| admin.passwordKey | string |
|
The password key in the secret |
| databaseConfig | object |
|
Config for database access; not required if postgresql dependency deployment is used |
| databaseConfig.external | object |
|
Config for external database access provided via Helm values |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| databaseConfig.secretKeys | object |
|
Keys in K8s Secret for database config values |
| enableUnauthenticatedAccess | bool |
|
Set this to true to disable all token validation in the inference api |
| fullnameOverride | string |
| |
| inferenceApiServices.existingSecret | string |
|
Name of an existing inferenceApiServices secret. If you want to provide your own secret, set this to the name of your secret. Keep in mind to set global.inferenceApiServicesSecretRef to the same name if an existing secret is used. The secret is expected to have a key-value-pair with key |
| inferenceApiServices.secret | string |
|
Manually added services secret If no existing external secret is provided via inferenceApiServices.existingSecret, a secret value has to be applied during installation |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.ingressSubdomain | string |
| |
| ingress.tls.enabled | bool |
| |
| ingress.tls.secretName | string |
| |
| jwt.existingSecret | string |
|
Name of an existing jwt secret to use The secret is expected to have a key-value-pair with key |
| jwt.secret | string |
|
Manually added jwt secret If no existing external secret is provided via jwt.existingSecret, a secret value has to be applied during installation |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
|
inference-api-proxy
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
| |
| fullnameOverride | string |
| |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.ingressSubdomain | string |
| |
| ingress.tls.enabled | bool |
| |
| ingress.tls.secretName | string |
|
inference-worker
| Key | Type | Default | Description |
|---|---|---|---|
| checkpoints[0].generator.pipeline_parallel_size | int |
| |
| checkpoints[0].generator.tensor_parallel_size | int |
| |
| checkpoints[0].generator.tokenizer_path | string |
| |
| checkpoints[0].generator.type | string |
| |
| checkpoints[0].generator.weight_set_directories[0] | string |
| |
| checkpoints[0].modelVolumeClaim | string |
| |
| checkpoints[0].models.luminous-base.adapter_name | string |
| |
| checkpoints[0].models.luminous-base.aligned | bool |
| |
| checkpoints[0].models.luminous-base.bias_name | string |
| |
| checkpoints[0].models.luminous-base.chat_template | string |
| |
| checkpoints[0].models.luminous-base.completion_type | string |
| |
| checkpoints[0].models.luminous-base.description | string |
| |
| checkpoints[0].models.luminous-base.embedding_type | string |
| |
| checkpoints[0].models.luminous-base.experimental | bool |
| |
| checkpoints[0].models.luminous-base.maximum_completion_tokens | int |
| |
| checkpoints[0].models.luminous-base.multimodal_enabled | bool |
| |
| checkpoints[0].models.luminous-base.prompt_template | string |
| |
| checkpoints[0].models.luminous-base.semantic_embedding_enabled | bool |
| |
| checkpoints[0].models.luminous-base.softprompt_name | string |
| |
| checkpoints[0].models.luminous-base.worker_type | string |
| |
| checkpoints[0].queue | string |
| |
| checkpoints[0].replicas | int |
| |
| checkpoints[0].version | int |
| |
| checkpoints[1].generator.pipeline_parallel_size | int |
| |
| checkpoints[1].generator.steering.default_in_context_vectors_strength | float |
| |
| checkpoints[1].generator.tensor_parallel_size | int |
| |
| checkpoints[1].generator.tokenizer_path | string |
| |
| checkpoints[1].generator.type | string |
| |
| checkpoints[1].generator.weight_set_directories[0] | string |
| |
| checkpoints[1].modelVolumeClaim | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".adapter_name | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".aligned | bool |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".bias_name | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".chat_template.bos_token | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".chat_template.eos_token | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".chat_template.template | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".completion_type | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".description | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".embedding_type | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".experimental | bool |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".maximum_completion_tokens | int |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".multimodal_enabled | bool |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".prompt_template | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".softprompt_name | string |
| |
| checkpoints[1].models."llama-3.1-8b-instruct".worker_type | string |
| |
| checkpoints[1].queue | string |
| |
| checkpoints[1].replicas | int |
| |
| checkpoints[1].version | int |
| |
| checkpoints[2].generator.pipeline_parallel_size | int |
| |
| checkpoints[2].generator.tensor_parallel_size | int |
| |
| checkpoints[2].generator.tokenizer_path | string |
| |
| checkpoints[2].generator.type | string |
| |
| checkpoints[2].generator.weight_set_directories[0] | string |
| |
