diff --git a/.gitignore b/.gitignore index fbf80b3aabd..88fd216b273 100644 --- a/.gitignore +++ b/.gitignore @@ -195,3 +195,5 @@ ragflow_cli.egg-info # Default backup dir backup + +.kilocode/ \ No newline at end of file diff --git a/helm/.helmignore b/helm/.helmignore index 0e8a0eb36f4..2534d2cbc2b 100644 --- a/helm/.helmignore +++ b/helm/.helmignore @@ -21,3 +21,5 @@ .idea/ *.tmproj .vscode/ +README.md +*.tgz diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 4dd5af1ac41..f6710662162 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.2.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/README.md b/helm/README.md new file mode 100644 index 00000000000..505f6ebe351 --- /dev/null +++ b/helm/README.md @@ -0,0 +1,272 @@ +# RAGFlow 组件交互说明 +- 前端 nginx 仅负责静态资源与入口转发,所有动态请求通过 Ingress 进入 Ragflow API。 +- Ragflow API 在接到任务时写入 Redis Stream,由 Worker 消费并回写进度;任务相关数据保存在共享存储(数据库、向量库、对象存储)。 +- Admin 只对 Ragflow API 发起少量 HTTP 调用(如健康检查、后台管理),不会直接访问其他组件。 +- MCP Server 通过 HTTP/SSE 调用 Ragflow API 暴露的检索与工具接口,本身不直接访问底层存储。 +- API、Admin、Worker 共同依赖外部的数据库、Redis、向量库与对象存储。 + +``` +Browser Ingress Frontend Ragflow API Redis Queue Worker Admin MCP Server Shared Stores (DB/Vector/MinIO) + | | | | | | | | | +1. |--GET /-->|--/------->| | | | | | | + |<--HTML---|<--static--| | | | | | | + | | | | | | | | | + | | | | | | | | | +2. |--/api--> |----------/api---------->| | | | | | + | | | |-------------read/write------------------------------------------------->| + |<--resp---|<------HTTP resp --------| | | | | | + | | | | | | | | | + | | | | | | | | | +3. |--task--> |----------/api---------->|--write msg-->| | | | | + | | | | |--consume-->| | | | + | | | |<--progress---| |------------------read/write---------------->| + |<--resp---|<------HTTP resp --------| | | | | | + | | | | | | | | | + | | | | | | | | | +4. | | | |<--HTTP/SSE (MCP tools & calls)------------------>| | + | | | |----------------HTTP/SSE resp---------------------| | + | | | | | | | | | + | | | | | | | | | +5. |----req-->|------/api/v1/admin----->|---------/api/v1/admin-------------->| | | + | | | | |-------------read/write----------->| + |<--resp---|<------HTTP resp --------|<------------HTTP resp --------------| | | + | | | |<--------/v1/system/ping ------------| | | + | | | |---------HTTP resp------------------>| | | +``` + +### 主要配置项列表 + +下表按照作用域汇总 Helm `values.yaml` 支持的键及默认值;除非特别说明,`null` 表示该字段缺省时不会被渲染,`[]`/`{}` 表示空集合,可按需覆写。 + +#### 全局与环境 + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `nameOverride` | `null` | 覆盖 Chart 名称用于生成 Kubernetes 资源名前缀。 | +| `fullnameOverride` | `null` | 直接指定完整资源名前缀。 | +| `imagePullSecrets` | `[]` | 追加到所有工作负载的 `imagePullSecrets`。 | +| `env.DOC_ENGINE` | `infinity` | 选择文档/向量引擎:`infinity`、`elasticsearch` 或 `opensearch`。 | +| `env.STACK_VERSION` | `8.11.3` | 默认 Elastic Stack 版本。 | +| `env.TZ` | `Asia/Shanghai` | 设置容器时区。 | +| `env.DOC_BULK_SIZE` | `4` | 文档批量写入大小。 | +| `env.EMBEDDING_BATCH_SIZE` | `16` | 向量嵌入批次大小。 | +| `env.*` | *(自定义)* | 追加任意环境变量,写入 `*-env-config` Secret 并被所有组件加载。 | + +#### externalServices.* + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `externalServices.redis.enabled` | `false` | 复用外部 Redis 时开启,禁用内置 Redis 部署。 | +| `externalServices.redis.host` | `redis:6379` | 外部 Redis 连接地址。 | +| `externalServices.redis.password` | `password` | 外部 Redis 密码。 | +| `externalServices.redis.db` | `1` | 外部 Redis 数据库序号。 | +| `externalServices.mysql.enabled` | `false` | 复用外部 MySQL 时开启,禁用内置 MySQL。 | +| `externalServices.mysql.host` | `mysql` | 外部 MySQL 主机名。 | +| `externalServices.mysql.port` | `3306` | 外部 MySQL 端口。 | +| `externalServices.mysql.name` | `rag_flow` | 外部 MySQL 数据库名。 | +| `externalServices.mysql.user` | `root` | 外部 MySQL 用户名。 | +| `externalServices.mysql.password` | `password` | 外部 MySQL 密码。 | +| `externalServices.mysql.max_connections` | `900` | 可选,覆盖最大连接数。 | +| `externalServices.mysql.stale_timeout` | `300` | 可选,连接超时时间(秒)。 | +| `externalServices.mysql.max_allowed_packet` | `1073741824` | 可选,MySQL `max_allowed_packet`。 | +| `externalServices.s3.enabled` | `false` | 使用外部 S3 兼容存储时开启,禁用内置 MinIO。 | +| `externalServices.s3.access_key` | `""` | S3 访问 key。 | +| `externalServices.s3.secret_key` | `""` | S3 密钥。 | +| `externalServices.s3.session_token` | `""` | 临时凭证 token。 | +| `externalServices.s3.region_name` | `""` | S3 Region(若留空,可结合 `region`/`endpoint_url`)。 | +| `externalServices.s3.endpoint_url` | `""` | S3 Endpoint。 | +| `externalServices.s3.bucket` | `""` | 目标桶名称。 | +| `externalServices.s3.prefix_path` | `""` | 上传前缀。 | +| `externalServices.s3.signature_version` | `""` | 自定义签名版本,如 `s3v4`。 | +| `externalServices.s3.addressing_style` | `""` | 自定义桶寻址方式:`virtual`/`path`/`auto`。 | +| `externalServices.elasticsearch.enabled` | `false` | 使用外部 Elasticsearch 时开启,禁用内置 ES。 | +| `externalServices.elasticsearch.host` | `http://elasticsearch:9200` | 示例默认值;仅为向后兼容,占位使用。 | +| `externalServices.elasticsearch.hosts` | `null` | 启用外部 ES 时必须提供的地址(可为字符串或字符串数组)。 | +| `externalServices.elasticsearch.username` | `elastic` | 外部 Elasticsearch 用户名。 | +| `externalServices.elasticsearch.password` | `password` | 外部 Elasticsearch 密码。 | + +#### ragflow 通用配置 + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ragflow.image.repository` | `infiniflow/ragflow` | 默认镜像仓库,所有组件继承。 | +| `ragflow.image.tag` | `v0.21.1-slim` | 默认镜像标签。 | +| `ragflow.image.pullPolicy` | `IfNotPresent` | 默认镜像拉取策略。 | +| `ragflow.image.pullSecrets` | `[]` | 全局镜像拉取凭据。 | +| `ragflow.service_conf` | `null` | 追加到 `local.service_conf.yaml` 的自定义内容。 | +| `ragflow.llm_factories` | `null` | 渲染至 `llm_factories.json` 的自定义配置。 | + +#### ragflow.frontend + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ragflow.frontend.replicaCount` | `2` | 前端 Deployment 副本数。 | +| `ragflow.frontend.deployment.strategy` | `null` | 自定义 Deployment strategy。 | +| `ragflow.frontend.deployment.resources` | `limits: {cpu: 500m, memory: 500Mi}; requests: {cpu: 200m, memory: 200Mi}` | Pod 资源请求与限制。 | +| `ragflow.frontend.podAnnotations` | `{}` | 额外 Pod 注解。 | +| `ragflow.frontend.probes` | `{}` | 可自定义 liveness/readiness/startup 探针,留空时使用内置默认值。 | +| `ragflow.frontend.extraEnv` | `[]` | 追加前端容器环境变量。 | +| `ragflow.frontend.image.*` | `null` | 可按需覆盖仓库/tag/pullPolicy/pullSecrets,缺省继承全局设置。 | +| `ragflow.frontend.service.type` | `ClusterIP` | Service 类型。 | +| `ragflow.frontend.service.port` | `80` | Service 端口。 | + +#### ragflow.api + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ragflow.api.replicaCount` | `2` | API Deployment 副本数。 | +| `ragflow.api.deployment.strategy` | `null` | 自定义 Deployment strategy。 | +| `ragflow.api.deployment.resources` | `limits: {cpu: "1", memory: 2Gi}; requests: {cpu: 500m, memory: 1Gi}` | Pod 资源请求与限制。 | +| `ragflow.api.podAnnotations` | `{}` | 额外 Pod 注解。 | +| `ragflow.api.debug` | `false` | 启用 Flask 调试/自动重载。 | +| `ragflow.api.extraEnv` | `[]` | 追加 API 环境变量。 | +| `ragflow.api.extraArgs` | `[]` | 追加启动参数(写到 `python3 api/ragflow_server.py` 命令后)。 | +| `ragflow.api.probes` | `{}` | 自定义探针,留空时使用 HTTP `/v1/system/healthz` 默认配置。 | +| `ragflow.api.image.*` | `null` | 按需覆盖镜像配置,缺省继承全局。 | +| `ragflow.api.service.type` | `ClusterIP` | Service 类型。 | +| `ragflow.api.service.port` | `80` | Service 端口(Pod 监听 9380)。 | + +#### ragflow.worker + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ragflow.worker.replicaCount` | `2` | Worker Deployment 副本数。 | +| `ragflow.worker.deployment.strategy` | `null` | 自定义 Deployment strategy。 | +| `ragflow.worker.deployment.resources` | `limits: {cpu: "2", memory: 4Gi}; requests: {cpu: "1", memory: 2Gi}` | Worker 资源请求与限制。 | +| `ragflow.worker.podAnnotations` | `{}` | 额外 Pod 注解。 | +| `ragflow.worker.consumerRange.enabled` | `false` | 启用消费者编号区间。 | +| `ragflow.worker.consumerRange.begin` | `0` | 区间起始编号,与 `enabled` 联动使用。 | +| `ragflow.worker.extraArgs` | `[]` | 追加 Task Executor 启动参数。 | +| `ragflow.worker.extraEnv` | `[]` | 追加 Worker 环境变量。 | +| `ragflow.worker.probes` | `{}` | 自定义探针,留空时使用内置命令行探活。 | +| `ragflow.worker.image.*` | `null` | 覆盖 Worker 镜像配置,缺省继承全局。 | + +#### ragflow.admin + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ragflow.admin.enabled` | `false` | 是否部署 Admin 服务。 | +| `ragflow.admin.replicaCount` | `1` | Admin Deployment 副本数。 | +| `ragflow.admin.deployment.strategy` | `null` | 自定义 Deployment strategy。 | +| `ragflow.admin.deployment.resources` | `limits: {cpu: "1", memory: 2Gi}; requests: {cpu: 500m, memory: 1Gi}` | Admin 资源请求与限制。 | +| `ragflow.admin.podAnnotations` | `{}` | 额外 Pod 注解。 | +| `ragflow.admin.debug` | `false` | 启用 Flask 调试模式。 | +| `ragflow.admin.extraArgs` | `[]` | 追加 Admin 启动参数。 | +| `ragflow.admin.extraEnv` | `[]` | 追加 Admin 环境变量。 | +| `ragflow.admin.probes` | `{}` | 自定义探针,留空时使用内置 HTTP 健康检查。 | +| `ragflow.admin.image.*` | `null` | 覆盖 Admin 镜像配置。 | +| `ragflow.admin.service.type` | `ClusterIP` | Service 类型。 | +| `ragflow.admin.service.port` | `80` | Service 端口(Pod 监听 9381)。 | + +#### ragflow.mcp + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ragflow.mcp.enabled` | `false` | 是否部署 MCP Server。 | +| `ragflow.mcp.replicaCount` | `1` | MCP Deployment 副本数。 | +| `ragflow.mcp.deployment.strategy` | `null` | 自定义 Deployment strategy。 | +| `ragflow.mcp.deployment.resources` | `limits: {cpu: "1", memory: 1Gi}; requests: {cpu: "1", memory: 1Gi}` | MCP 资源请求与限制。 | +| `ragflow.mcp.podAnnotations` | `{}` | 额外 Pod 注解。 | +| `ragflow.mcp.mode` | `self-host` | MCP 运行模式。 | +| `ragflow.mcp.hostApiKey` | `""` | 以 self-host 模式调用 API 时使用的 key。 | +| `ragflow.mcp.transport.sse` | `true` | 是否启用 SSE 传输。 | +| `ragflow.mcp.transport.streamableHttp` | `true` | 是否启用 Streamable HTTP。 | +| `ragflow.mcp.transport.jsonResponse` | `true` | Streamable HTTP 是否使用 JSON 响应。 | +| `ragflow.mcp.extraArgs` | `[]` | 追加 MCP 启动参数。 | +| `ragflow.mcp.extraEnv` | `[]` | 追加 MCP 环境变量。 | +| `ragflow.mcp.probes` | `{}` | 自定义探针,留空时使用 TCP 探活。 | +| `ragflow.mcp.image.*` | `null` | 覆盖 MCP 镜像配置。 | +| `ragflow.mcp.port` | `9382` | MCP 容器监听端口,模板内置默认值,需时可显式覆写。 | +| `ragflow.mcp.service.type` | `ClusterIP` | Service 类型。 | +| `ragflow.mcp.service.port` | `80` | Service 端口(Pod 监听 9382)。 | + +#### 内置中间件(按需启用) + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `infinity.image.repository` | `infiniflow/infinity` | Infinity 镜像仓库(`env.DOC_ENGINE=infinity` 时部署)。 | +| `infinity.image.tag` | `v0.6.1` | Infinity 镜像标签。 | +| `infinity.image.pullPolicy` | `IfNotPresent` | 镜像拉取策略。 | +| `infinity.image.pullSecrets` | `[]` | 镜像凭据。 | +| `infinity.storage.className` | `null` | 挂载使用的 StorageClass。 | +| `infinity.storage.capacity` | `5Gi` | PVC 容量。 | +| `infinity.deployment.strategy` | `null` | Deployment strategy。 | +| `infinity.deployment.resources` | `null` | 资源请求/限制(缺省未设置)。 | +| `infinity.service.type` | `ClusterIP` | Service 类型。 | +| `elasticsearch.credentials.username` | `elastic` | 内置 Elasticsearch 默认用户名。 | +| `elasticsearch.credentials.password` | `infini_rag_flow_helm` | 内置 Elasticsearch 默认密码。 | +| `elasticsearch.image.repository` | `elasticsearch` | Elasticsearch 镜像仓库。 | +| `elasticsearch.image.tag` | `8.11.3` | Elasticsearch 镜像标签。 | +| `elasticsearch.image.pullPolicy` | `IfNotPresent` | 镜像拉取策略。 | +| `elasticsearch.image.pullSecrets` | `[]` | 镜像凭据。 | +| `elasticsearch.initContainers.alpine.repository` | `alpine` | 初始化容器镜像。 | +| `elasticsearch.initContainers.alpine.tag` | `latest` | 初始化容器标签。 | +| `elasticsearch.initContainers.busybox.repository` | `busybox` | 初始化容器镜像。 | +| `elasticsearch.initContainers.busybox.tag` | `latest` | 初始化容器标签。 | +| `elasticsearch.storage.className` | `null` | ElasticSearch PVC 的 StorageClass。 | +| `elasticsearch.storage.capacity` | `20Gi` | Elasticsearch 数据卷容量。 | +| `elasticsearch.deployment.strategy` | `null` | Deployment strategy。 | +| `elasticsearch.deployment.resources.requests.cpu` | `"4"` | CPU 请求。 | +| `elasticsearch.deployment.resources.requests.memory` | `16Gi` | 内存请求。 | +| `elasticsearch.service.type` | `ClusterIP` | Service 类型。 | +| `opensearch.image.repository` | `opensearchproject/opensearch` | Opensearch 镜像仓库。 | +| `opensearch.image.tag` | `2.19.1` | Opensearch 镜像标签。 | +| `opensearch.image.pullPolicy` | `IfNotPresent` | 镜像拉取策略。 | +| `opensearch.image.pullSecrets` | `[]` | 镜像凭据。 | +| `opensearch.initContainers.alpine.repository` | `alpine` | 初始化容器镜像。 | +| `opensearch.initContainers.alpine.tag` | `latest` | 初始化容器标签。 | +| `opensearch.initContainers.busybox.repository` | `busybox` | 初始化容器镜像。 | +| `opensearch.initContainers.busybox.tag` | `latest` | 初始化容器标签。 | +| `opensearch.storage.className` | `null` | Opensearch PVC 的 StorageClass。 | +| `opensearch.storage.capacity` | `20Gi` | Opensearch 数据卷容量。 | +| `opensearch.deployment.strategy` | `null` | Deployment strategy。 | +| `opensearch.deployment.resources.requests.cpu` | `"4"` | CPU 请求。 | +| `opensearch.deployment.resources.requests.memory` | `16Gi` | 内存请求。 | +| `opensearch.service.type` | `ClusterIP` | Service 类型。 | +| `minio.credentials.user` | `rag_flow` | 内置 MinIO 用户名。 | +| `minio.credentials.password` | `infini_rag_flow_helm` | MinIO 密码。 | +| `minio.image.repository` | `quay.io/minio/minio` | MinIO 镜像仓库。 | +| `minio.image.tag` | `RELEASE.2023-12-20T01-00-02Z` | MinIO 镜像标签。 | +| `minio.image.pullPolicy` | `IfNotPresent` | 镜像拉取策略。 | +| `minio.image.pullSecrets` | `[]` | 镜像凭据。 | +| `minio.storage.className` | `null` | MinIO PVC 的 StorageClass。 | +| `minio.storage.capacity` | `5Gi` | MinIO 数据卷容量。 | +| `minio.deployment.strategy` | `null` | Deployment strategy。 | +| `minio.deployment.resources` | `null` | 资源请求/限制(缺省未设置)。 | +| `minio.service.type` | `ClusterIP` | Service 类型。 | +| `mysql.credentials.name` | `rag_flow` | 内置 MySQL 默认数据库。 | +| `mysql.credentials.user` | `root` | MySQL 默认用户。 | +| `mysql.credentials.password` | `infini_rag_flow_helm` | MySQL 用户密码。 | +| `mysql.image.repository` | `mysql` | MySQL 镜像仓库。 | +| `mysql.image.tag` | `8.0.39` | MySQL 镜像标签。 | +| `mysql.image.pullPolicy` | `IfNotPresent` | 镜像拉取策略。 | +| `mysql.image.pullSecrets` | `[]` | 镜像凭据。 | +| `mysql.storage.className` | `null` | MySQL PVC 的 StorageClass。 | +| `mysql.storage.capacity` | `5Gi` | MySQL 数据卷容量。 | +| `mysql.deployment.strategy` | `null` | Deployment strategy。 | +| `mysql.deployment.resources` | `null` | 资源请求/限制(缺省未设置)。 | +| `mysql.service.type` | `ClusterIP` | Service 类型。 | +| `redis.credentials.password` | `infini_rag_flow_helm` | 内置 Redis 密码。 | +| `redis.credentials.db` | `1` | 内置 Redis 默认数据库。 | +| `redis.image.repository` | `valkey/valkey` | Redis (Valkey) 镜像仓库。 | +| `redis.image.tag` | `8` | Redis 镜像标签。 | +| `redis.image.pullPolicy` | `IfNotPresent` | 镜像拉取策略。 | +| `redis.image.pullSecrets` | `[]` | 镜像凭据。 | +| `redis.storage.className` | `null` | Redis PVC 的 StorageClass。 | +| `redis.storage.capacity` | `5Gi` | Redis 数据卷容量。 | +| `redis.persistence.enabled` | `true` | 是否启用有状态持久化 (StatefulSet+PVC)。 | +| `redis.persistence.retentionPolicy.whenDeleted` | `null` | 可选,自定义 PVC 删除行为。 | +| `redis.persistence.retentionPolicy.whenScaled` | `null` | 可选,自定义缩容时的 PVC 保留策略。 | +| `redis.deployment.strategy` | `null` | StatefulSet updateStrategy(缺省未设置)。 | +| `redis.deployment.resources` | `null` | 资源请求/限制(缺省未设置)。 | +| `redis.service.type` | `ClusterIP` | Service 类型。 | + +#### Ingress + +| 参数 | 默认值 | 说明 | +|---|---|---| +| `ingress.enabled` | `false` | 是否创建 Ingress。 | +| `ingress.className` | `""` | 绑定的 IngressClass,留空时使用集群默认。 | +| `ingress.annotations` | `{}` | 自定义 Ingress 注解。 | +| `ingress.hosts` | `[{"host":"chart-example.local","paths":[{path:"/",component:"frontend"},{path:"/api",component:"api"},{path:"/v1",component:"api"}]}]` | 路由规则配置,可按组件映射到不同 Service/端口。 | +| `ingress.tls` | `[]` | TLS 配置列表。 | diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 8afe440d105..fc7e34c10ae 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -60,3 +60,13 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Create a fully qualified name for a component (frontend, api, worker, admin, mcp). +Usage: {{ include "ragflow.componentFullname" (dict "root" . "component" "api") }} +*/}} +{{- define "ragflow.componentFullname" -}} +{{- $root := index . "root" -}} +{{- $component := index . "component" -}} +{{- printf "%s-%s" (include "ragflow.fullname" $root) $component | trunc 63 | trimSuffix "-" }} +{{- end }} diff --git a/helm/templates/admin.yaml b/helm/templates/admin.yaml new file mode 100644 index 00000000000..db6858e6bc2 --- /dev/null +++ b/helm/templates/admin.yaml @@ -0,0 +1,167 @@ +{{- if .Values.ragflow.admin.enabled }} +{{- $component := "admin" }} +{{- $name := include "ragflow.componentFullname" (dict "root" . "component" $component) }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + replicas: {{ .Values.ragflow.admin.replicaCount }} + {{- with .Values.ragflow.admin.deployment.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ $component }} + template: + metadata: + labels: + {{- include "ragflow.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ $component }} + {{- with .Values.ragflow.admin.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $globalPullSecrets := .Values.imagePullSecrets }} + {{- $basePullSecrets := .Values.ragflow.image.pullSecrets }} + {{- $adminImage := default (dict) .Values.ragflow.admin.image }} + {{- $componentPullSecrets := default list $adminImage.pullSecrets }} + {{- if or (or $globalPullSecrets $basePullSecrets) $componentPullSecrets }} + imagePullSecrets: + {{- with $globalPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $basePullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $componentPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- $localServiceConf := .Values.ragflow.service_conf }} + {{- $llmFactories := .Values.ragflow.llm_factories }} + {{- $extraArgs := join " " .Values.ragflow.admin.extraArgs }} + containers: + - name: {{ $component }} + {{- $imageRepository := default .Values.ragflow.image.repository $adminImage.repository }} + {{- $imageTag := default .Values.ragflow.image.tag $adminImage.tag }} + image: {{ printf "%s:%s" $imageRepository $imageTag }} + {{- $pullPolicy := default .Values.ragflow.image.pullPolicy $adminImage.pullPolicy }} + {{- with $pullPolicy }} + imagePullPolicy: {{ . }} + {{- end }} + command: + - /bin/bash + - -lc + - | + set -eo pipefail + cd /ragflow + + export LD_LIBRARY_PATH="/usr/lib/x86_64-linux-gnu/" + PY=python3 + exec "${PY}" admin/server/admin_server.py{{- if $extraArgs }} {{ $extraArgs }}{{- end }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + env: + - name: FLASK_ENV + value: {{ ternary "development" "production" (default false .Values.ragflow.admin.debug) | quote }} + - name: FLASK_DEBUG + value: {{ ternary "1" "0" (default false .Values.ragflow.admin.debug) | quote }} + - name: WERKZEUG_DEBUG_PIN + value: "off" + - name: RAGFLOW_HOST + value: {{ printf "%s.%s.svc" (include "ragflow.componentFullname" (dict "root" . "component" "api")) .Release.Namespace | quote }} + {{- with .Values.ragflow.admin.