pharia-ai
PhariaAI Helm Chart
This document provides an overview of the chart dependencies and configurable Helm chart values for PhariaAI. It covers global configurations, detailed dependency settings, image pull credentials, PostgreSQL settings, and resource management options, offering a comprehensive guide for deploying and customizing PhariaAI.
Requirements
| Repository | Name | Version |
|---|---|---|
| oci://alephalpha.jfrog.io/helm/assistant | pharia-assistant | 0.5.282 |
| oci://alephalpha.jfrog.io/helm/assistant | pharia-assistant-api | 0.13.12 |
| oci://alephalpha.jfrog.io/helm | document-index | 0.25.4 |
| oci://alephalpha.jfrog.io/helm | document-index-ui | 0.3.4 |
| oci://alephalpha.jfrog.io/helm | inference-api | 0.11.5 |
| oci://alephalpha.jfrog.io/helm | inference-worker | 0.7.30 |
| oci://alephalpha.jfrog.io/helm | pharia-data-api | 0.23.5 |
| oci://alephalpha.jfrog.io/helm | pharia-finetuning | 0.5.10 |
| oci://alephalpha.jfrog.io/helm | pharia-iam | 0.13.117 |
| oci://alephalpha.jfrog.io/helm | pharia-kernel | 0.2.24 |
| oci://alephalpha.jfrog.io/helm/pharia-studio | pharia-studio-api | 0.16.12 |
| oci://alephalpha.jfrog.io/helm/pharia-studio | pharia-studio-ui | 0.14.23 |
| oci://alephalpha.jfrog.io/helm | pharia-transcribe | 0.1.8 |
| oci://alephalpha.jfrog.io/helm | pharia-translate | 0.3.6 |
| oci://alephalpha.jfrog.io/helm/phariaos | phariaos-manager | 0.17.0 |
| oci://alephalpha.jfrog.io/helm/phariaos | phariaos-ui | 0.14.0 |
Values
Global
| Key | Type | Default | Description |
|---|---|---|---|
| global.imagePullOpaqueSecretName | string | "aleph-alpha-oci-registry-opaque" | Default PhariaAI Secret name as an Opaque secret. Override name for existing image pull secret if required |
| global.imagePullSecretName | string | "aleph-alpha-oci-registry" | Default PhariaAI Secret name to pull images from Aleph Alpha artifactory. Override name for existing image pull secret if required |
| global.inference.enabled | bool | true | Activate deployment of Pharia AA inference stack (inference-api, inference-worker) |
| global.inferenceApiServicesSecretRef | string | "inference-api-services" | Secret to be used to authenticate inference api services. See inferenceApiServices for more info. |
| global.ingress | object | {"additionalAnnotations":{},"ingressClassName":"nginx","ingressDomain":"pharia-ai.local"} | Global config for all ingress resources |
| global.ingress.ingressClassName | string | "nginx" | The ingressClassName globally defined for all ingress resources ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource Override possible on sub-chart level: |
| global.ingress.ingressDomain | string | "pharia-ai.local" | Domain for external access / ingress to services via |
| global.permissionModel | object | {"AssistantUser":[{"permission":"ExecuteTextJobs"},{"permission":"KernelAccess"},{"model":null,"permission":"ModelAccess"},{"namespace":"Assistant","permission":"AccessNamespace"},{"permission":"AccessDataPlatform"},{"permission":"AccessAssistant"},{"permission":"OsReadUsecase"}],"Client":[{"permission":"ExecuteJobs"},{"model":null,"permission":"AccessModel"}],"EtlServiceUser":[{"namespace":"Studio","permission":"AccessNamespace"},{"namespace":"Assistant","permission":"AccessNamespace"},{"permission":"AccessDataPlatform"}],"InferenceServiceUser":[{"permission":"ExecuteJobs"},{"permission":"ExecuteTextJobs"},{"permission":"CreateSteeringConcepts"},{"permission":"ReadSteeringConcepts"},{"permission":"DeleteSteeringConcepts"},{"model":null,"permission":"AccessModel"}],"OsUser":[{"permission":"OsReadUsecase"},{"permission":"OsWriteUsecase"},{"permission":"OsReadHardware"},{"permission":"OsReadModels"},{"permission":"KernelAccess"}],"StudioUser":[{"permission":"ExecuteJobs"},{"permission":"KernelAccess"},{"model":null,"permission":"AccessModel"},{"namespace":"Studio","permission":"AccessNamespace"},{"permission":"AccessDataPlatform"},{"permission":"AccessStudio"},{"permission":"AccessFinetuning"},{"permission":"OsReadUsecase"},{"permission":"OsWriteUsecase"}],"UseCaseServiceUser":[{"permission":"ExecuteJobs"},{"model":null,"permission":"AccessModel"},{"namespace":"Studio","permission":"AccessNamespace"},{"namespace":"Assistant","permission":"AccessNamespace"},{"permission":"KernelAccess"}]} | Permission model (Roles to Permissions) used in the PhariaAI stack |
| global.permissionSchemaConfigMapName | string | "pharia-ai-permissions" | Default PhariaAI Config Map for setting permission model |
| global.phariaAIConfigMap | string | "pharia-ai-config" | Default PhariaAI ConfigMap for setting environment variables |
| global.phariaAiEdition | string | "1" | Default PhariaAI edition <-- Will be dropped soon once we have coordinated with all customers |
| global.phariaAiFeatureSet | string | "1" | Default PhariaAI feature set |
General
| Key | Type | Default | Description |
|---|---|---|---|
| imagePullCredentials.password | string | "" | Password to login into artifactory registry |
| imagePullCredentials.registry | string | "alephalpha.jfrog.io" | Aleph Alpha artifactory registry |
| imagePullCredentials.username | string | "" | Username to login into artifactory registry |
Sub charts
pharia-assistant
| Key | Type | Default | Description |
|---|---|---|---|
| pharia-assistant-api.databaseConfig.external | object | {"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""} | Provide an existing database if you want to use an external database |
| pharia-assistant-api.databaseConfig.external.databaseName | string | "" | The name of the database |
| pharia-assistant-api.databaseConfig.external.existingSecret | string | "" | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| pharia-assistant-api.databaseConfig.external.host | string | "" | The host of the database |
| pharia-assistant-api.databaseConfig.external.password | string | "" | The password of the database |
| pharia-assistant-api.databaseConfig.external.port | string | "" | The port of the database |
| pharia-assistant-api.databaseConfig.external.user | string | "" | The user of the database |
| pharia-assistant-api.databaseConfig.secretKeys.databaseNameKey | string | "databaseName" | The key in the secret that contains the database name |
| pharia-assistant-api.databaseConfig.secretKeys.hostKey | string | "host" | The key in the secret that contains the host of the database |
| pharia-assistant-api.databaseConfig.secretKeys.passwordKey | string | "password" | The key in the secret that contains the password of the database |
| pharia-assistant-api.databaseConfig.secretKeys.portKey | string | "port" | The key in the secret that contains the port of the database |
| pharia-assistant-api.databaseConfig.secretKeys.userKey | string | "user" | The key in the secret that contains the user of the database |
| pharia-assistant-api.enabled | bool | true | Set this to true to install the pharia-assistant-api subchart as a dependency |
| pharia-assistant-api.env.APPLICATION_NAME | string | "Assistant" | The name of the application to be displayed in the top bar |
| pharia-assistant-api.favicon | object | {"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K"} | The favicon used in the assistant can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat favicon.svg | base64 in a terminal. The svg value takes precedence over the png value |