| checkpoints[2].modelVolumeClaim | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".adapter_name | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".aligned | bool |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".bias_name | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".chat_template.bos_token | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".chat_template.eos_token | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".chat_template.template | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".completion_type | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".description | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".embedding_type | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".experimental | bool |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".maximum_completion_tokens | int |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".multimodal_enabled | bool |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".prompt_template | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".softprompt_name | string |
| |
| checkpoints[2].models."llama-3.3-70b-instruct".worker_type | string |
| |
| checkpoints[2].queue | string |
| |
| checkpoints[2].replicas | int |
| |
| checkpoints[2].resources.limits.memory | string |
| |
| checkpoints[2].resources.requests.memory | string |
| |
| checkpoints[2].startupProbe.failureThreshold | int |
| |
| checkpoints[2].startupProbe.periodSeconds | int |
| |
| checkpoints[2].version | int |
| |
| checkpoints[3].generator.pipeline_parallel_size | int |
| |
| checkpoints[3].generator.tensor_parallel_size | int |
| |
| checkpoints[3].generator.tokenizer_path | string |
| |
| checkpoints[3].generator.type | string |
| |
| checkpoints[3].generator.weight_set_directories[0] | string |
| |
| checkpoints[3].modelVolumeClaim | string |
| |
| checkpoints[3].models.llama-guard-3-8b.adapter_name | string |
| |
| checkpoints[3].models.llama-guard-3-8b.aligned | bool |
| |
| checkpoints[3].models.llama-guard-3-8b.bias_name | string |
| |
| checkpoints[3].models.llama-guard-3-8b.chat_template.bos_token | string |
| |
| checkpoints[3].models.llama-guard-3-8b.chat_template.eos_token | string |
| |
| checkpoints[3].models.llama-guard-3-8b.chat_template.template | string |
| |
| checkpoints[3].models.llama-guard-3-8b.completion_type | string |
| |
| checkpoints[3].models.llama-guard-3-8b.description | string |
| |
| checkpoints[3].models.llama-guard-3-8b.embedding_type | string |
| |
| checkpoints[3].models.llama-guard-3-8b.experimental | bool |
| |
| checkpoints[3].models.llama-guard-3-8b.maximum_completion_tokens | int |
| |
| checkpoints[3].models.llama-guard-3-8b.multimodal_enabled | bool |
| |
| checkpoints[3].models.llama-guard-3-8b.prompt_template | string |
| |
| checkpoints[3].models.llama-guard-3-8b.softprompt_name | string |
| |
| checkpoints[3].models.llama-guard-3-8b.worker_type | string |
| |
| checkpoints[3].queue | string |
| |
| checkpoints[3].replicas | int |
| |
| checkpoints[3].version | int |
| |
| fullnameOverride | string |
| |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
| |
| tolerations | list |
|
mcp-code-sandbox
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the mcp-code-sandbox subchart as a dependency providing code execution capabilities |
| fullnameOverride | string |
|
mcp-firecrawl
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Requires an environment variable called FIRECRAWL_API_KEY |
| fullnameOverride | string |
|
pharia-catch-api
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the |
| fullnameOverride | string |
|
Set this to override the fully qualified name for Pharia Catch API |
| ingress.enabled | bool |
| |
| ingress.tls.enabled | bool |
| |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| secret | object |
|
Allows to populate the secret identified by 'pharia-catch-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-catch.serviceUserSecret' for more information. |
| serviceUserSecret | string |
|
The name of a secret containing the service user token used by the pharia-chat for sending embedding requests to the inference. This allows to connect the pharia-chat to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-catch-api.secret.serviceUserToken'. This can be left undefined if the pharia-catch-api is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret. |
pharia-catch-ui
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the |
| fullnameOverride | string |
|
Set this to override the fully qualified name for Pharia Catch UI |
| ingress.enabled | bool |
| |
| ingress.ingressSubdomain | string |
| |
| ingress.tls.enabled | bool |
| |
| secret | object |
|
Allows to populate the secret identified by 'pharia-catch-ui.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-catch-ui.serviceUserSecret' for more information. |
| serviceUserSecret | string |
|
The name of a secret containing the service user token used by the pharia-chat for sending embedding requests to the inference. This allows to connect the pharia-catch-ui to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-catch-ui.secret.serviceUserToken'. This can be left undefined if the pharia-catch-ui is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret. |
pharia-common
| Key | Type | Default | Description |
|---|
pharia-conductor
| Key | Type | Default | Description |
|---|---|---|---|
| agentUrlPrefix | string |
|
Set this to provide the agent URL prefix that will be used to compose the messages from the MCP server. |
| enabled | bool |
|
Set this to true to install the |
| env.configmap.PHARIA_CONDUCTOR_AGENT_URL_PREFIX.key | string |
| |
| env.configmap.PHARIA_CONDUCTOR_AGENT_URL_PREFIX.name | string |
| |
| env.configmap.PHARIA_CONDUCTOR_AGENT_URL_PREFIX.optional | bool |
| |
| fullnameOverride | string |
|
Set this to override the fully qualified name for PhariaConductor |
| ingress.enabled | bool |
| |
| ingress.tls.enabled | bool |
| |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
