diff --git a/helm/.helmignore b/helm/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/helm/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 000000000..4dd5af1ac --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ragflow +description: A Helm chart for deploying RAGFlow on Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "dev" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 000000000..8afe440d1 --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ragflow.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ragflow.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ragflow.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ragflow.labels" -}} +helm.sh/chart: {{ include "ragflow.chart" . }} +{{ include "ragflow.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ragflow.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ragflow.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ragflow.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ragflow.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/templates/elasticsearch-config.yaml b/helm/templates/elasticsearch-config.yaml new file mode 100644 index 000000000..a43eabef4 --- /dev/null +++ b/helm/templates/elasticsearch-config.yaml @@ -0,0 +1,13 @@ +{{- if eq .Values.env.DOC_ENGINE "elasticsearch" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "ragflow.fullname" . }}-es-config +data: + node.name: "es01" + bootstrap.memory_lock: "false" + discovery.type: "single-node" + xpack.security.enabled: "true" + xpack.security.http.ssl.enabled: "false" + xpack.security.transport.ssl.enabled: "false" +{{- end -}} diff --git a/helm/templates/elasticsearch.yaml b/helm/templates/elasticsearch.yaml new file mode 100644 index 000000000..5307b9561 --- /dev/null +++ b/helm/templates/elasticsearch.yaml @@ -0,0 +1,105 @@ +{{- if eq .Values.env.DOC_ENGINE "elasticsearch" -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "ragflow.fullname" . }}-es-data + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: elasticsearch +spec: + {{- with .Values.elasticsearch.storage.className }} + storageClassName: {{ . }} + {{- end }} + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.elasticsearch.storage.capacity }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ragflow.fullname" . }}-es + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: elasticsearch +spec: + replicas: 1 + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: elasticsearch + {{- with .Values.elasticsearch.deployment.strategy }} + strategy: + {{- . | toYaml | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "ragflow.labels" . | nindent 8 }} + app.kubernetes.io/component: elasticsearch + annotations: + checksum/config-es: {{ include (print $.Template.BasePath "/elasticsearch-config.yaml") . | sha256sum }} + checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} + spec: + initContainers: + - name: fix-data-volume-permissions + image: alpine + command: + - sh + - -c + - "chown -R 1000:0 /usr/share/elasticsearch/data" + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: es-data + containers: + - name: elasticsearch + image: docker.elastic.co/elasticsearch/elasticsearch:{{ .Values.env.STACK_VERSION }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + - configMapRef: + name: {{ include "ragflow.fullname" . }}-es-config + ports: + - containerPort: 9200 + name: http + - containerPort: 9300 + name: transport + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: es-data + {{- with .Values.elasticsearch.deployment.resources }} + resources: + {{- . | toYaml | nindent 10 }} + {{- end }} + securityContext: + capabilities: + add: + - "IPC_LOCK" + runAsUser: 1000 + # NOTE: fsGroup doesn't seem to + # work so use init container instead + # fsGroup: 1000 + allowPrivilegeEscalation: false + volumes: + - name: es-data + persistentVolumeClaim: + claimName: {{ include "ragflow.fullname" . }}-es-data +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ragflow.fullname" . }}-es + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: elasticsearch +spec: + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: elasticsearch + ports: + - protocol: TCP + port: 9200 + targetPort: http + type: {{ .Values.elasticsearch.service.type }} +{{- end -}} diff --git a/helm/templates/env.yaml b/helm/templates/env.yaml new file mode 100644 index 000000000..783c5cc0a --- /dev/null +++ b/helm/templates/env.yaml @@ -0,0 +1,48 @@ +{{- /* +TODO: Split env vars into separate secrets so that each pod + only gets passed the secrets it really needs. +*/}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "ragflow.fullname" . }}-env-config +type: Opaque +stringData: + {{- range $key, $val := .Values.env }} + {{- if $val }} + {{ $key }}: {{ quote $val }} + {{- end }} + {{- end }} + {{- /* + Use host names derived from internal cluster DNS + */}} + REDIS_HOST: {{ printf "%s-redis.