| pharia-assistant-api.favicon.png | string | "" | The base64 encoded favicon.png |
| pharia-assistant-api.favicon.svg | string | "PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K" | The base64 encoded favicon.svg |
| pharia-assistant-api.featureFlags | object | {"enableHomepage":true,"enableQa":true,"enableSummarize":true,"enableTranslate":true} | Feature flags for pharia-assistant-api |
| pharia-assistant-api.featureFlags.enableHomepage | bool | true | Enable homepage |
| pharia-assistant-api.featureFlags.enableQa | bool | true | Enable QA feature |
| pharia-assistant-api.featureFlags.enableSummarize | bool | true | Enable summarize feature |
| pharia-assistant-api.featureFlags.enableTranslate | bool | true | Enable translate feature |
| pharia-assistant-api.fullnameOverride | string | "pharia-assistant-api" | Override for the full name of pharia-assistant-api |
| pharia-assistant-api.logo | object | {"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K"} | The logo used in the assistant can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat logo.svg | base64 in a terminal. The svg value takes precedence over the png value |
| pharia-assistant-api.logo.png | string | "" | The base64 encoded logo.png |
| pharia-assistant-api.logo.svg | string | "PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K" | The base64 encoded logo.svg |
| pharia-assistant-api.postgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| pharia-assistant-api.postgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
| pharia-assistant-api.redis.auth.existingSecret | string | "" | |
| pharia-assistant-api.redis.auth.password | string | "" | Either password or existingSecret has to be set if redis.enabled = true |
| pharia-assistant-api.redis.enabled | bool | true | Indicate whether the internal Redis should be used. |
| pharia-assistant-api.redisConfig.external | object | {"existingSecret":"","host":"my-redis","password":"redispassword","port":"6379"} | Note: If not using any Redis at all, please leave the default values untouched for now. |
| pharia-assistant-api.resources.limits.cpu | string | "1000m" | |
| pharia-assistant-api.resources.limits.memory | string | "8Gi" | |
| pharia-assistant-api.resources.requests.cpu | string | "500m" | |
| pharia-assistant-api.resources.requests.memory | string | "8Gi" | |
| pharia-assistant-api.secret | object | {"serviceUserToken":""} | Allows to populate the secret identified by 'pharia-assistant-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-assistant-api.serviceUserSecret' for more information. |
| pharia-assistant-api.serviceUserSecret | string | "pharia-iam-service-user-pharia-assistant-api" | The name of a secret containing the service user token used by the pharia-assistant-api for sending requests to the inference. This allows to connect the pharia-assistant-api to an externally running inference. The secret must contain the field apiToken. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-assistant-api.secret'. |
| pharia-assistant-api.worker.enabled | bool | false | Requires a running Redis instance. |
| enabled | bool | true | Set this to true to install the pharia-assistant subchart as a dependency |
| fullnameOverride | string | "pharia-assistant" | Override for the full name of pharia-assistant |
| ingress.annotations | object | {} | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | true | Enabled ingress creation |
| ingress.hostname | string | "assistant" | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | "pharia-assistant-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| resources.limits.cpu | string | "500m" | |
| resources.limits.memory | string | "256Mi" | |
| resources.requests.cpu | string | "100m" | |
| resources.requests.memory | string | "256Mi" |
pharia-assistant-api
| Key | Type | Default | Description |
|---|---|---|---|
| databaseConfig.external | object | {"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""} | Provide an existing database if you want to use an external database |
| databaseConfig.external.databaseName | string | "" | The name of the database |
| databaseConfig.external.existingSecret | string | "" | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| databaseConfig.external.host | string | "" | The host of the database |
| databaseConfig.external.password | string | "" | The password of the database |
| databaseConfig.external.port | string | "" | The port of the database |
| databaseConfig.external.user | string | "" | The user of the database |
| databaseConfig.secretKeys.databaseNameKey | string | "databaseName" | The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string | "host" | The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string | "password" | The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string | "port" | The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string | "user" | The key in the secret that contains the user of the database |
| enabled | bool | true | Set this to true to install the pharia-assistant-api subchart as a dependency |
| env.APPLICATION_NAME | string | "Assistant" | The name of the application to be displayed in the top bar |
| favicon | object | {"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K"} | The favicon used in the assistant can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat favicon.svg | base64 in a terminal. The svg value takes precedence over the png value |
| favicon.png | string | "" | The base64 encoded favicon.png |
| favicon.svg | string | "PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHN0eWxlPgogICAgQG1lZGlhIChwcmVmZXJzLWNvbG9yLXNjaGVtZTpkYXJrKXtwYXRoe2ZpbGw6I2ZmZn19CiAgPC9zdHlsZT4KICA8cGF0aCBkPSJtMzQuNjcgMTA2LjQzLTUuNTUtMTMuNTVBMTkuMTQgMTkuMTQgMCAwIDAgMjkgNTcuNDJsNS40Ny0xMy41OWEzMy43OCAzMy43OCAwIDAgMSAuMiA2Mi42Wm0yMi45MyAxNy4xMi04LjY4LTExLjhhNDUuMjggNDUuMjggMCAwIDAgOC42MS04LjI3TDY5IDExMi42MmE1OS44MiA1OS44MiAwIDAgMS0xMS40IDEwLjkzWiIvPgogIDxwYXRoIGQ9Ik04Mi4yMyA3NS4xN2E2MC4zNyA2MC4zNyAwIDAgMC0yNC42NC00OC4zOWwtOC42OCAxMS44MWE0NS42MyA0NS42MyAwIDAgMSAxOC42OCAzNi41OCA2MC4yOCA2MC4yOCAwIDAgMCAyNC40OCA0OC4zOGw4LjY4LTExLjhhNDUuNiA0NS42IDAgMCAxLTE4LjUyLTM2LjU4Wm05Ljg1LTI4LjIzLTExLjQ3LTkuMTJhNjAuMTQgNjAuMTQgMCAwIDEgMTEuOTQtMTEuMzdsOC41NiAxMS44OGE0NS41IDQ1LjUgMCAwIDAtOS4wMyA4LjYxWk0xMTUgMTA2LjUyYTM0LjMyIDM0LjMyIDAgMCAxLS4yOS02Mi41Mmw2LjEgMTMuMzJhMTkuNjggMTkuNjggMCAwIDAgLjE5IDM1LjgzWiIvPgo8L3N2Zz4K" | The base64 encoded favicon.svg |
| featureFlags | object | {"enableHomepage":true,"enableQa":true,"enableSummarize":true,"enableTranslate":true} | Feature flags for pharia-assistant-api |
| featureFlags.enableHomepage | bool | true | Enable homepage |
| featureFlags.enableQa | bool | true | Enable QA feature |
| featureFlags.enableSummarize | bool | true | Enable summarize feature |
| featureFlags.enableTranslate | bool | true | Enable translate feature |
| fullnameOverride | string | "pharia-assistant-api" | Override for the full name of pharia-assistant-api |
| logo | object | {"png":"","svg":"PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K"} | The logo used in the assistant can be customized by providing the contents of a logo.svg or logo.png file as a base64 encoded string. This can be created by executing cat logo.svg | base64 in a terminal. The svg value takes precedence over the png value |