pharia-data-api
| Key | Type | Default | Description |
|---|---|---|---|
| cronJob.enabled | bool |
| |
| databaseConfig | object |
|
Config for database access; not required if postgresql dependency deployment is used |
| databaseConfig.external | object |
|
Config for external database access provided via Helm values |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| databaseConfig.secretKeys | object |
|
Keys in K8s Secret for database config values |
| enabled | bool |
|
Set this to true to install the pharia-data-api subchart as a dependency |
| etl.enabled | bool |
| |
| etlSelector | string |
| |
| externalTemporalConfig.accountId | string |
| |
| externalTemporalConfig.apiKeySecretKey | string |
| |
| externalTemporalConfig.apiKeySecretName | string |
| |
| externalTemporalConfig.host | string |
| |
| externalTemporalConfig.namespace | string |
| |
| externalTemporalConfig.port | string |
| |
| externalTemporalConfig.sslEnable | string |
| |
| fullnameOverride | string |
| |
| inbox.enabled | bool |
| |
| ingress.enabled | bool |
|
Enabled ingress creation locally |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| minio.enabled | bool |
| |
| phariadataorchestrator.enabled | bool |
| |
| phariadataorchestrator.server.config.persistence.default.sql.existingSecret | string |
|
When using a secret, set the password to "" and use the following fields |
| phariadataorchestrator.server.config.persistence.default.sql.password | string |
|
If internal PostgreSQL is used, either password or existingSecret and secretName, has to be provided for setup of orchestrator database authentication |
| phariadataorchestrator.server.config.persistence.default.sql.secretName | string |
| |
| phariadataorchestrator.server.config.persistence.visibility.sql.existingSecret | string |
|
When using a secret, set the password to "" and use the following fields |
| phariadataorchestrator.server.config.persistence.visibility.sql.password | string |
|
If internal PostgreSQL is used, either password or existingSecret and secretName, has to be provided for setup of orchestrator database authentication |
| phariadataorchestrator.server.config.persistence.visibility.sql.secretName | string |
| |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| rabbitmq.auth.password | string |
| |
| rabbitmq.auth.username | string |
| |
| rabbitmq.enabled | bool |
| |
| rabbitmq.loadDefinition.enabled | bool |
| |
| rabbitmq.loadDefinition.existingSecret | string |
| |
| rabbitmqConfig.defaultLoadDefinitionsSecret | string |
|
The load definitions secret must hold the RabbitMQ topology configuration. |
| rabbitmqConfig.defaultSecret | string |
|
Default secret name is used to create a secret if |
| rabbitmqConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with RabbitMQ values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| rabbitmqConfig.external.loadDefinitionsSecret | string |
|
The load definitions secret name |
| rabbitmqConfig.external.rabbitmqUser | string |
|
The user of the RabbitMQ |
| rabbitmqConfig.external.rabbitmqUserPassword | string |
|
The password of the user of RabbitMQ |
| rabbitmqConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the host of the RabbitMQ |
| rabbitmqConfig.secretKeys.portKey | string |
|
The key in the secret that contains the port of the RabbitMQ |
| rabbitmqConfig.secretKeys.userKey | string |
|
The key in the secret that contains the user of the RabbitMQ |
| rabbitmqConfig.secretKeys.userPasswordKey | string |
|
The key in the secret that contains the password of the RabbitMQ |
| secret.serviceUserToken | string |
| |
| serviceUserSecret | string |
| |
| serviceUserSecretKey | string |
| |
| storageConfig.externalBucket.defaultSecret | string |
|
Default secret name is used to create a secret if |
| storageConfig.externalBucket.external.existingSecret | string |
| |
| storageConfig.externalBucket.external.existingSecret | string |
|
Set this value if a k8s Secret with storage values already exists. Make sure that all the keys exist in the secret with a valid value. |
| storageConfig.externalBucket.secretKeys.bucketNameKey | string |
| |
| storageConfig.externalBucket.secretKeys.bucketNameKey | string |
|
The key in the secret that contains the bucket name |
| storageConfig.externalBucket.secretKeys.bucketPasswordKey | string |
|
The key in the secret that contains the bucket password |
| storageConfig.externalBucket.secretKeys.bucketPasswordKey | string |
| |
| storageConfig.externalBucket.secretKeys.bucketUserKey | string |
| |
| storageConfig.externalBucket.secretKeys.bucketUserKey | string |
|
The key in the secret that contains the bucket user |
| storageConfig.internalBucket.defaultSecret | string |
|
Default secret name is used to create a secret if |
| storageConfig.internalBucket.external.existingSecret | string |
| |
| storageConfig.internalBucket.external.existingSecret | string |
|
Set this value if a k8s Secret with storage values already exists. Make sure that all the keys exist in the secret with a valid value. |
| storageConfig.internalBucket.secretKeys.bucketNameKey | string |
|
The key in the secret that contains the bucket name |
| storageConfig.internalBucket.secretKeys.bucketNameKey | string |
| |
| storageConfig.internalBucket.secretKeys.bucketPasswordKey | string |
| |
| storageConfig.internalBucket.secretKeys.bucketPasswordKey | string |
|
The key in the secret that contains the bucket password |
| storageConfig.internalBucket.secretKeys.bucketUserKey | string |
|
The key in the secret that contains the bucket user |
| storageConfig.internalBucket.secretKeys.bucketUserKey | string |
| |
| storageUrl | string |
|