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: 9381 + {{- $probes := default (dict) .Values.ragflow.admin.probes }} + {{- if $probes.liveness }} + livenessProbe: + {{- toYaml $probes.liveness | nindent 12 }} + {{- else }} + livenessProbe: + tcpSocket: + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.readiness }} + readinessProbe: + {{- toYaml $probes.readiness | nindent 12 }} + {{- else }} + readinessProbe: + tcpSocket: + port: http + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.startup }} + startupProbe: + {{- toYaml $probes.startup | nindent 12 }} + {{- else }} + startupProbe: + tcpSocket: + port: http + periodSeconds: 10 + failureThreshold: 30 + {{- end }} + volumeMounts: + - mountPath: /ragflow/conf/service_conf.yaml + subPath: service_conf.yaml + name: service-conf-volume + {{- if $localServiceConf }} + - mountPath: /ragflow/conf/local.service_conf.yaml + subPath: local.service_conf.yaml + name: service-conf-volume + {{- end }} + {{- if $llmFactories }} + - mountPath: /ragflow/conf/llm_factories.json + subPath: llm_factories.json + name: service-conf-volume + {{- end }} + {{- with .Values.ragflow.admin.deployment.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: service-conf-volume + configMap: + name: ragflow-service-config +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + type: {{ .Values.ragflow.admin.service.type }} + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} + {{- if gt (int .Values.ragflow.admin.replicaCount) 1 }} + sessionAffinity: ClientIP + {{- end }} + ports: + - name: http + port: {{ .Values.ragflow.admin.service.port }} + targetPort: http +{{- end }} diff --git a/helm/templates/api.yaml b/helm/templates/api.yaml new file mode 100644 index 00000000000..4d665e83fe1 --- /dev/null +++ b/helm/templates/api.yaml @@ -0,0 +1,162 @@ +{{- $component := "api" }} +{{- $name := include "ragflow.componentFullname" (dict "root" . "component" $component) }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + replicas: {{ .Values.ragflow.api.replicaCount }} + {{- with .Values.ragflow.api.deployment.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ $component }} + template: + metadata: + labels: + {{- include "ragflow.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ $component }} + {{- with .Values.ragflow.api.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $globalPullSecrets := .Values.imagePullSecrets }} + {{- $basePullSecrets := .Values.ragflow.image.pullSecrets }} + {{- $apiImage := default (dict) .Values.ragflow.api.image }} + {{- $componentPullSecrets := default list $apiImage.pullSecrets }} + {{- if or (or $globalPullSecrets $basePullSecrets) $componentPullSecrets }} + imagePullSecrets: + {{- with $globalPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $basePullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $componentPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- $localServiceConf := .Values.ragflow.service_conf }} + {{- $llmFactories := .Values.ragflow.llm_factories }} + containers: + - name: {{ $component }} + workingDir: /ragflow + {{- $imageRepository := default .Values.ragflow.image.repository $apiImage.repository }} + {{- $imageTag := default .Values.ragflow.image.tag $apiImage.tag }} + image: {{ printf "%s:%s" $imageRepository $imageTag }} + {{- $pullPolicy := default .Values.ragflow.image.pullPolicy $apiImage.pullPolicy }} + {{- with $pullPolicy }} + imagePullPolicy: {{ . }} + {{- end }} + command: + - /bin/bash + - -lc + - | + set -eo pipefail + cd /ragflow + export LD_LIBRARY_PATH="/usr/lib/x86_64-linux-gnu/" + exec python3 api/ragflow_server.py{{- range $arg := .Values.ragflow.api.extraArgs }} {{ $arg | quote }}{{- end }} + ports: + - name: http + containerPort: 9380 + {{- $probes := default (dict) .Values.ragflow.api.probes }} + {{- if $probes.liveness }} + livenessProbe: + {{- toYaml $probes.liveness | nindent 12 }} + {{- else }} + livenessProbe: + httpGet: + path: /v1/system/healthz + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.readiness }} + readinessProbe: + {{- toYaml $probes.readiness | nindent 12 }} + {{- else }} + readinessProbe: + httpGet: + path: /v1/system/healthz + port: http + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.startup }} + startupProbe: + {{- toYaml $probes.startup | nindent 12 }} + {{- else }} + startupProbe: + httpGet: + path: /v1/system/healthz + port: http + periodSeconds: 10 + failureThreshold: 30 + {{- end }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + env: + - name: FLASK_ENV + value: {{ ternary "development" "production" (default false .Values.ragflow.api.debug) | quote }} + - name: FLASK_DEBUG + value: {{ ternary "1" "0" (default false .Values.ragflow.api.debug) | quote }} + {{- with .Values.ragflow.api.