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + MYSQL_HOST: {{ printf "%s-mysql.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + MINIO_HOST: {{ printf "%s-minio.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + {{- /* + Fail if passwords are not provided in release values + */}} + REDIS_PASSWORD: {{ .Values.env.REDIS_PASSWORD | required "REDIS_PASSWORD is required" }} + {{- /* + NOTE: MySQL uses MYSQL_ROOT_PASSWORD env var but Ragflow container expects + MYSQL_PASSWORD so we need to define both as the same value here. + */}} + {{- with .Values.env.MYSQL_PASSWORD | required "MYSQL_PASSWORD is required" }} + MYSQL_PASSWORD: {{ . }} + MYSQL_ROOT_PASSWORD: {{ . }} + {{- end }} + {{- with .Values.env.MINIO_PASSWORD | required "MINIO_PASSWORD is required" }} + MINIO_PASSWORD: {{ . }} + MINIO_ROOT_PASSWORD: {{ . }} + {{- end }} + {{- /* + Only provide env vars for enabled doc engine + */}} + {{- if eq .Values.env.DOC_ENGINE "elasticsearch" }} + ES_HOST: {{ printf "%s-es.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + ELASTIC_PASSWORD: {{ .Values.env.ELASTIC_PASSWORD | required "ELASTIC_PASSWORD is required" }} + {{- else if eq .Values.env.DOC_ENGINE "infinity" }} + INFINITY_HOST: {{ printf "%s-infinity.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + {{- else }} + {{ fail "env.DOC_ENGINE must be either 'elasticsearch' or 'infinity'" }} + {{- end }} diff --git a/helm/templates/infinity.yaml b/helm/templates/infinity.yaml new file mode 100644 index 000000000..8560e7821 --- /dev/null +++ b/helm/templates/infinity.yaml @@ -0,0 +1,108 @@ +{{- if eq .Values.env.DOC_ENGINE "infinity" -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "ragflow.fullname" . }}-infinity + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: infinity +spec: + {{- with .Values.infinity.storage.className }} + storageClassName: {{ . }} + {{- end }} + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.infinity.storage.capacity }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ragflow.fullname" . }}-infinity + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: infinity +spec: + replicas: 1 + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: infinity + {{- with .Values.infinity.deployment.strategy }} + strategy: + {{- . | toYaml | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "ragflow.labels" . | nindent 8 }} + app.kubernetes.io/component: infinity + annotations: + checksum/config: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} + spec: + containers: + - name: infinity + image: {{ .Values.infinity.image.repository }}:{{ .Values.infinity.image.tag }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + ports: + - containerPort: 23817 + name: thrift + - containerPort: 23820 + name: http + - containerPort: 5432 + name: psql + volumeMounts: + - mountPath: /var/infinity + name: infinity-data + {{- with .Values.infinity.deployment.resources }} + resources: + {{- . | toYaml | nindent 10 }} + {{- end }} + securityContext: + capabilities: + add: + - "NET_BIND_SERVICE" + seccompProfile: + type: RuntimeDefault + livenessProbe: + httpGet: + path: /admin/node/current + port: 23820 + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 10 + failureThreshold: 120 + volumes: + - name: infinity-data + persistentVolumeClaim: + claimName: {{ include "ragflow.fullname" . }}-infinity +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ragflow.fullname" . }}-infinity + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: infinity +spec: + selector: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: infinity + ports: + - protocol: TCP + port: 23817 + targetPort: thrift + name: thrift + - protocol: TCP + port: 23820 + targetPort: http + name: http + - protocol: TCP + port: 5432 + targetPort: psql + name: psql + type: {{ .Values.infinity.service.type }} +{{- end -}} diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml new file mode 100644 index 000000000..3d7e596e3 --- /dev/null +++ b/helm/templates/ingress.yaml @@ -0,0 +1,43 