The storageUrl is used to configure the internal and external storages. If the storageUrl is not provided, the internal storage will be used. |
| storageUrl | string |
|
pharia-finetuning
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the |
| fullnameOverride | string |
|
Set this to override the fully qualified name for Pharia Finetuning |
| ingress | object |
|
Configure external access to Pharia finetuning API |
| ingress.annotations | object |
|
Annotations for the Ingress resource. This can be used to add ingress controller specific annotations |
| ingress.enabled | bool |
|
Set this to true to set up an Ingress for Pharia finetuning API |
| ingress.ingressSubdomain | string |
|
Hostname for the Ingress (without domain). The domain is read from |
| ingress.tls | object |
|
Configure TLS for this Ingress |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| ingress.tls.existingSecret | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| kuberay-operator | object |
|
Configuration of kuberay operator. See https://github.com/ray-project/kuberay/blob/master/helm-chart/kuberay-operator/values.yaml for available values. |
| minio | object |
|
Configuration of built-in S3 storage. It is recommended to disable the built-in storage for production installations and connect to an external S3 storage instead. |
| minio.enabled | bool |
|
Set to false to disable built-in storage |
| minio.persistence.size | string |
|
Disk space allocated to storage |
| mlflow | object |
|
Configuration of the MLFlow server used for experiment tracking. |
| mlflow.externalDatabase | object |
|
Configuration of external database |
| mlflow.externalDatabase.database | string |
|
Database name |
| mlflow.externalDatabase.dialectDriver | string |
|
Database Dialect(+Driver) |
| mlflow.externalDatabase.existingSecret | string |
|
Name of an existing secret resource containing the database credentials. |
| mlflow.externalDatabase.existingSecretPasswordKey | string |
|
Name of an existing secret key containing the database credentials |
| mlflow.externalDatabase.host | string |
|
Database host |
| mlflow.externalDatabase.port | int |
|
Database port |
| mlflow.externalDatabase.user | string |
|
Database user |
| mlflow.externalS3 | object |
|
Configuration of external object store |
| mlflow.externalS3.bucket | string |
|
S3 bucket |
| mlflow.externalS3.existingSecret | string |
|
Name of an existing secret resource containing the S3 credentials |
| mlflow.externalS3.existingSecretAccessKeyIDKey | string |
|
Name of an existing secret key containing the S3 access key ID |
| mlflow.externalS3.existingSecretKeySecretKey | string |
|
Name of an existing secret key containing the S3 access key secret |
| mlflow.externalS3.host | string |
|
S3 host |
| mlflow.externalS3.port | int |
|
S3 port |
| mlflow.externalS3.protocol | string |
|
S3 protocol |
| mlflow.minio | object |
|
Configuration of sandbox object store. Not recommended for production environments. |
| mlflow.minio.enabled | bool |
|
Set to false for production environments and configure externalS3 instead |
| mlflow.postgresql | object |
|
Configuration of sandbox postgres database. Not recommended for production environments. |
| mlflow.postgresql.enabled | bool |
|
Set to false for production environments and configure externalDatabase instead |
| rayCluster | object |
|
Configuration of the distributed training framework |
| storageConfig | object |
|
Configuration of S3 storage used to store base model weights and finetuning artifacts like checkpoints. When using the built-in storage, this configuration can stay untouched. |
| storageConfig.fromSecret | object |
|
Provide credentials as a k8s secret for access to external S3 storage. When providing credentails in plaintext, this section can stay untouched and |
| storageConfig.fromSecret.secretKeys | object |
|
Provide the keys within the k8s secret under which to find bucket name, username, password, endoint URL and region |
| storageConfig.fromSecret.secretName | string |
|
Name of the k8s secret that holds the S3 credentials. This secret is expected to exist when this helm chart is installed. |
| storageConfig.fromValues | object |
|
Provide credentials to external S3 storage in plaintext. When providing credentials via a k8s secret, this section can stay untouched and |
pharia-iam
| Key | Type | Default | Description |
|---|---|---|---|
| api | object |
|
Internal API configuration |
| api.ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| api.ingress.enabled | bool |
|
Enabled ingress creation |
| api.ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| api.ingress.tls.secretName | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| config | object |
|
IAM configuration |
| config.adminEmail | string |
|
Email of initial user |
| config.adminEnableDirectUserManagement | bool |
|
Enable direct access to user management console for initial admin account. Enable if PhariaOs console is not used, but user management is needed. |
| config.adminEnableZitadelManagement | bool |
|
Enable direct access to internal identity provider - only needed to configure advanced features such as self-signup or user federation |
| config.adminPassword | string |
|
Init password of initial user. To be valid it requires to have 10-70 characters, including at least one uppercase letter, one lowercase letter, and one digit. User will need to change this password on the first login. @schema type: - string - null @schema |
| config.adminUserName | string |
|
initial user name |
| config.defaultRolesForLogin | list |
|
Configure the default roles for a user that registers via SSO or self sign up |
| enabled | bool |
|