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - mountPath: /ragflow/conf/service_conf.yaml + subPath: service_conf.yaml + name: service-conf-volume + {{- if $localServiceConf }} + - mountPath: /ragflow/conf/local.service_conf.yaml + subPath: local.service_conf.yaml + name: service-conf-volume + {{- end }} + {{- if $llmFactories }} + - mountPath: /ragflow/conf/llm_factories.json + subPath: llm_factories.json + name: service-conf-volume + {{- end }} + {{- with .Values.ragflow.api.deployment.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: service-conf-volume + configMap: + name: ragflow-service-config +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + type: {{ .Values.ragflow.api.service.type }} + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} + {{- if gt (int .Values.ragflow.api.replicaCount) 1 }} + sessionAffinity: ClientIP + {{- end }} + ports: + - name: http + port: {{ .Values.ragflow.api.service.port }} + targetPort: http diff --git a/helm/templates/elasticsearch-config.yaml b/helm/templates/elasticsearch-config.yaml index 49b02b11808..3284395e7ba 100644 --- a/helm/templates/elasticsearch-config.yaml +++ b/helm/templates/elasticsearch-config.yaml @@ -1,4 +1,4 @@ -{{- if eq .Values.env.DOC_ENGINE "elasticsearch" -}} +{{- if and (eq .Values.env.DOC_ENGINE "elasticsearch") (not .Values.externalServices.elasticsearch.enabled) -}} apiVersion: v1 kind: ConfigMap metadata: diff --git a/helm/templates/elasticsearch.yaml b/helm/templates/elasticsearch.yaml index 47dd6bb31af..c2430d7b76b 100644 --- a/helm/templates/elasticsearch.yaml +++ b/helm/templates/elasticsearch.yaml @@ -1,4 +1,4 @@ -{{- if eq .Values.env.DOC_ENGINE "elasticsearch" -}} +{{- if and (eq .Values.env.DOC_ENGINE "elasticsearch") (not .Values.externalServices.elasticsearch.enabled) -}} apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/helm/templates/env.yaml b/helm/templates/env.yaml index bcee9fd0b14..1f848d51ed4 100644 --- a/helm/templates/env.yaml +++ b/helm/templates/env.yaml @@ -13,41 +13,46 @@ stringData: {{ $key }}: {{ quote $val }} {{- end }} {{- end }} - {{- /* - Use host names derived from internal cluster DNS - */}} - REDIS_HOST: {{ printf "%s-redis.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} - MYSQL_HOST: {{ printf "%s-mysql.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} - MINIO_HOST: {{ printf "%s-minio.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} - {{- /* - Fail if passwords are not provided in release values - */}} - REDIS_PASSWORD: {{ .Values.env.REDIS_PASSWORD | required "REDIS_PASSWORD is required" }} - {{- /* - NOTE: MySQL uses MYSQL_ROOT_PASSWORD env var but Ragflow container expects - MYSQL_PASSWORD so we need to define both as the same value here. - */}} - {{- with .Values.env.MYSQL_PASSWORD | required "MYSQL_PASSWORD is required" }} - MYSQL_PASSWORD: {{ . }} - MYSQL_ROOT_PASSWORD: {{ . }} - {{- end }} - {{- with .Values.env.MINIO_PASSWORD | required "MINIO_PASSWORD is required" }} - MINIO_PASSWORD: {{ . }} - MINIO_ROOT_PASSWORD: {{ . }} - {{- end }} - {{- /* - Only provide env vars for enabled doc engine - */}} - {{- if eq .Values.env.DOC_ENGINE "elasticsearch" }} - ES_HOST: {{ printf "%s-es.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} - ELASTIC_PASSWORD: {{ .Values.env.ELASTIC_PASSWORD | required "ELASTIC_PASSWORD is required" }} - {{- else if eq .Values.env.DOC_ENGINE "infinity" }} - INFINITY_HOST: {{ printf "%s-infinity.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} - {{- else if eq .Values.env.DOC_ENGINE "opensearch" }} - OS_HOST: {{ printf "%s-opensearch.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} - OS_PORT: "9201" - OPENSEARCH_PASSWORD: {{ .Values.env.OPENSEARCH_PASSWORD | required "OPENSEARCH_PASSWORD is required" }} - OPENSEARCH_INITIAL_ADMIN_PASSWORD: {{ .Values.env.OPENSEARCH_PASSWORD | required "OPENSEARCH_PASSWORD is required" }} - {{- else }} - {{ fail "env.DOC_ENGINE must be either 'elasticsearch', 'opensearch' or 'infinity'" }} + {{- if not .Values.externalServices.mysql.enabled }} + {{- $mysqlCreds := default (dict) .Values.mysql.credentials }} + {{- with (get $mysqlCreds "password") }} + MYSQL_PASSWORD: {{ . | quote }} + MYSQL_ROOT_PASSWORD: {{ . | quote }} + {{- end }} + {{- with (get $mysqlCreds "name") }} + MYSQL_DBNAME: {{ . | quote }} + {{- end }} + {{- with (get $mysqlCreds "user") }} + MYSQL_USER: {{ . | quote }} + {{- end }} + {{- end }} + {{- if not .Values.externalServices.redis.enabled }} + {{- $redisCreds := default (dict) .Values.redis.credentials }} + {{- with (get $redisCreds "password") }} + REDIS_PASSWORD: {{ . | quote }} + {{- end }} + {{- with (get $redisCreds "db") }} + REDIS_DB: {{ . | quote }} + {{- end }} + {{- end }} + {{- if not .Values.externalServices.s3.enabled }} + {{- $minioCreds := default (dict) .Values.minio.credentials }} + {{- with (get $minioCreds "user") }} + MINIO_ROOT_USER: {{ . | quote }} + {{- end }} + {{- with (get $minioCreds "password") }} + MINIO_ROOT_PASSWORD: {{ . | quote }} + {{- end }} + {{- end }} + {{- if not (hasKey .Values.env "STORAGE_IMPL") }} + STORAGE_IMPL: {{ if .Values.externalServices.s3.enabled }}"AWS_S3"{{ else }}"MINIO"{{ end }} + {{- end }} + {{- if and (eq (default "" .Values.env.DOC_ENGINE) "elasticsearch") (not .Values.externalServices.elasticsearch.enabled) }} + {{- $esCreds := default (dict) .Values.elasticsearch.credentials }} + {{- with (get $esCreds "username") }} + ELASTIC_USERNAME: {{ . | quote }} + {{- end }} + {{- with (get $esCreds "password") }} + ELASTIC_PASSWORD: {{ . | quote }} + {{- end }} {{- end }} diff --git a/helm/templates/frontend.yaml b/helm/templates/frontend.yaml new file mode 100644 index 00000000000..7d49c0e4bc9 --- /dev/null +++ b/helm/templates/frontend.yaml @@ -0,0 +1,198 @@ +{{- $component := "frontend" }} +{{- $name := include "ragflow.componentFullname" (dict "root" . "component" $component) }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + replicas: {{ .Values.ragflow.frontend.replicaCount }} + {{- with .Values.ragflow.frontend.deployment.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ $component }} + template: + metadata: + labels: + {{- include "ragflow.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ $component }} + {{- with .Values.ragflow.frontend.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $globalPullSecrets := .Values.imagePullSecrets }} + {{- $basePullSecrets := .Values.ragflow.image.pullSecrets }} + {{- $frontendImage := default (dict) .Values.ragflow.frontend.image }} + {{- $componentPullSecrets := default list $frontendImage.pullSecrets }} + {{- if or (or $globalPullSecrets $basePullSecrets) $componentPullSecrets }} + imagePullSecrets: + {{- with $globalPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $basePullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $componentPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: {{ $component }} + {{- $imageRepository := default .Values.ragflow.image.repository $frontendImage.repository }} + {{- $imageTag := default .Values.ragflow.image.tag $frontendImage.tag }} + image: {{ printf "%s:%s" $imageRepository $imageTag }} + {{- $pullPolicy := default .Values.ragflow.image.pullPolicy $frontendImage.pullPolicy }} + {{- with $pullPolicy }} + imagePullPolicy: {{ . }} + {{- end }} + command: + - /bin/bash + - -lc + - | + set -eo pipefail + rm -f /var/run/nginx.pid + mkdir -p /var/log/nginx + rm -f /var/log/nginx/access.log /var/log/nginx/error.log + ln -sf /proc/1/fd/1 /var/log/nginx/access.log + ln -sf /proc/1/fd/2 /var/log/nginx/error.log + + calculate_workers() { + local quota="$1" + local period="$2" + if [[ "${quota}" == "max" ]]; then + echo "" + return + fi + if [[ "${quota}" -gt 0 && "${period}" -gt 0 ]]; then + echo $(( (quota + period - 1) / period )) + else + echo "" + fi + } + + detect_worker_processes() { + local workers="" + if [[ -f /sys/fs/cgroup/cpu.max ]]; then + read -r quota period < /sys/fs/cgroup/cpu.max || true + workers=$(calculate_workers "${quota}" "${period}") + elif [[ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ]]; then + quota=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us 2>/dev/null || echo "") + period=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us 2>/dev/null || echo "") + workers=$(calculate_workers "${quota:-0}" "${period:-0}") + fi + + if [[ -z "${workers}" ]]; then + workers=$(nproc 2>/dev/null || echo "") + fi + + if [[ -z "${workers}" || "${workers}" -le 0 ]]; then + workers=1 + fi + + echo "${workers}" + } + + workers="$(detect_worker_processes)" + export NGINX_WORKER_PROCESSES="${workers}" + + tmp_nginx_dir="$(mktemp -d)" + if command -v envsubst >/dev/null 2>&1; then + envsubst '${NGINX_WORKER_PROCESSES}' "${tmp_nginx_dir}/nginx.conf" + else + sed "s|\${NGINX_WORKER_PROCESSES}|${NGINX_WORKER_PROCESSES}|g" /etc/nginx/nginx.conf > "${tmp_nginx_dir}/nginx.conf" + fi + + exec /usr/sbin/nginx -c "${tmp_nginx_dir}/nginx.conf" -g 'daemon off;' + ports: + - name: http + containerPort: 80 + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + {{- with .Values.ragflow.frontend.extraEnv }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- $probes := default (dict) .Values.ragflow.frontend.probes }} + {{- if $probes.liveness }} + livenessProbe: + {{- toYaml $probes.liveness | nindent 12 }} + {{- else }} + livenessProbe: + httpGet: + path: /healthz + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.readiness }} + readinessProbe: + {{- toYaml $probes.readiness | nindent 12 }} + {{- else }} + readinessProbe: + httpGet: + path: /healthz + port: http + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.startup }} + startupProbe: + {{- toYaml $probes.startup | nindent 12 }} + {{- else }} + startupProbe: + httpGet: + path: /healthz + port: http + periodSeconds: 10 + failureThreshold: 30 + {{- end }} + volumeMounts: + - mountPath: /etc/nginx/conf.d/ragflow.conf + subPath: ragflow.conf + name: nginx-config + - mountPath: /etc/nginx/proxy.conf + subPath: proxy.conf + name: nginx-config + - mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + name: nginx-config + {{- with .Values.ragflow.frontend.deployment.