| logo.png | string | "" | The base64 encoded logo.png |
| logo.svg | string | "PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNzgiIHdpZHRoPSI3OCIgdmlld0JveD0iMjQgMjQgMTAyIDEwMiI+CiAgPHBhdGggZD0ibTM0LjY3IDEwNi40My01LjU1LTEzLjU1QTE5LjE0IDE5LjE0IDAgMCAwIDI5IDU3LjQybDUuNDctMTMuNTlhMzMuNzggMzMuNzggMCAwIDEgLjIgNjIuNlptMjIuOTMgMTcuMTItOC42OC0xMS44YTQ1LjI4IDQ1LjI4IDAgMCAwIDguNjEtOC4yN0w2OSAxMTIuNjJhNTkuODIgNTkuODIgMCAwIDEtMTEuNCAxMC45M1oiIC8+CiAgPHBhdGggZD0iTTgyLjIzIDc1LjE3YTYwLjM3IDYwLjM3IDAgMCAwLTI0LjY0LTQ4LjM5bC04LjY4IDExLjgxYTQ1LjYzIDQ1LjYzIDAgMCAxIDE4LjY4IDM2LjU4IDYwLjI4IDYwLjI4IDAgMCAwIDI0LjQ4IDQ4LjM4bDguNjgtMTEuOGE0NS42IDQ1LjYgMCAwIDEtMTguNTItMzYuNThabTkuODUtMjguMjMtMTEuNDctOS4xMmE2MC4xNCA2MC4xNCAwIDAgMSAxMS45NC0xMS4zN2w4LjU2IDExLjg4YTQ1LjUgNDUuNSAwIDAgMC05LjAzIDguNjFaTTExNSAxMDYuNTJhMzQuMzIgMzQuMzIgMCAwIDEtLjI5LTYyLjUybDYuMSAxMy4zMmExOS42OCAxOS42OCAwIDAgMCAuMTkgMzUuODNaIiAvPgo8L3N2Zz4K" | The base64 encoded logo.svg |
| postgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| postgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
| redis.auth.existingSecret | string | "" | |
| redis.auth.password | string | "" | Either password or existingSecret has to be set if redis.enabled = true |
| redis.enabled | bool | true | Indicate whether the internal Redis should be used. |
| redisConfig.external | object | {"existingSecret":"","host":"my-redis","password":"redispassword","port":"6379"} | Note: If not using any Redis at all, please leave the default values untouched for now. |
| resources.limits.cpu | string | "1000m" | |
| resources.limits.memory | string | "8Gi" | |
| resources.requests.cpu | string | "500m" | |
| resources.requests.memory | string | "8Gi" | |
| secret | object | {"serviceUserToken":""} | Allows to populate the secret identified by 'pharia-assistant-api.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'pharia-assistant-api.serviceUserSecret' for more information. |
| serviceUserSecret | string | "pharia-iam-service-user-pharia-assistant-api" | The name of a secret containing the service user token used by the pharia-assistant-api for sending requests to the inference. This allows to connect the pharia-assistant-api to an externally running inference. The secret must contain the field apiToken. It can either be pre-existing or the chart creates it for you with the value defined in 'pharia-assistant-api.secret'. |
| worker.enabled | bool | false | Requires a running Redis instance. |
document-index
| Key | Type | Default | Description |
|---|---|---|---|
| document-index-ui.enabled | bool | true | |
| document-index-ui.ingress.annotations | object | {} | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| document-index-ui.ingress.enabled | bool | true | Enable ingress creation |
| document-index-ui.ingress.hostname | string | "document-index-ui" | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| document-index-ui.ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| document-index-ui.ingress.tls.secretName | string | "document-index-ui-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| document-index-ui.resources.limits.cpu | string | "100m" | |
| document-index-ui.resources.limits.memory | string | "1Gi" | |
| document-index-ui.resources.requests.cpu | string | "50m" | |
| document-index-ui.resources.requests.memory | string | "128Mi" | |
| enabled | bool | true | Set this to true to install the document-index subchart as a dependency |
| fullnameOverride | string | "document-index" | |
| ingress.enabled | bool | true | Enabled ingress creation |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| postgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| postgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
| secret | object | {"serviceUserToken":""} | Allows to populate the secret identified by 'document-index.serviceUserSecret' through this helm-chart. The secret must contain the field apiToken. See 'document-index.serviceUserSecret' for more information. |
| serviceUserSecret | string | "pharia-iam-service-user-document-index" | The name of a secret containing the service user token used by the document-index for sending embedding requests to the inference. This allows to connect the document-index to an externally running inference. The secret must contain the field token. It can either be pre-existing or the chart creates it for you with the value defined in 'document-index.secret.serviceUserToken'. This can be left undefined if the document-index is connected to the internal inference (deployed through this helm-chart). In that case use this auto-generated secret. |
| sparse-embedding-service.defaultLanguage | string | "english" | The language to default to if language detection fails. |
| sparse-embedding-service.languageDetectors | string | "english,german" | The language detectors to load. Set this to the languages you want to support. Supported values: "arabic,basque,catalan,danish,dutch,english,finnish,french,german, greek,hungarian,indonesian,italian,norwegian,portuguese,romanian,russian,spanish, swedish,turkish" |
document-index-ui
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool | true | |
| ingress.annotations | object | {} | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | true | Enable ingress creation |
| ingress.hostname | string | "document-index-ui" | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | "document-index-ui-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| resources.limits.cpu | string | "100m" | |
| resources.limits.memory | string | "1Gi" | |
| resources.requests.cpu | string | "50m" | |
| resources.requests.memory | string | "128Mi" |
inference-api
| Key | Type | Default | Description |
|---|---|---|---|
| admin.email | string | "tools@aleph-alpha.com" | Email of the admin user to create on startup |
| admin.emailKey | string | "email" | The email key in the secret |
| admin.existingSecret | string | "" | Existing secret to use instead of email/password. |
| admin.password | string | "" | Initial password of the admin user. If no existing external secret is provided via admin.existingSecret, a password value has to be applied during installation |
| admin.passwordKey | string | "password" | The password key in the secret |
| databaseConfig.defaultSecret | string | "inference-api-postgresql-secret" | Default secret name is used to create a secret if external.existingSecret is not provided. |
| databaseConfig.external | object | {"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""} | Provide an existing database if you want to use an external database |
| databaseConfig.external.databaseName | string | "" | The name of the database |
| databaseConfig.external.existingSecret | string | "" | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| databaseConfig.external.host | string | "" | The host of the database |
| databaseConfig.external.password | string | "" | The password of the database |
| databaseConfig.external.port | string | "" | The port of the database |
| databaseConfig.external.user | string | "" | The user of the database |
| databaseConfig.secretKeys.databaseNameKey | string | "databaseName" | The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string | "host" | The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string | "password" | The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string | "port" | The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string | "user" | The key in the secret that contains the user of the database |