Set this to true to install the pharia-iam subchart as a dependency |
| externallyManagedGroups | list |
|
Example: [ "group1", "group2" ] |
| image | object |
|
Image of API and configuration job |
| ingress | object |
|
Ingress configuration for Zitadel (including login endpoints) |
| ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| openFgaDatabaseConfig.defaultSecret | string |
| |
| openFgaDatabaseConfig.external.existingSecret | string |
|
A postgres connection URI for the secret to create. This overwrites all other values, if set. Otherwise, the uri is build from the above values. |
| openFgaDatabaseConfig.external.uri | string |
| |
| openFgaDatabaseConfig.secretKeys.passwordKey | string |
| |
| openFgaDatabaseConfig.secretKeys.uriKey | string |
| |
| openFgaPostgresql.auth.password | string |
|
If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| openFgaPostgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| openfga | object |
|
OpenFGA Service Configuration |
| openfga.datastore.migrations.resources | object |
|
Specify resources for the migration job |
| openfga.datastore.uriSecret | string |
|
Secret with key "uri" containing the connection string to the database connection string for OpenFGA. Format: |
| openfga.resources | object |
|
Specify resources for the openfga service |
| zitadelDatabaseConfig.external | object |
|
Provide an existing database if you want to use an external database |
| zitadelDatabaseConfig.external.databaseName | string |
|
The name of the database |
| zitadelDatabaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| zitadelDatabaseConfig.external.host | string |
|
The host of the database |
| zitadelDatabaseConfig.external.password | string |
|
The password of the database |
| zitadelDatabaseConfig.external.port | string |
|
The port of the database |
| zitadelDatabaseConfig.external.user | string |
|
The user of the database |
| zitadelDatabaseConfig.secretKeys.databaseNameKey | string |
|
The key in the secret that contains the database name |
| zitadelDatabaseConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the host of the database |
| zitadelDatabaseConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the password of the database |
| zitadelDatabaseConfig.secretKeys.portKey | string |
|
The key in the secret that contains the port of the database |
| zitadelDatabaseConfig.secretKeys.userKey | string |
|
The key in the secret that contains the user of the database |
| zitadelPostgresql.auth.password | string |
|
If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| zitadelPostgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
pharia-kernel
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the |
| envVars | object |
|
Define additional environment variables. Use |
| fullnameOverride | string |
|
Set this to override the fully qualified name for PhariaKernel |
| ingress | object |
|
Configure external access to PhariaKernel |
| ingress.annotations | object |
|
Annotations for the Ingress resource. This can be used to add ingress controller specific annotations |
| ingress.enabled | bool |
|
Set this to true to set up an Ingress for PhariaKernel |
| ingress.ingressSubdomain | string |
|
Hostname for the Ingress (without domain). The domain is read from |
| ingress.tls | object |
|
Configure TLS for this Ingress |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| ingress.tls.existingSecret | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| logLevel | string |
|
Set the log level for PhariaKernel. This does not affect other targets, where errors are always logged. The options are:
|
| namespaces | object |
|
Configure the namespaces for PhariaKernel. Each namespace needs to be explicitly defined. The name of each namespace can be specified in camelCase, and is converted to kebab-case when deployed. Example: Each of the value can alternatively be provided as environment variables, which is highly encouraged for providing the credentials: |
| openTelemetryEndpoint | string |
|
OpenTelemetry endpoint for sending traces. This field provides fallback support for backward compatibility. When global.openTelemetry.endpoint is not set, this value will be used instead. For new deployments, use global.openTelemetry.endpoint instead. |
| openTelemetrySamplingRatio | string |
|
OpenTelemetry sampling ratio for trace collection. This field provides fallback support for backward compatibility. When global.openTelemetry.samplingRatio is not set, this value will be used instead. For new deployments, use global.openTelemetry.samplingRatio instead. |
| resources | object |
|
Specify how much of each resource PhariaKernel needs. The recommended resources are set as the default. As the requirements are highly usage-dependent, adjust them as necessary. Schema: https://github.com/yannh/kubernetes-json-schema/blob/master/master-standalone-strict/resourcerequirements.json See also: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| serviceMonitor | object |
|
Enable the ServiceMonitor that targets PhariaKernel |
pharia-numinous
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the |
| fullnameOverride | string |
|
Set this to override the fully qualified name for Pharia Catch API |
| ingress.enabled | bool |
| |
| ingress.tls.enabled | bool |
| |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| secret | object |
|
Allows to populate the secret identified by 'pharia-numinous.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-numinous.serviceUserSecret' for more information. |
| serviceUserSecret | string |
|
