Wallaroo Helm Reference Table


A Helm chart for the control plane for Wallaroo

Configuration

The following table lists the configurable parameters of the Wallaroo chart and their default values.

ParameterDescriptionDefault
kubernetes_distributionRequired. Must be one of: aks, eks, gke, oke, or kurl.""
imageRegistryimageRegistry where images are pulled from"ghcr.io/wallaroolabs"
replImagePrefiximageRegistry where images are pulled from, as overridden by Kots"ghcr.io/wallaroolabs"
assays.enabledControls the display of Assay data in the Dashboardtrue
custTlsSecretNameName of existing Kubernetes TLS type secret""
deploymentStageDeployment stage, must be set to “cust” when deployed"cust"
custTlsCertCustomer provided certificate chain when deploymentStage is “cust”.""
custTlsKeyCustomer provided private key when deploymentStage is “cust”.""
nodeSelectorGlobal node selector{}
tolerationsGlobal tolerations[{"key": "wallaroo", "operator": "Exists", "effect": "NoSchedule"}]
domainPrefixDNS prefix of Wallaroo endpoints, can be "" for none, but do not leave blank"xxx"
domainSuffixDNS suffix of Wallaroo endpoints, MUST be provided"yyy"
externalIpOverrideUsed in cases where we can’t accurately determine our external, inbound IP address. Normally “”.""
imagePullPolicyGlobal policy saying when K8s pulls images: Always, Never, or IfNotPresent."Always"
wallarooSecretNameSecret name for pulling Wallaroo images"regcred"
privateModelRegistry.enabledIf true, external containerized models can be accessedfalse
privateModelRegistry.registryRegistry URL, eg “reg.big.corp:3579”""
privateModelRegistry.emailOptional, for bookkeeping""
privateModelRegistry.usernameUsername access credential""
privateModelRegistry.passwordPassword access credential""
ociRegistry.enabledIf true, pipelines can be published to this OCI registry for use in edge deploymentsfalse
ociRegistry.registryRegistry URL, eg “reg.big.corp:3579”""
ociRegistry.repositoryRepository within the registry. May contain cloud account, eg “account123/wallaroothings”""
ociRegistry.emailOptional, for bookkeeping""
ociRegistry.usernameUsername access credential""
ociRegistry.passwordPassword access credential""
ociRegistry.noTlsSet to true if the registry does not support TLS - for development onlyfalse
apilb.nodeSelectorstandard node selector for API-LB{}
apilb.annotationsAnnotations for api-lb service{}
apilb.serviceTypeService type of api-lb service"ClusterIP"
apilb.external_inference_endpoints_enabledEnable external URL inference endpoints: pipeline inference endpoints that are accessible outside of the Wallaroo cluster.true
apilb.ingress_modeHow the Wallaroo instance is reached through the Kubernetes network settings. Options are internal, external ,or noneinternal
edgelb.enabledEnable edge observability.false
edgelb.annotationsAnnotations for edge-lb service{}
edgelb.serviceTypeService type. If LoadBalancer, host-appropriate annotations should also be given to configure it."ClusterIP"
edgelb.opscenterHosthostname or IP of opscenter as reachable from edge nodes""
spireServer.joinHosthostname or IP of the host for edges to join""
jupyter.enabledIf true, a jupyer hub was deployed which components can point to.true
jupyter.nodeSelectorNode placement for Hub administrative pods{}
jupyter.labNodeSelectorNode placement for Hub-spawned jupyterlab pods{}
jupyter.memory.limitEach Lab - memory limit in GB"4"
jupyter.memory.guaranteeEach Lab - lemory guarantee in GB"2"
jupyter.cpu.limitEach Lab - fractional CPU limit"2.0"
jupyter.cpu.guaranteeEach Lab - fractional CPU guarantee"1.0"
jupyter.storage.capacityEach Lab - disk storage capacity in GB"50"
keycloak.useradministrative username"admin"
keycloak.passworddefault admin password: overridden if generate_secrets is true"admin"
keycloak.provider.clientIdupstream client id""
keycloak.provider.clientSecretupstream client secret""
keycloak.provider.namehuman name for provider""
keycloak.provider.idType of provider, one of: “github”, “google”, or “OIDC”""
keycloak.provider.authorizationUrlURL to contact the upstream client for auth requestsnull
keycloak.provider.clientAuthMethodclient auth method - Must be client_secret_post for OIDC provider type, leave blank otherwise.null
keycloak.provider.displayNamehuman name for provider, displayed to end user in login dialogsnull
keycloak.provider.tokenUrlUsed only for ODIC, see token endpoint under Azure endpoints.null
dbcleaner.schedulewhen the cleaner runs, default is every eight hours"* */8 * * *"
dbcleaner.maxAgeDaysdelete older than this many days"30"
prometheus.storageRetentionSizeGbRetain this much data, in GB."10"
prometheus.storageRetentionTimeDaysWhen to remove old data. In days."15"
plateau.enabledEnable Plateau deploymenttrue
plateau.diskSizeDisk space to allocate. Smaller than 100Gi is not recommended."100Gi"
telemetry.enabledUsed only for our CE product. Leave disabled for EE/Helm installs.false
dashboard.enabledEnable dashboard servicetrue
dashboard.clientNameCustomer display name which appears at the top of the dashboard window."Fitzroy Macropods, LLC"
minio.imagePullSecretsMust override for helm + private registry; eg -name: "some-secret"[]
minio.image.repositoryMust override for helm + private registry"quay.io/minio/minio"
minio.mcImage.repositoryMust override for helm + private registry"quay.io/minio/mc"
minio.persistence.sizeMinio model storage disk size. Smaller than 10Gi is not recommended."25Gi"
fluent-bit.imagePullSecretsMust override for helm + private registry; eg -name: "some-secret"[]
fluent-bit.image.repositoryMust override for helm + private registry"cr.fluentbit.io/fluent/fluent-bit"
helmTests.enabledWhen enabled, create “helm test” resources.true
helmTests.nodeSelectorWhen helm test is run, this selector places the test pods.{}
explainabilityServer.enabledEnable the model explainability servicefalse