values.yaml
global:
image:
repository: registry.datasapience.ru/klmg/llm/llm
tag: 3.2.0
service:
deploymentStrategy:
type: Recreate
enabled: true
name: kolmogorov-llm
image:
repository: "{{ .Values.global.image.repository }}"
tag: "{{ .Values.global.image.tag }}"
service:
port: "8000"
ingress:
enabled: true
uriPrefix: /extension/llm/api(/|$)(.*)
pathType: ImplementationSpecific
host: "kolmogorov" # Change to your host
baseDomain: "k8s.datasapience.ru" # Change to your domain
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
resources:
limits:
cpu: 1024m
memory: 2048Mi
requests:
cpu: 100m
memory: 100Mi
vaultSecrets: []
secrets:
- name: kolmogorov-llm-secret
data:
- name: TZ
value: 'Europe/Moscow'
- name: ENV
value: "PROD"
# FastAPI
- name: TITLE
value: "Kolmogorov.ai | LLM"
- name: ROOT_PATH
value: '/extension/llm/api'
# Database
- name: DB_SCHEMA
value: klmg_llm
- name: DB_URL
value: "postgresql://postgres:postgres@kolmogorov-llm-postgresql:5432/postgres"
# Execute
- name: WORKER_CONFIG_PATH
value: /app/faststream/broker.config.json
- name: PROJECT_AGENT_PWD
value: '/app/project/agent'
# Playground
- name: PLAYGROUND_AGENT_PATH
value: '/app/project/agent'
- name: PLAYGROUND_SHARE_PATH
value: '/app/playground/share'
# RBAC
- name: ROLE_DEFAULT
value: "llm"
- name: ROLE_ADMIN
value: "llm_admin"
- name: ROLE_ADUDIT
value: "llm_audit"
# Trace
- name: LANGFUSE_PUBLIC_KEY
value: "LANGFUSE_PUBLIC_KEY"
- name: LANGFUSE_SECRET_KEY
value: "LANGFUSE_SECRET_KEY"
- name: LANGFUSE_HOST
value: "LANGFUSE_HOST"
# Keycloak
- name: KEYCLOAK_VERIFY
value: "False"
- name: KEYCLOAK_URL
value: "https://keycloak/auth"
- name: KEYCLOAK_REALM
value: "dev"
- name: KEYCLOAK_CLIENT_ID
value: "client"
- name: KEYCLOAK_CLIENT_SECRET
value: "client-secret"
- name: KEYCLOAK_ADMIN_USERNAME
value: "keycloak"
- name: KEYCLOAK_ADMIN_PASSWORD
value: "keycloak-secret"
extra_vars:
- secret: kolmogorov-llm-keycloak-secret
- secret: kolmogorov-llm-secret
configMaps:
- name: kolmogorov-llm-worker-config-map
data:
- broker.config.json: |
{
"url": "redis://default:redis@kolmogorov-llm-redis-master:6379"
}
command:
- /bin/sh
- -c
args:
- |
gunicorn klmg_llm.services.api.app:app \
--workers=2 \
--worker-class=uvicorn.workers.UvicornWorker \
--bind=0.0.0.0:8000 \
--timeout=600 \
--reuse-port
init:
containers:
db-init:
image:
repository: "{{ .Values.global.image.repository }}"
tag: "{{ .Values.global.image.tag }}"
pullPolicy: Always
command:
- /bin/sh
- -c
args:
- |
python -m klmg_llm.services.migration.upgrade
python -m klmg_llm.services.playground.init
resources:
limits:
cpu: 256m
memory: 256Mi
requests:
cpu: 100m
memory: 100Mi
persistentVolumes:
- name: llm-project
mountPath: /app/project
volumeClaim:
storageClass: nfs
size: 1024Mi
accessMode: ReadWriteMany
- name: llm-playground
mountPath: /app/playground
volumeClaim:
storageClass: nfs
size: 10Gi
accessMode: ReadWriteMany
- name: kolmogorov-llm-worker-config-map
configMap: kolmogorov-llm-worker-config-map
mountPath: /app/faststream
items:
- key: broker.config.json
path: broker.config.json
securityContext:
runAsNonRoot: true
runAsUser: 9999
runAsGroup: 9999
podSecurityContext:
fsGroup: 9999
service-worker:
deploymentStrategy:
type: Recreate
enabled: true
name: kolmogorov-llm-worker
image:
repository: "{{ .Values.global.image.repository }}"
tag: "{{ .Values.global.image.tag }}"
service:
port: "8000"
ingress:
enabled: false
resources:
limits:
cpu: 1024m
memory: 4096Mi
requests:
cpu: 100m
memory: 100Mi
extra_vars:
- secret: kolmogorov-llm-keycloak-secret
- secret: kolmogorov-llm-secret
command:
- /bin/sh
- -c
args:
- |
faststream run klmg_llm.services.worker.app:app \
--workers 5
persistentVolumes:
- name: llm-project
mountPath: /app/project
existingVolumeClaim: true
- name: llm-playground
mountPath: /app/playground
existingVolumeClaim: true
- name: kolmogorov-llm-worker-config-map
configMap: kolmogorov-llm-worker-config-map
mountPath: /app/faststream
items:
- key: broker.config.json
path: broker.config.json
securityContext:
runAsNonRoot: true
runAsUser: 9999
runAsGroup: 9999
podSecurityContext:
fsGroup: 9999
service-worker-long:
deploymentStrategy:
type: Recreate
enabled: false
name: kolmogorov-llm-worker-long
image:
repository: "{{ .Values.global.image.repository }}"
tag: "{{ .Values.global.image.tag }}"
service:
port: "8000"
ingress:
enabled: false
resources:
limits:
cpu: 1024m
memory: 2048Mi
requests:
cpu: 100m
memory: 100Mi
extra_vars:
- secret: kolmogorov-llm-keycloak-secret
- secret: kolmogorov-llm-secret
- name: WORKER_NAME
value: "long"
command:
- /bin/sh
- -c
args:
- |
faststream run klmg_llm.services.worker.app:app \
--workers 5
persistentVolumes:
- name: llm-project
mountPath: /app/project
existingVolumeClaim: true
- name: llm-playground
mountPath: /app/playground
existingVolumeClaim: true
- name: kolmogorov-llm-worker-config-map
configMap: kolmogorov-llm-worker-config-map
mountPath: /app/faststream
items:
- key: broker.config.json
path: broker.config.json
securityContext:
runAsNonRoot: true
runAsUser: 9999
runAsGroup: 9999
podSecurityContext:
fsGroup: 9999
postgresql:
enabled: true
fullnameOverride: kolmogorov-llm-postgresql
auth:
postgresPassword: postgres
username: postgres
password: postgres
database: postgres
primary:
service:
type: NodePort
persistence:
size: 1Gi
resources:
limits:
cpu: 256m
memory: 256Mi
requests:
cpu: 100m
memory: 100Mi
initdb:
scripts:
init_schema.sh: |
#!/bin/sh
PGPASSWORD=postgres psql -U postgres -d postgres -c 'CREATE SCHEMA IF NOT EXISTS klmg_llm'
redis:
fullnameOverride: kolmogorov-llm-redis
auth:
enabled: true
password: redis
master:
persistence:
enabled: false
extraEnvVars:
- name: TZ
value: "Europe/Moscow"
resources:
limits:
cpu: 150m
memory: 150Mi
requests:
cpu: 30m
memory: 100Mi
architecture: standalone