| enableOIDC | bool | true | Use OIDC in addition to built-in tokens |
| enableUnauthenticatedAccess | bool | false | Set this to true to disable all token validation in the inference api |
| fullnameOverride | string | "pharia-ai-inference-api" | |
| inferenceApiServices.existingSecret | string | "" | Name of an existing inferenceApiServices secret. If you want to provide your own secret, set this to the name of your secret. Keep in mind to set global.inferenceApiServicesSecretRef to the same name if an existing secret is used. The secret is expected to have a key-value-pair with key secret. |
| inferenceApiServices.secret | string | "" | Manually added services secret If no existing external secret is provided via inferenceApiServices.existingSecret, a secret value has to be applied during installation |
| ingress.annotations | object | {} | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | true | Enabled ingress creation |
| ingress.hostname | string | "inference-api" | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | "inference-api-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| jwt.existingSecret | string | "" | Name of an existing jwt secret to use The secret is expected to have a key-value-pair with key secret. |
| jwt.secret | string | "" | Manually added jwt secret If no existing external secret is provided via jwt.existingSecret, a secret value has to be applied during installation |
| models | object | {"llama-3.1-8b-instruct":{"adapter_name":null,"aligned":true,"bias_name":null,"chat_template":{"bos_token":"<|begin_of_text|>","eos_token":"<|end_of_text|>","template":"{% set loop_messages = messages %}{% for message in loop_messages %}{% set content = '<|start_header_id|>' + message['role'] + '<|end_header_id|>\n\n'+ message['content'] | trim + '<|eot_id|>' %}{% if loop.index0 == 0 %}{% set content = bos_token + content %}{% endif %}{{ content }}{% endfor %}{{ '<|start_header_id|>assistant<|end_header_id|>\n\n' }}"},"checkpoint":"llama-3.1-8b-instruct","completion_type":"full","description":"🦙 Llama 3.1 8B instruct version. The maximum number of completion tokens is limited to 8192 tokens.","embedding_type":"raw","experimental":false,"maximum_completion_tokens":8192,"multimodal_enabled":false,"prompt_template":"<|begin_of_text|>{% for message in messages %}<|start_header_id|>{{message.role}}<|end_header_id|>\n\n{% promptrange instruction %}{{message.content}}{% endpromptrange %}<|eot_id|>{% endfor %}<|start_header_id|>assistant<|end_header_id|>\n\n{% if response_prefix %}{{response_prefix}}{% endif %}","softprompt_name":null,"worker_type":"luminous"},"luminous-base":{"adapter_name":null,"aligned":false,"bias_name":null,"chat_template":null,"checkpoint":"luminous-base","completion_type":"full","description":"Multilingual model trained on English, German, French, Spanish and Italian","embedding_type":"semantic","experimental":false,"maximum_completion_tokens":8192,"multimodal_enabled":true,"prompt_template":"{% promptrange instruction %}{{instruction}}{% endpromptrange %}\n{% if input %}\n{% promptrange input %}{{input}}{% endpromptrange %}\n{% endif %}","semantic_embedding_enabled":true,"softprompt_name":null,"worker_type":"luminous"}} | Provides model information to the inference-api. This does not mean that a worker is actually serving this model. The other way around is also not true: A worker serving this model currently does not mean it is visible to the user of the api, it also needs to be registered here. Overriding this value merges the values with the ones already given. If you want to overwrite all models use inference-api.modelsOverride. |
| modelsOverride | object | {} | See inference-api.models. |
| postgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| postgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
| resources.limits.cpu | string | "1" | |
| resources.limits.memory | string | "8Gi" | |
| resources.requests.cpu | string | "1" | |
| resources.requests.memory | string | "1Gi" |
inference-worker
| Key | Type | Default | Description |
|---|---|---|---|
| checkpoints[0].generator.pipeline_parallel_size | int | 1 | |
| checkpoints[0].generator.tensor_parallel_size | int | 1 | |
| checkpoints[0].generator.tokenizer_path | string | "luminous-base-2022-04/alpha-001-128k.json" | |
| checkpoints[0].generator.type | string | "luminous" | |
| checkpoints[0].generator.weight_set_directories[0] | string | "luminous-base-2022-04" | |
| checkpoints[0].modelVolumeClaim | string | "models-luminous-base" | |
| checkpoints[0].queue | string | "luminous-base" | |
| checkpoints[0].replicas | int | 1 | |
| checkpoints[1].generator.pipeline_parallel_size | int | 1 | |
| checkpoints[1].generator.tensor_parallel_size | int | 1 | |
| checkpoints[1].generator.tokenizer_path | string | "llama-3.1-8b-instruct/tokenizer.json" | |
| checkpoints[1].generator.type | string | "luminous" | |
| checkpoints[1].generator.weight_set_directories[0] | string | "llama-3.1-8b-instruct" | |
| checkpoints[1].modelVolumeClaim | string | "models-llama-3.1-8b-instruct" | |
| checkpoints[1].queue | string | "llama-3.1-8b-instruct" | |
| checkpoints[1].replicas | int | 1 | |
| fullnameOverride | string | "pharia-ai-inference-worker" | |
| resources.limits.cpu | string | "4" | |
| resources.limits.memory | string | "8Gi" | |
| resources.requests.cpu | string | "1" | |
| resources.requests.memory | string | "4Gi" | |
| tolerations | list | [] |
pharia-data-api
| Key | Type | Default | Description |
|---|---|---|---|
| enabled | bool | true | Set this to true to install the pharia-data-api subchart as a dependency |
| fullnameOverride | string | "pharia-data-api" | |
| ingress.enabled | bool | true | Enabled ingress creation locally |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| minio.enabled | bool | true | |
| minio.fullnameOverride | string | "minio-data" | |
| postgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| postgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
| rabbitmq.auth.password | string | "" | |
| rabbitmq.auth.username | string | "user" | |
| rabbitmq.enabled | bool | true | |
| rabbitmq.loadDefinition.enabled | bool | false | |
| rabbitmq.loadDefinition.existingSecret | string | "pharia-data-api-rabbitmq-load-definitions-secret" | |
| rabbitmqConfig.defaultLoadDefinitionsSecret | string | "pharia-data-api-rabbitmq-load-definitions-secret" | The load definitions secret must hold the RabbitMQ topology configuration. |
| rabbitmqConfig.defaultSecret | string | "pharia-data-api-rabbitmq-secret" | Default secret name is used to create a secret if external.existingSecret is not provided. |
| rabbitmqConfig.external.existingSecret | string | "" | Set this value if a k8s Secret with RabbitMQ values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| rabbitmqConfig.external.loadDefinitionsSecret | string | "" | The load definitions secret name |
| rabbitmqConfig.external.rabbitmqUser | string | "" | The user of the RabbitMQ |
| rabbitmqConfig.external.rabbitmqUserPassword | string | "" | The password of the user of RabbitMQ |
| rabbitmqConfig.secretKeys.hostKey | string | "rabbitmq-host" | The key in the secret that contains the host of the RabbitMQ |