The name of a secret containing the service user token used by the pharia-numinous for sending embedding requests to the inference. This allows to connect the pharia-numinous to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-numinous.secret.serviceUserToken'. This can be left undefined if the pharia-numinous is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret. |
pharia-oauth-gateway
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig | object |
|
Default database configuration for the pharia-oauth-gaetway service access postgres database |
| databaseConfig.external | object |
|
Provide an existing database if you want to use an external database |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| enabled | bool |
|
Set this to true to install the pharia-oauth-gateway subchart as a dependency |
| fullnameOverride | string |
|
Default nameOverride of the application |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
|
pharia-reloader
| Key | Type | Default | Description |
|---|---|---|---|
| pharia-reloader | object |
|
Set this to true to install the |
pharia-studio-api
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig | object |
|
Default database configuration for the pharia-studio-api service access postgres database |
| databaseConfig.external | object |
|
Provide an existing database if you want to use an external database |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| enabled | bool |
|
Set this to true to install the pharia-studio-api subchart as a dependency |
| fullnameOverride | string |
|
Default nameOverride of the application |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
| |
| serviceUserSecret | string |
|
Needed for creation of relations in IAM |
pharia-studio-ui
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
| |
| fullnameOverride | string |
| |
| ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.hostname | string |
|
Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| phariaStudioAPISchema | string |
|
Internal cluster communication with pharia-studio-api. This is the default value. https can be set if the internal communication is over https. |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
|
pharia-temporal
| Key | Type | Default | Description |
|---|---|---|---|
| pharia-temporal | object |
|
Temporal is a workflow orchestration platform that manages long-running business processes. It provides durable execution, fault tolerance, and observability for distributed systems. |
| enabled | bool |
|
Set this to true to install the |
| temporal | object |
|
Set this to override the fully qualified name for Pharia Temporal UI |
| temporal.ingress | object |
|
Ingress configuration for the Temporal server |
| temporal.ingress.enabled | bool |
|
Enable ingress creation for the Temporal server API This exposes the Temporal gRPC and HTTP APIs externally |
| temporal.server | object |
|
Temporal server configuration |
| temporal.server.config.namespaces | object |
|
Temporal namespace configuration |
| temporal.server.config.namespaces.create | bool |
|
Whether to create namespaces automatically |
| temporal.server.config.namespaces.namespace | list |
|
List of namespaces to create |
| temporal.server.config.namespaces.namespace[0] | object |
|
Pharia Data namespace for ETL workflows |
| temporal.server.config.namespaces.namespace[0].retention | string |
|
Data retention period for this namespace After this period, completed workflows are automatically deleted |
| temporal.server.config.namespaces.namespace[1] | object |
|
Pharia Numinous namespace for AI workflows |
| temporal.server.config.namespaces.namespace[1].retention | string |
|
Data retention period for this namespace |
| temporal.server.config.namespaces.namespace[2] | object |
|
Pharia OAuth Gateway namespace for authentication workflows |
| temporal.server.config.namespaces.namespace[2].retention | string |
|
Data retention period for this namespace |
| temporal.server.config.numHistoryShards | int |
|
Number of history shards for Temporal This determines the parallelism for history operations. Higher values provide better performance but require more resources. Must be a power of 2. Default is 1024 for production workloads. |
| temporal.server.config.persistence | object |
|
Persistence configuration for Temporal data storage |
| temporal.server.config.persistence.default | object |
|
Default store configuration for Temporal's main data |
| temporal.server.config.persistence.default.driver | string |
|
Storage driver type (sql, cassandra, etc.) |
| temporal.server.config.persistence.default.sql.database | string |
|
Database name for Temporal's main data |
| temporal.server.config.persistence.default.sql.driver | string |
|
PostgreSQL driver version |
| temporal.server.config.persistence.default.sql.existingSecret | string |
|
Existing secret containing database credentials If provided, the secret should contain keys: username, password |
| temporal.server.config.persistence.default.sql.host | string |
|
Database host |
| temporal.server.config.persistence.default.sql.maxConnLifetime | string |
|
Maximum lifetime of a database connection |
| temporal.server.config.persistence.default.sql.maxConns | int |
|
Maximum number of database connections in the pool |
| temporal.server.config.persistence.default.sql.maxIdleConns | int |
|
Maximum number of idle connections in the pool |
| temporal.server.config.persistence.default.sql.password | string |
|
Database password Leave empty to use the existingSecret password |
| temporal.server.config.persistence.default.sql.port | int |
|
Database port |
| temporal.server.config.persistence.default.sql.user | string |
|
Database username Leave empty to use the existingSecret username |
| temporal.server.config.persistence.visibility | object |