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "ragflow.fullname" . }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.ingress.className }} + ingressClassName: {{ . }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- with .pathType }} + pathType: {{ . }} + {{- end }} + backend: + service: + name: {{ include "ragflow.fullname" $ }} + port: + name: http + {{- end }} + {{- end }} +{{- end }} diff --git a/helm/templates/minio.yaml b/helm/templates/minio.yaml new file mode 100644 index 000000000..289007d63 --- /dev/null +++ b/helm/templates/minio.yaml @@ -0,0 +1,91 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "ragflow.fullname" . }}-minio + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: minio +spec: + {{- with .Values.minio.storage.className }} + storageClassName: {{ . }} + {{- end }} + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.minio.storage.capacity }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ragflow-minio-deployment + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: minio + annotations: + checksum/config: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: minio + {{- with .Values.minio.deployment.strategy }} + strategy: + {{- . | toYaml | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "ragflow.labels" . | nindent 8 }} + app.kubernetes.io/component: minio + spec: + containers: + - name: minio + image: {{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + args: + - server + - "--console-address=:9001" + - "/data" + ports: + - containerPort: 9000 + name: s3 + - containerPort: 9001 + name: console + {{- with .Values.minio.deployment.resources }} + resources: + {{- . | toYaml | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /data + name: minio-data + volumes: + - name: minio-data + persistentVolumeClaim: + claimName: {{ include "ragflow.fullname" . }}-minio +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ragflow.fullname" . }}-minio + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: minio +spec: + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: minio + ports: + - name: s3 + protocol: TCP + port: 9000 + targetPort: s3 + - name: console + protocol: TCP + port: 9001 + targetPort: console + type: {{ .Values.minio.service.type }} diff --git a/helm/templates/mysql-config.yaml b/helm/templates/mysql-config.yaml new file mode 100644 index 000000000..dd8501033 --- /dev/null +++ b/helm/templates/mysql-config.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: mysql-init-script +data: + init.sql: |- + CREATE DATABASE IF NOT EXISTS rag_flow; + USE rag_flow; diff --git a/helm/templates/mysql.yaml b/helm/templates/mysql.yaml new file mode 100644 index 000000000..1b08c02c3 --- /dev/null +++ b/helm/templates/mysql.yaml @@ -0,0 +1,95 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "ragflow.fullname" . }}-mysql + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: mysql +spec: + {{- with .Values.mysql.storage.className }} + storageClassName: {{ . }} + {{- end }} + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.mysql.storage.capacity }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ragflow.fullname" . }}-mysql + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: mysql +spec: + replicas: 1 + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: mysql + {{- with .Values.mysql.deployment.strategy }} + strategy: + {{- . | toYaml | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "ragflow.labels" . | nindent 8 }} + app.kubernetes.io/component: mysql + annotations: + checksum/config-mysql: {{ include (print $.Template.BasePath "/mysql-config.yaml") . | sha256sum }} + checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} + spec: + containers: + - name: mysql + image: {{ .Values.mysql.image.repository }}:{{ .Values.mysql.image.tag }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + args: + - --max_connections=1000 + - --character-set-server=utf8mb4 + - --collation-server=utf8mb4_general_ci + - --default-authentication-plugin=mysql_native_password + - --tls_version=TLSv1.2,TLSv1.3 + - --init-file=/data/application/init.sql + ports: + - containerPort: 3306 + name: mysql + {{- with .Values.mysql.deployment.resources }} + resources: + {{- . | toYaml | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /var/lib/mysql + name: mysql-data + - mountPath: /data/application/init.sql + subPath: init.sql + readOnly: true + name: init-script-volume + volumes: + - name: mysql-data + persistentVolumeClaim: + claimName: {{ include "ragflow.fullname" . }}-mysql + - name: init-script-volume + configMap: + name: mysql-init-script +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ragflow.fullname" . }}-mysql + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: mysql +spec: + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: mysql + ports: + - protocol: TCP + port: 3306 + targetPort: mysql + type: {{ .Values.mysql.service.type }} diff --git a/helm/templates/ragflow.yaml b/helm/templates/ragflow.yaml new file mode 100644 index 000000000..d39139bc3 --- /dev/null +++ b/helm/templates/ragflow.yaml @@ -0,0 +1,72 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ragflow.fullname" . }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: ragflow +spec: + replicas: 1 + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: ragflow + {{- with .Values.ragflow.deployment.strategy }} + strategy: + {{- . | toYaml | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "ragflow.labels" . | nindent 8 }} + app.kubernetes.io/component: ragflow + annotations: + checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} + checksum/config-ragflow: {{ include (print $.Template.BasePath "/ragflow_config.yaml") . | sha256sum }} + spec: + containers: + - name: ragflow + image: {{ .Values.env.RAGFLOW_IMAGE }} + ports: + - containerPort: 80 + name: http + volumeMounts: + - mountPath: /etc/nginx/conf.d/ragflow.conf + subPath: ragflow.conf + name: nginx-config-volume + - mountPath: /etc/nginx/proxy.conf + subPath: proxy.conf + name: nginx-config-volume + - mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + name: nginx-config-volume + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + {{- with .Values.ragflow.deployment.resources }} + resources: + {{- . | toYaml | nindent 10 }} + {{- end }} + volumes: + - name: nginx-config-volume + configMap: + name: nginx-config +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ragflow.fullname" . }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: ragflow +spec: + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: ragflow + ports: + - protocol: TCP + port: 80 + targetPort: http + name: http + type: {{ .Values.ragflow.service.type }} diff --git a/helm/templates/ragflow_config.yaml b/helm/templates/ragflow_config.yaml new file mode 100644 index 000000000..6967ecca5 --- /dev/null +++ b/helm/templates/ragflow_config.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-config +data: + ragflow.conf: | + server { + listen 80; + server_name _; + root /ragflow/web/dist; + + gzip on; + gzip_min_length 1k; + gzip_comp_level 9; + gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location ~ ^/(v1|api) { + proxy_pass http://localhost:9380; + include proxy.conf; + } + + location / { + index index.html; + try_files $uri $uri/ /index.html; + } + + # Cache-Control: max-age~@~AExpires + location ~ ^/static/(css|js|media)/ { + expires 10y; + access_log off; + } + } + proxy.conf: | + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_buffering off; + proxy_read_timeout 3600s; + proxy_send_timeout 3600s; + nginx.conf: | + user root; + worker_processes auto; + + error_log /var/log/nginx/error.log notice; + pid /var/run/nginx.pid; + + events { + worker_connections 1024; + } + + http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + + #gzip on; + client_max_body_size 128M; + + include /etc/nginx/conf.d/ragflow.conf; + } diff --git a/helm/templates/redis.yaml b/helm/templates/redis.yaml new file mode 100644 index 000000000..ef1e1b352 --- /dev/null +++ b/helm/templates/redis.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "ragflow.fullname" . }}-redis + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: redis +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "ragflow.fullname" . }}-redis + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: redis +spec: + replicas: 1 + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: redis + {{- with .Values.redis.deployment.strategy }} + strategy: + {{- . | toYaml | nindent 4 }} + {{- end }} + template: + metadata: + labels: + {{- include "ragflow.labels" . | nindent 8 }} + app.kubernetes.io/component: redis + annotations: + checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} + spec: + containers: + - name: redis + image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} + command: + - "sh" + - "-c" + - "exec redis-server --requirepass ${REDIS_PASSWORD} --maxmemory 128mb --maxmemory-policy allkeys-lru" + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + ports: + - containerPort: 6379 + name: redis + {{- with .Values.redis.deployment.resources }} + resources: + {{- . | toYaml | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /data + name: redis-data + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: {{ include "ragflow.fullname" . }}-redis +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ragflow.fullname" . }}-redis + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: redis +spec: + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: redis + ports: + - protocol: TCP + port: 6379 + targetPort: redis + type: {{ .Values.redis.service.type }} diff --git a/helm/templates/tests/test-connection.yaml b/helm/templates/tests/test-connection.yaml new file mode 100644 index 000000000..f3d3a4841 --- /dev/null +++ b/helm/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "ragflow.fullname" . }}-test-connection" + labels: + {{- include "ragflow.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: + - 'wget' + args: + - {{ printf "%s.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + restartPolicy: Never diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 000000000..66f94c004 --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,153 @@ +# Based on docker compose .env file +env: + # The type of doc engine to use. + # Available options: + # - `elasticsearch` (default) + # - `infinity` (https://github.com/infiniflow/infinity) + # DOC_ENGINE: elasticsearch + DOC_ENGINE: infinity + + # The version of Elasticsearch. + STACK_VERSION: "8.11.3" + + # The password for Elasticsearch + ELASTIC_PASSWORD: infini_rag_flow_helm + + # The password for MySQL + MYSQL_PASSWORD: infini_rag_flow_helm + # The database of the MySQL service to use + MYSQL_DBNAME: rag_flow + + # The username for MinIO. + MINIO_ROOT_USER: rag_flow + # The password for MinIO + MINIO_PASSWORD: infini_rag_flow_helm + + # The password for Redis + REDIS_PASSWORD: infini_rag_flow_helm + + # The RAGFlow Docker image to download. + # Defaults to the dev-slim edition, which is the RAGFlow Docker image without embedding models. + RAGFLOW_IMAGE: infiniflow/ragflow:dev-slim + # + # To download the RAGFlow Docker image with embedding models, uncomment the following line instead: + # RAGFLOW_IMAGE=infiniflow/ragflow:dev + # + # The Docker image of the dev edition includes: + # - Built-in embedding models: + # - BAAI/bge-large-zh-v1.5 + # - BAAI/bge-reranker-v2-m3 + # - maidalun1020/bce-embedding-base_v1 + # - maidalun1020/bce-reranker-base_v1 + # - Embedding models that will be downloaded once you select them in the RAGFlow UI: + # - BAAI/bge-base-en-v1.5 + # - BAAI/bge-large-en-v1.5 + # - BAAI/bge-small-en-v1.5 + # - BAAI/bge-small-zh-v1.5 + # - jinaai/jina-embeddings-v2-base-en + # - jinaai/jina-embeddings-v2-small-en + # - nomic-ai/nomic-embed-text-v1.5 + # - sentence-transformers/all-MiniLM-L6-v2 + # + # + + # The local time zone. + TIMEZONE: "Asia/Shanghai" + + # Uncomment the following line if you have limited access to huggingface.co: + # HF_ENDPOINT: https://hf-mirror.com + + # The maximum file size for each uploaded file, in bytes. + # You can uncomment this line and update the value if you wish to change 128M file size limit + # MAX_CONTENT_LENGTH: "134217728" + +ragflow: + deployment: + strategy: + resources: + service: + # Use LoadBalancer to expose the web interface externally + type: ClusterIP + +infinity: + image: + repository: infiniflow/infinity + tag: v0.5.0-dev5 + storage: + className: + capacity: 5Gi + deployment: + strategy: + resources: + service: + type: ClusterIP + +elasticsearch: + storage: + className: + capacity: 20Gi + deployment: + strategy: + resources: + requests: + memory: 8Gi + service: + type: ClusterIP + +minio: + image: + repository: quay.io/minio/minio + tag: RELEASE.2023-12-20T01-00-02Z + storage: + className: + capacity: 5Gi + deployment: + strategy: + resources: + service: + type: ClusterIP + +mysql: + image: + repository: mysql + tag: 8.0.39 + storage: + className: + capacity: 5Gi + deployment: + strategy: + resources: + service: + type: ClusterIP + +redis: + image: + repository: valkey/valkey + tag: 8 + storage: + className: + capacity: 5Gi + deployment: + strategy: + resources: + service: + type: ClusterIP + + +# This block is for setting up web service ingress. For more information, see: +# https://kubernetes.io/docs/concepts/services-networking/ingress/ +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local