| rabbitmqConfig.secretKeys.portKey | string | "rabbitmq-port" | The key in the secret that contains the port of the RabbitMQ |
| rabbitmqConfig.secretKeys.userKey | string | "rabbitmq-username" | The key in the secret that contains the user of the RabbitMQ |
| rabbitmqConfig.secretKeys.userPasswordKey | string | "rabbitmq-password" | The key in the secret that contains the password of the RabbitMQ |
| secret.serviceUserToken | string | "" | |
| serviceUserSecret | string | "pharia-iam-service-user-pharia-data-etl" | |
| serviceUserSecretKey | string | "" | |
| storageConfig.externalBucket.defaultSecret | string | "pharia-data-api-external-storage-secret" | Default secret name is used to create a secret if external.existingSecret is not provided. |
| storageConfig.externalBucket.external.existingSecret | string | "" | Set this value if a k8s Secret with storage values already exists. Make sure that all the keys exist in the secret with a valid value. |
| storageConfig.externalBucket.secretKeys.bucketNameKey | string | "bucketName" | The key in the secret that contains the bucket name |
| storageConfig.externalBucket.secretKeys.bucketPasswordKey | string | "bucketPassword" | The key in the secret that contains the bucket password |
| storageConfig.externalBucket.secretKeys.bucketUserKey | string | "bucketUser" | The key in the secret that contains the bucket user |
| storageConfig.internalBucket.defaultSecret | string | "pharia-data-api-internal-storage-secret" | Default secret name is used to create a secret if external.existingSecret is not provided. |
| storageConfig.internalBucket.external.existingSecret | string | "" | Set this value if a k8s Secret with storage values already exists. Make sure that all the keys exist in the secret with a valid value. |
| storageConfig.internalBucket.secretKeys.bucketNameKey | string | "bucketName" | The key in the secret that contains the bucket name |
| storageConfig.internalBucket.secretKeys.bucketPasswordKey | string | "bucketPassword" | The key in the secret that contains the bucket password |
| storageConfig.internalBucket.secretKeys.bucketUserKey | string | "bucketUser" | The key in the secret that contains the bucket user |
| storageUrl | string | "" | The storageUrl is used to configure the internal and external storages. If the storageUrl is not provided, the internal storage will be used. |
| tasks.enabled | bool | true |
pharia-finetuning
| Key | Type | Default | Description |
|---|---|---|---|
| aim | object | {"ingress":{"annotations":{},"enabled":false,"hostname":"pharia-aim","ingressClassName":"","tls":{"enabled":true,"secretName":"pharia-aim-tls"}},"storageClassName":""} | Configuration of the experiment tracker |
| aim.ingress | object | {"annotations":{},"enabled":false,"hostname":"pharia-aim","ingressClassName":"","tls":{"enabled":true,"secretName":"pharia-aim-tls"}} | Configure external access to Pharia finetuning Aim UI |
| aim.ingress.annotations | object | {} | Annotations for the Ingress resource. This can be used to add ingress controller specific annotations |
| aim.ingress.enabled | bool | false | Set this to true to set up an Ingress for Pharia finetuning Aim UI Warning: The UI does support auth at the moment. |
| aim.ingress.hostname | string | "pharia-aim" | Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain |
| aim.ingress.ingressClassName | string | "" | Ingress class to be used to the ingress of the experiment tracking framework. If unset, global.ingress.ingressClassName will be used. This is value is to be deprecated as soon as authentication is implemented. |
| aim.ingress.tls | object | {"enabled":true,"secretName":"pharia-aim-tls"} | Configure TLS for this Ingress |
| aim.ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| aim.ingress.tls.secretName | string | "pharia-aim-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| aim.storageClassName | string | "" | Storage class to be used for PVC |
| enabled | bool | true | Set this to true to install the pharia-finetuning subchart as a dependency. |
| finetuningApi | object | {"ingress":{"annotations":{},"enabled":true,"hostname":"pharia-finetuning-api","tls":{"enabled":true,"secretName":"pharia-finetuning-api-tls"}}} | Configuration of the Finetuning API |
| finetuningApi.ingress | object | {"annotations":{},"enabled":true,"hostname":"pharia-finetuning-api","tls":{"enabled":true,"secretName":"pharia-finetuning-api-tls"}} | Configure external access to Pharia finetuning API |
| finetuningApi.ingress.annotations | object | {} | Annotations for the Ingress resource. This can be used to add ingress controller specific annotations |
| finetuningApi.ingress.enabled | bool | true | Set this to true to set up an Ingress for Pharia finetuning API |
| finetuningApi.ingress.hostname | string | "pharia-finetuning-api" | Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain |
| finetuningApi.ingress.tls | object | {"enabled":true,"secretName":"pharia-finetuning-api-tls"} | Configure TLS for this Ingress |
| finetuningApi.ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| finetuningApi.ingress.tls.secretName | string | "pharia-finetuning-api-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| fullnameOverride | string | "pharia-finetuning" | Set this to override the fully qualified name for Pharia Finetuning |
| kuberay-operator | object | {} | Configuration of kuberay operator. See https://github.com/ray-project/kuberay/blob/master/helm-chart/kuberay-operator/values.yaml for available values. |
| minio | object | {"enabled":true,"fullnameOverride":"pharia-finetuning-minio","nameOverride":"pharia-finetuning-minio","persistence":{"size":"1Ti"}} | Configuration of built-in S3 storage. It is recommended to disable the built-in storage for production installations and connect to an external S3 storage instead. |
| minio.enabled | bool | true | Set to false to disable built-in storage |
| minio.persistence.size | string | "1Ti" | Disk space allocated to storage |
| rayCluster | object | {"workerGroups":{"cpu-group":{"maxReplicas":4,"nodeSelector":{},"tolerations":[]},"gpu-group":{"maxReplicas":4,"nodeSelector":{},"tolerations":[]}}} | Configuration of the distributed training framework |
| storageConfig | object | {"fromSecret":{"secretKeys":{"bucketNameKey":"bucketName","endpointUrlKey":"endpointUrl","passwordKey":"bucketPassword","regionKey":"region","userKey":"bucketUser"},"secretName":""},"fromValues":{"bucketName":"","endpointUrl":"","password":"","region":"","user":""}} | Configuration of S3 storage used to store base model weights and finetuning artifacts like checkpoints. When using the built-in storage, this configuration can stay untouched. |
| storageConfig.fromSecret | object | {"secretKeys":{"bucketNameKey":"bucketName","endpointUrlKey":"endpointUrl","passwordKey":"bucketPassword","regionKey":"region","userKey":"bucketUser"},"secretName":""} | Provide credentials as a k8s secret for access to external S3 storage. When providing credentails in plaintext, this section can stay untouched and fromValues should be adjusted. |
| storageConfig.fromSecret.secretKeys | object | {"bucketNameKey":"bucketName","endpointUrlKey":"endpointUrl","passwordKey":"bucketPassword","regionKey":"region","userKey":"bucketUser"} | Provide the keys within the k8s secret under which to find bucket name, username, password, endoint URL and region |