|
Visibility store configuration for Temporal's visibility data This store is used for workflow and execution visibility queries |
| temporal.server.config.persistence.visibility.driver | string |
|
Storage driver type (sql, cassandra, etc.) |
| temporal.server.config.persistence.visibility.sql.database | string |
|
Database name for Temporal's visibility data |
| temporal.server.config.persistence.visibility.sql.driver | string |
|
PostgreSQL driver version |
| temporal.server.config.persistence.visibility.sql.existingSecret | string |
|
Existing secret containing database credentials If provided, the secret should contain keys: username, password |
| temporal.server.config.persistence.visibility.sql.host | string |
|
Database host |
| temporal.server.config.persistence.visibility.sql.maxConnLifetime | string |
|
Maximum lifetime of a database connection |
| temporal.server.config.persistence.visibility.sql.maxConns | int |
|
Maximum number of database connections in the pool |
| temporal.server.config.persistence.visibility.sql.maxIdleConns | int |
|
Maximum number of idle connections in the pool |
| temporal.server.config.persistence.visibility.sql.password | string |
|
Database password Leave empty to use the existingSecret password |
| temporal.server.config.persistence.visibility.sql.port | int |
|
Database port |
| temporal.server.config.persistence.visibility.sql.secretName | string |
|
Alternative secret name for visibility store Use this if you need different credentials for the visibility store |
| temporal.server.config.persistence.visibility.sql.user | string |
|
Database username Leave empty to use the existingSecret username |
| temporal.web | object |
|
Web UI configuration for Temporal |
| temporal.web.ingress.enabled | bool |
|
Enable ingress creation for the Temporal Web UI This provides a web interface to monitor and manage workflows |
pharia-transcribe
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the pharia-transcribe subchart as a dependency |
| fullnameOverride | string |
|
pharia-translate
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the pharia-translate subchart as a dependency |
| fullnameOverride | string |
| |
| resources.limits.cpu | string |
| |
| resources.limits.memory | string |
| |
| resources.requests.cpu | string |
| |
| resources.requests.memory | string |
| |
| server.resources.limits."nvidia.com/gpu" | int |
| |
| server.resources.limits.cpu | string |
| |
| server.resources.limits.memory | string |
| |
| server.resources.requests.cpu | string |
| |
| server.resources.requests.memory | string |
| |
| server.tolerations | list |
| |
| tolerations | list |
|
feature-flags
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool |
|
Set this to true to install the feature-flags subchart as a dependency |
| fullnameOverride | string |
| |
| provider.local.existingConfigMap | string |
|
Provide an existing ConfigMap with the key "feature-flags.json". |
phariaos-manager
| Key | Type | Default | Description |
|---|---|---|---|
| applicationsProxy.additionalAllowedOrigins | list |
|
Environment variables for the applications proxy. |
| applicationsProxy.enabled | bool |
|
Enable usecases (applications) proxy server. It is responsible for redirecting requests into the targeted usecases. |
| applicationsProxy.ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. Some ingress classes limits body size allowed in requests. Therefore, override the annotations value if the application requires large files to be uploaded. Example for nginx ingress class: |
| applicationsProxy.ingress.enabled | bool |
|
Enable ingress creation |
| applicationsProxy.ingress.ingressSubdomain | string |
|
Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| applicationsProxy.ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| clusterRole.enabled | bool |
|
Enable cluster role creation for phariaos-manager. When enabled, the chart will create the necessary ClusterRole and ClusterRoleBinding for hardware discovery and model management. Set to false if you want to use your own cluster role(s). Note: The cluster role(s) must be bound to the phariaos-manager and kserve-controller-manager ServiceAccounts to grant cluster-wide permissions. |
| clusterRole.enabled | bool |
|
Enable cluster role creation for phariaos-manager. When enabled, the chart will create the necessary ClusterRole and ClusterRoleBinding for hardware discovery and model management. Set to false if you want to use your own cluster role(s). Note: The cluster role(s) must be bound to the phariaos-manager and kserve-controller-manager ServiceAccounts to grant cluster-wide permissions. See cluster role binding files in charts/phariaos-manager/templates/ and charts/phariaos-manager/charts/kserve/templates/ for required permissions. |
| databaseConfig.external | object |
|
Provide an existing database if you want to use an external database |
| databaseConfig.external.existingSecret | string |
|
Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the databaseConfig.secretKeys exists in the secret with a valid value. |
| databaseConfig.secretKeys.databaseNameKey | string |
|
The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string |
|
The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string |
|
The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string |
|
The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string |
|
The key in the secret that contains the user of the database |
| enabled | bool |
|
Set this to true to install the phariaos-manager subchart as a dependency |
| fullnameOverride | string |
|
Set this to override the full name of the phariaos-manager |
| ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.ingressSubdomain | string |
|
Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| kserve.clusterRole | object |
|
Cluster role configuration for KServe (references phariaos-manager.clusterRole). |
| kserve.clusterRole.enabled | bool |
|
Enable cluster role creation for phariaos-manager. When enabled, the chart will create the necessary ClusterRole and ClusterRoleBinding for hardware discovery and model management. Set to false if you want to use your own cluster role(s). Note: The cluster role(s) must be bound to the phariaos-manager and kserve-controller-manager ServiceAccounts to grant cluster-wide permissions. See cluster role binding files in charts/phariaos-manager/templates/ and charts/phariaos-manager/charts/kserve/templates/ for required permissions. |
| kserve.controller.serviceAccount.create | bool |
|
Specifies whether a service account should be created |
| kserve.controller.serviceAccount.name | string |
|
The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| kserve.enabled | bool |
|
Enable Dynamic Model Management. Model deployment is done using KServe. |
| kserve.storage | object |
|
Model weights downloading configuration for model deployment. |
| kserve.storage.http | object |
|
HTTP storage configuration to download Aleph Alpha model weights from Aleph Alpha artifactory. |
| kserve.storage.http.existingSecret | string |
|
Existing secret to use for HTTP storage. |
| kserve.storage.http.secretKeys | object |
|
Secret keys for HTTP storage. |
| kserve.storage.http.token | string |
|
If not using existing secret, provide token for HTTP storage. |
| kserve.storage.huggingFace | object |
|
HuggingFace storage configuration for model weights downloading. |
| kserve.storage.huggingFace.enabled | bool |
|
Enable HuggingFace storage configuration for model weights downloading. |
| kserve.storage.huggingFace.existingSecret | string |
|
Existing secret to use for HuggingFace storage. |
| kserve.storage.huggingFace.secretKeys | object |
|
Secret keys for HuggingFace storage. |
| kserve.storage.huggingFace.token | string |
|
If not using existing secret, provide token for HuggingFace storage. |
| kserve.storage.s3.accessKeyId | string |
|
If not using existing secret, provide access key id for S3 storage. |
| kserve.storage.s3.enabled | bool |
|
Enable S3 storage configuration for model weights downloading. |
| kserve.storage.s3.endpoint | string |
|
If not using existing secret, provide endpoint for S3 storage. |
| kserve.storage.s3.existingSecret | string |
|
Existing secret to use for S3 storage. |
| kserve.storage.s3.region | string |
|
If not using existing secret, provide region for S3 storage. |
| kserve.storage.s3.secretAccessKey | string |
|
If not using existing secret, provide secret access key for S3 storage. |
| kserve.storage.s3.secretKeys | object |
|
Secret keys for S3 storage. |
| kserve.storage.s3.secretKeys.accessKeyId | string |
|
The secret key for access key id of the S3 storage. |
| kserve.storage.s3.secretKeys.endpoint | string |
|
The secret key for endpoint of the S3 storage. |
| kserve.storage.s3.secretKeys.region | string |
|
The secret key for region of the S3 storage. |
| kserve.storage.s3.secretKeys.secretAccessKey | string |
|
The secret key for secret access key of the S3 storage. |
| postgresql.auth.existingSecret | string |
| |
| postgresql.auth.password | string |
|
If internal PostgreSQL is used, either password or existingSecret, has to be provided for setup of application authentication |
| postgresql.enabled | bool |
|
This is used to indicate whether the internal PostgreSQL should be used or not. |
| serviceAccount.create | bool |
|
Specifies whether a service account should be created |
| serviceAccount.name | string |
|
The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
| serviceMonitor.enabled | bool |
|
Enable Prometheus service monitor for phariaos-manager |
| usecase.annotations | object |
|
Annotations for the Deployment resource. |
| usecase.container | object |
|
Security context for the usecase container. |
| usecase.container.volumeMounts | list |
|
Custom volume mounts for usecase container |
| usecase.enabled | bool |
|
Enable usecases creation and deployment in phariaos-manager API. |
| usecase.imagePullSecretName | string |
|
DEPRECATED: Use |
| usecase.imagePullSecrets | list |
|
Secrets to authenticate container registry to pull/verify usecase images. Make sure the secrets are in the Release namespace! |
| usecase.pod | object |
|
Security context for the usecase pod. |
| usecase.pod.securityContext.runAsGroup | int |
|
Run as group with provided gid |
| usecase.pod.securityContext.runAsUser | int |
|
Run as user with provided uid |
| usecase.pod.volumes | list |
|
Custom volumes for usecase pods |
| usecase.serviceMonitor.enabled | bool |
|
Enable Prometheus service monitor for usecases deployed by phariaos-manager |
phariaos-ui
| Key | Type | Default | Description |
|---|---|---|---|
| app.enableCredentialManagement | bool |
|
Set this to enable API Credential Management |
| enabled | bool |
|
Set this to true to install the phariaos-ui subchart as a dependency |
| fullnameOverride | string |
|
Set this to override the full name of the phariaos-ui |
| ingress.annotations | object |
|
Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool |
|
Enabled ingress creation |
| ingress.ingressSubdomain | string |
|
Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool |
|
Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string |
|
The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
Maintainers
| Name | Url | |
|---|---|---|
| PhariaAI | phariaai@aleph-alpha.com |