| storageConfig.fromSecret.secretName | string | "" | Name of the k8s secret that holds the S3 credentials. This secret is expected to exist when this helm chart is installed. |
| storageConfig.fromValues | object | {"bucketName":"","endpointUrl":"","password":"","region":"","user":""} | Provide credentials to external S3 storage in plaintext. When providing credentials via a k8s secret, this section can stay untouched and fromSecret should be adjusted. |
pharia-iam
| Key | Type | Default | Description |
|---|---|---|---|
| api | object | {"ingress":{"annotations":{},"enabled":false,"tls":{"enabled":true,"secretName":"pharia-iam-api-tls"}}} | Internal API configuration |
| api.ingress.annotations | object | {} | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| api.ingress.enabled | bool | false | Enabled ingress creation |
| api.ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| api.ingress.tls.secretName | string | "pharia-iam-api-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| config | object | {"adminEmail":"admin@localhost","adminEnableDirectUserManagement":false,"adminEnableZitadelManagement":false,"adminPassword":null,"adminUserName":"admin","defaultRolesForLogin":["AssistantUser"],"serviceUsers":{"document-index":{"description":"Initial service user for the Document Index","name":"Document Index","ownedResources":["document_index_namespace"],"roles":["InferenceServiceUser"]},"pharia-assistant-api":{"description":"Initial service user for the Pharia Assistant API","name":"Pharia Assistant API","roles":["InferenceServiceUser"]},"pharia-data-etl":{"description":"Initial service user for the Pharia Data ETL","name":"Pharia Data ETL","roles":["EtlServiceUser"]},"pharia-os":{"description":"Initial service user for Pharia OS","name":"Pharia OS","roles":["InferenceServiceUser"]},"pharia-studio":{"description":"Service user for studio to upload relations and check privileges","name":"Pharia Studio","ownedResources":["project"],"roles":["StudioUser"]},"use-cases":{"description":"One service user for all use cases as intermediate solution until authentication can be dynamically generated.","name":"Use Case Service User","roles":["UseCaseServiceUser"]}}} | IAM configuration |
| config.adminEmail | string | "admin@localhost" | Email of initial user |
| config.adminEnableDirectUserManagement | bool | false | Enable direct access to user management console for initial admin account. Enable if PhariaOs console is not used, but user management is needed. |
| config.adminEnableZitadelManagement | bool | false | Enable direct access to internal identity provider - only needed to configure advanced features such as self-signup or user federation |
| config.adminPassword | string | nil | Init password of initial user. To be valid it requires to have 10-70 characters, including at least one uppercase letter, one lowercase letter, and one digit. User will need to change this password on the first login. @schema type: - string - null @schema |
| config.adminUserName | string | "admin" | initial user name |
| config.defaultRolesForLogin | list | ["AssistantUser"] | Configure the default roles for a user that registers via SSO or self sign up |
| enabled | bool | true | Set this to true to install the pharia-iam subchart as a dependency |
| image | object | {"repository":"alephalpha.jfrog.io/pharia-iam/pharia-iam","tag":""} | Image of API and configuration job |
| ingress | object | {"annotations":{},"enabled":true,"tls":{"enabled":true,"secretName":"pharia-iam-tls"}} | Ingress configuration for Zitadel (including login endpoints) |
| ingress.annotations | object | {} | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | true | Enabled ingress creation |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | "pharia-iam-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| openFgaDatabaseConfig.defaultSecret | string | "pharia-iam-openfga-postgres-secret" | |
| openFgaDatabaseConfig.external.databaseName | string | "" | The name of the database for the secret to create |
| openFgaDatabaseConfig.external.existingSecret | string | "" | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure it has the key 'uri' with a valid value. There is a workaround for different keys, see below. |
| openFgaDatabaseConfig.external.host | string | "" | The host of the database for the secret to create |
| openFgaDatabaseConfig.external.password | string | "" | The password of the database for the secret to create |
| openFgaDatabaseConfig.external.port | string | "" | The port of the database for the secret to create |
| openFgaDatabaseConfig.external.uri | string | "" | A postgres connection URI for the secret to create. This overwrites all other values, if set. Otherwise, the uri is build from the above values. |
| openFgaDatabaseConfig.external.user | string | "" | The user of the database for the secret to create |
| openFgaDatabaseConfig.secretKeys.passwordKey | string | "password" | |
| openFgaDatabaseConfig.secretKeys.uriKey | string | "uri" | |
| openFgaPostgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| openFgaPostgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
| openfga | object | {"datastore":{"migrations":{"resources":{}},"uriSecret":"pharia-iam-openfga-postgres-secret"},"resources":{}} | OpenFGA Service Configuration |
| openfga.datastore.migrations.resources | object | {} | Specify resources for the migration job |
| openfga.datastore.uriSecret | string | "pharia-iam-openfga-postgres-secret" | Secret with key "uri" containing the connection string to the database connection string for OpenFGA. Format: postgres://user:password@host:port/database?flags. This name must be overwritten if an existing secret is used! |
| openfga.resources | object | {} | Specify resources for the openfga service |
| openfgaEnabled | bool | true | Enable OpenFGA for IAM. This will be mandatory for IAM to work in the future! |
| zitadelDatabaseConfig.external | object | {"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""} | Provide an existing database if you want to use an external database |
| zitadelDatabaseConfig.external.databaseName | string | "" | The name of the database |
| zitadelDatabaseConfig.external.existingSecret | string | "" | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| zitadelDatabaseConfig.external.host | string | "" | The host of the database |
| zitadelDatabaseConfig.external.password | string | "" | The password of the database |
| zitadelDatabaseConfig.external.port | string | "" | The port of the database |
| zitadelDatabaseConfig.external.user | string | "" | The user of the database |
| zitadelDatabaseConfig.secretKeys.databaseNameKey | string | "databaseName" | The key in the secret that contains the database name |
| zitadelDatabaseConfig.secretKeys.hostKey | string | "host" | The key in the secret that contains the host of the database |
| zitadelDatabaseConfig.secretKeys.passwordKey | string | "password" | The key in the secret that contains the password of the database |
| zitadelDatabaseConfig.secretKeys.portKey | string | "port" | The key in the secret that contains the port of the database |
| zitadelDatabaseConfig.secretKeys.userKey | string | "user" | The key in the secret that contains the user of the database |
| zitadelPostgresql.auth.password | string | "" | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| zitadelPostgresql.enabled | bool | true | This is used to indicate whether the internal PostgreSQL should be used or not. |
pharia-kernel
| Key | Type | Default | Description |
|---|---|---|---|
| defaultNamespaces | list | ["assistant"] | Specify the default namespaces for Pharia Kernel, which provide the default skills. |
If the default namespaces are configured, any duplicate namespaces in pharia-kernel.namespaces are ignored. |
For each default namespace, the following values need to be provided in the Pharia AI ConfigMap:
- NAMESPACES__
__CONFIG_URL: URL to the namespace configuration - NAMESPACES__
__REGISTRY: Skill registry of the namespace - NAMESPACES__
__BASE_REPOSITORY: Base repository of the namespace
The credentials for accessing the skill registries are retrieved from registryUser and registryPassword in
the Secret configured as global.imagePullOpaqueSecretName. |
| enabled | bool | true | Set this to true to install the pharia-kernel subchart as a dependency. |
| env | list | [] | Define additional environment variables.
This is required when namespace is added in pharia-kernel.namespaces.
Both env and envFrom fields are supported.
Schema: https://github.com/yannh/kubernetes-json-schema/blob/master/master-standalone-strict/envvar.json
See also: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/ |
| fullnameOverride | string | "pharia-kernel" | Set this to override the fully qualified name for Pharia Kernel |
| ingress | object | {"annotations":{},"enabled":true,"hostname":"pharia-kernel","tls":{"enabled":true,"secretName":"pharia-kernel-tls"}} | Configure external access to Pharia Kernel |
| ingress.annotations | object | {} | Annotations for the Ingress resource. This can be used to add ingress controller specific annotations |
| ingress.enabled | bool | true | Set this to true to set up an Ingress for Pharia Kernel |
| ingress.hostname | string | "pharia-kernel" | Hostname for the Ingress (without domain). The domain is read from global.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain |
| ingress.tls | object | {"enabled":true,"secretName":"pharia-kernel-tls"} | Configure TLS for this Ingress |
| ingress.tls.enabled | bool | true | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | "pharia-kernel-tls" | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| logLevel | string | "info" | Set the log level for Pharia Kernel.
This does not affect other targets, where errors are always logged.
The options are:
- error
- warn
- info
- debug
- trace
- off |
| namespaces | object |
{}| Configure the namespaces for Pharia Kernel. Each namespace needs to be explicitly defined. The name of each namespace can be specified in camelCase, and is converted to kebab-case when deployed.
Example:
# The Namespace name
playground:
# The URL to the corresponding namespace configuration TOML file
configUrl: "https://gitlab.aleph-alpha.de/api/v4/projects/123/repository/files/namespace.toml/raw?ref=main"
# The Container Registry that backs the skill registry for this namespace
registry: "registry.gitlab.aleph-alpha.de"
# The base repository in `registry` that backs the skill registry for this namespace
# This composes the final repository for each skill e.g. ${baseRepository}/${skillName}
baseRepository: "engineering/pharia-kernel-playground/skills"
Each of the value can alternatively be provided as environment variables, which is highly encouraged for providing the credentials:
# The access token for `configUrl`
NAMESPACES__PLAYGROUND__CONFIG_ACCESS_TOKEN
# The user name for accessing `registry`
NAMESPACES__PLAYGROUND__REGISTRY_USER
# The password or access token for accessing `registry`
NAMESPACES__PLAYGROUND__REGISTRY_PASSWORD
``` |
| openTelemetryEndpoint | string | `""` | Set the address of the OpenTelemetry protocol (OTLP) collector. No OpenTelemetry tracing subscriber is created if this is not set. Example: "https://tracing.aleph-alpha.com" |
| resources | object | `{}` | Specify how much of each resource Pharia Kernel needs. Schema: https://github.com/yannh/kubernetes-json-schema/blob/master/master-standalone-strict/resourcerequirements.json See also: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| serviceMonitor | object | `{"enabled":false}` | Enable the ServiceMonitor that targets Pharia Kernel |
#### pharia-studio-api
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| databaseConfig | object | `{"external":{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""},"secretKeys":{"databaseNameKey":"databaseName","hostKey":"host","passwordKey":"password","portKey":"port","userKey":"user"}}` | Default database configuration for the pharia-studio-api service access postgres database |
| databaseConfig.external | object | `{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}` | Provide an existing database if you want to use an external database |
| databaseConfig.external.databaseName | string | `""` | The name of the database |
| databaseConfig.external.existingSecret | string | `""` | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| databaseConfig.external.host | string | `""` | The host of the database |
| databaseConfig.external.password | string | `""` | The password of the database |
| databaseConfig.external.port | string | `""` | The port of the database |
| databaseConfig.external.user | string | `""` | The user of the database |
| databaseConfig.secretKeys.databaseNameKey | string | `"databaseName"` | The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string | `"host"` | The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string | `"password"` | The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string | `"port"` | The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string | `"user"` | The key in the secret that contains the user of the database |
| enabled | bool | `true` | Set this to true to install the pharia-studio-api subchart as a dependency |
| fullnameOverride | string | `"pharia-studio-api"` | Default nameOverride of the application |
| ingress.annotations | object | `{}` | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | `true` | Enabled ingress creation |
| ingress.hostname | string | `"pharia-studio-api"` | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | `true` | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | `"pharia-studio-api-tls"` | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| postgresql.auth.password | string | `""` | If internal PostgreSQL is used a dedicated password has to be provided for setup of application authentication |
| postgresql.enabled | bool | `true` | This is used to indicate whether the internal PostgreSQL should be used or not. |
| resources.limits.cpu | string | `"1"` | |
| resources.limits.memory | string | `"1Gi"` | |
| resources.requests.cpu | string | `"500m"` | |
| resources.requests.memory | string | `"1Gi"` | |
| serviceUserSecret | string | `"pharia-iam-service-user-pharia-studio"` | Needed for creation of relations in IAM |
#### pharia-studio-ui
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| enabled | bool | `true` | |
| fullnameOverride | string | `"pharia-studio"` | |
| ingress.annotations | object | `{}` | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | `true` | Enabled ingress creation |
| ingress.hostname | string | `"pharia-studio"` | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | `true` | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | `"pharia-studio-tls"` | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| phariaStudioAPISchema | string | `"http"` | Internal cluster communication with pharia-studio-api. This is the default value. https can be set if the internal communication is over https. |
| resources.limits.cpu | string | `"100m"` | |
| resources.limits.memory | string | `"256Mi"` | |
| resources.requests.cpu | string | `"50m"` | |
| resources.requests.memory | string | `"256Mi"` | |
#### pharia-transcribe
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| enabled | bool | `true` | Set this to true to install the pharia-transcribe subchart as a dependency |
| fullnameOverride | string | `"pharia-transcribe"` | |
| tolerations | list | `[]` | |
#### pharia-translate
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| client.resources.limits.cpu | string | `"1"` | |
| client.resources.limits.memory | string | `"1Gi"` | |
| client.resources.requests.cpu | string | `"100m"` | |
| client.resources.requests.memory | string | `"1Gi"` | |
| deployment | object | `{}` | |
| enabled | bool | `true` | Set this to true to install the pharia-translate subchart as a dependency |
| fullnameOverride | string | `"pharia-translate"` | |
| marianServer.resources.limits."nvidia.com/gpu" | int | `1` | |
| marianServer.resources.limits.cpu | string | `"1"` | |
| marianServer.resources.limits.memory | string | `"16Gi"` | |
| marianServer.resources.requests.cpu | string | `"100m"` | |
| marianServer.resources.requests.memory | string | `"16Gi"` | |
| nodeSelector | object | `{}` | |
| tolerations | list | `[]` | |
#### phariaos-manager
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| applicationsProxy.additionalAllowedOrigins | list | `[]` | Set this to specify extra origins that are permitted to make cross-origin requests under CORS settings. |
| applicationsProxy.enabled | bool | `true` | Enable usecases (applications) proxy server. It is responsible for redirecting requests into the targeted usecases. |
| applicationsProxy.fullnameOverride | string | `"pharia-os-applications-proxy"` | Set this to override the full name of the pharia-os-applications-proxy |
| applicationsProxy.ingress.annotations | object | `{}` | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. Some ingress classes limits body size allowed in requests. Therefore, override the annotations value if the application requires large files to be uploaded. Example for nginx ingress class: `nginx.ingress.kubernetes.io/proxy-body-size: 20m` |
| applicationsProxy.ingress.enabled | bool | `true` | Enable ingress creation |
| applicationsProxy.ingress.hostname | string | `"pharia-os-applications"` | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| applicationsProxy.ingress.tls.enabled | bool | `true` | Enable TLS configuration for this Ingress |
| applicationsProxy.ingress.tls.secretName | string | `"phariaos-applications-tls"` | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| clusterRole.enabled | bool | `true` | Enable the cluster role for the phariaos-manager to enable for hardware listing. |
| databaseConfig.external | object | `{"databaseName":"","existingSecret":"","host":"","password":"","port":"","user":""}` | Provide an existing database if you want to use an external database |
| databaseConfig.external.databaseName | string | `""` | The name of the database |
| databaseConfig.external.existingSecret | string | `""` | Set this value if a k8s Secret with PostgreSQL values already exists. Make sure that the all the keys exists in the secret with a valid value. |
| databaseConfig.external.host | string | `""` | The host of the database |
| databaseConfig.external.password | string | `""` | The password of the database |
| databaseConfig.external.port | string | `""` | The port of the database |
| databaseConfig.external.user | string | `""` | The user of the database |
| databaseConfig.secretKeys.databaseNameKey | string | `"databaseName"` | The key in the secret that contains the database name |
| databaseConfig.secretKeys.hostKey | string | `"host"` | The key in the secret that contains the host of the database |
| databaseConfig.secretKeys.passwordKey | string | `"password"` | The key in the secret that contains the password of the database |
| databaseConfig.secretKeys.portKey | string | `"port"` | The key in the secret that contains the port of the database |
| databaseConfig.secretKeys.userKey | string | `"user"` | The key in the secret that contains the user of the database |
| enabled | bool | `true` | Set this to true to install the phariaos-manager subchart as a dependency |
| fullnameOverride | string | `"pharia-os-manager"` | Set this to override the full name of the phariaos-manager |
| ingress.annotations | object | `{}` | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | `true` | Enabled ingress creation |
| ingress.hostname | string | `"pharia-os-manager"` | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | `true` | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | `"pharia-os-manager-tls"` | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
| postgresql.auth.password | string | `""` | If internal PostgreSQL is used, a dedicated password has to be provided for setup of application authentication |
| postgresql.enabled | bool | `true` | This is used to indicate whether the internal PostgreSQL should be used or not. |
| serviceMonitor.enabled | bool | `false` | Enable Prometheus service monitor for phariaos-manager |
| usecase.enabled | bool | `true` | Enable usecases creation and deployment in phariaos-manager API. |
| usecase.imagePullSecretName | string | `""` | DEPRECATED: Use `imagePullSecrets` instead. This will be removed in a future release. |
| usecase.imagePullSecrets | list | `[]` | Secrets to authenticate container registry to pull/verify usecase images. Make sure the secrets are in the Release namespace! |
| usecase.serviceMonitor.enabled | bool | `false` | Enable Prometheus service monitor for usecases deployed by phariaos-manager |
#### phariaos-ui
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| enabled | bool | `true` | Set this to true to install the phariaos-ui subchart as a dependency |
| fullnameOverride | string | `"pharia-os"` | Set this to override the full name of the phariaos-ui |
| ingress.annotations | object | `{}` | Annotations for the ingress-resource. This can be used to add ingress controller specific annotations. |
| ingress.enabled | bool | `true` | Enabled ingress creation |
| ingress.hostname | string | `"pharia-os"` | Hostname for the ingress (without domain). The domain is read from global.ingress.ingressDomain. This needs to be changed, if multiple instances are deployed to the same cluster using the same domain. |
| ingress.tls.enabled | bool | `true` | Enable TLS configuration for this Ingress |
| ingress.tls.secretName | string | `"pharia-os-tls"` | The name of the secret containing the TLS certificate. See also: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls |
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| PhariaAI | <phariaai@aleph-alpha.com> | |