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: nginx-config + configMap: + name: nginx-config +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + type: {{ .Values.ragflow.frontend.service.type }} + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} + ports: + - name: http + port: {{ .Values.ragflow.frontend.service.port }} + targetPort: http diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml index 6547b52d9c5..e8d776bbce2 100644 --- a/helm/templates/ingress.yaml +++ b/helm/templates/ingress.yaml @@ -28,14 +28,48 @@ spec: - host: {{ .host | quote }} http: paths: + {{- $pathFlags := dict "hasV1" false }} {{- range .paths }} + {{- if eq .path "/v1" }} + {{- $_ := set $pathFlags "hasV1" true }} + {{- end }} - path: {{ .path }} {{- with .pathType }} pathType: {{ . }} {{- end }} backend: service: - name: {{ $.Release.Name }} + {{- $backend := .backend | default dict }} + {{- if $backend.serviceName }} + name: {{ $backend.serviceName }} + {{- else if $backend.component }} + name: {{ include "ragflow.componentFullname" (dict "root" $ "component" $backend.component) }} + {{- else }} + name: {{ include "ragflow.componentFullname" (dict "root" $ "component" "frontend") }} + {{- end }} + {{- $port := default "http" $backend.port }} + port: + {{- if kindIs "string" $port }} + name: {{ $port }} + {{- else }} + number: {{ $port }} + {{- end }} + {{- end }} + {{- if not ($pathFlags.hasV1) }} + - path: /v1 + pathType: Prefix + backend: + service: + name: {{ include "ragflow.componentFullname" (dict "root" $ "component" "api") }} + port: + name: http + {{- end }} + {{- if $.Values.ragflow.admin.enabled }} + - path: /api/v1/admin + pathType: Prefix + backend: + service: + name: {{ include "ragflow.componentFullname" (dict "root" $ "component" "admin") }} port: name: http {{- end }} diff --git a/helm/templates/mcp.yaml b/helm/templates/mcp.yaml new file mode 100644 index 00000000000..a642b30600d --- /dev/null +++ b/helm/templates/mcp.yaml @@ -0,0 +1,179 @@ +{{- if .Values.ragflow.mcp.enabled }} +{{- $component := "mcp" }} +{{- $name := include "ragflow.componentFullname" (dict "root" . "component" $component) }} +{{- $apiServiceName := include "ragflow.componentFullname" (dict "root" . "component" "api") }} +{{- $defaultBaseUrl := printf "http://%s.%s.svc:%d" $apiServiceName .Release.Namespace (int .Values.ragflow.api.service.port) }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + replicas: {{ .Values.ragflow.mcp.replicaCount }} + {{- with .Values.ragflow.mcp.deployment.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ $component }} + template: + metadata: + labels: + {{- include "ragflow.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ $component }} + {{- with .Values.ragflow.mcp.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $globalPullSecrets := .Values.imagePullSecrets }} + {{- $basePullSecrets := .Values.ragflow.image.pullSecrets }} + {{- $mcpImage := default (dict) .Values.ragflow.mcp.image }} + {{- $componentPullSecrets := default list $mcpImage.pullSecrets }} + {{- if or (or $globalPullSecrets $basePullSecrets) $componentPullSecrets }} + imagePullSecrets: + {{- with $globalPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $basePullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $componentPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- $localServiceConf := .Values.ragflow.service_conf }} + {{- $llmFactories := .Values.ragflow.llm_factories }} + {{- $extraArgs := join " " .Values.ragflow.mcp.extraArgs }} + containers: + - name: {{ $component }} + {{- $imageRepository := default .Values.ragflow.image.repository $mcpImage.repository }} + {{- $imageTag := default .Values.ragflow.image.tag $mcpImage.tag }} + image: {{ printf "%s:%s" $imageRepository $imageTag }} + {{- $pullPolicy := default .Values.ragflow.image.pullPolicy $mcpImage.pullPolicy }} + {{- with $pullPolicy }} + imagePullPolicy: {{ . }} + {{- end }} + command: + - /bin/bash + - -lc + - | + set -eo pipefail + cd /ragflow + export LD_LIBRARY_PATH="/usr/lib/x86_64-linux-gnu/" + PY=python3 + SCRIPT_PATH="/ragflow/mcp/server/server.py" + exec "${PY}" "${SCRIPT_PATH}" \ + --host="0.0.0.0" \ + --port="{{ default 9382 .Values.ragflow.mcp.port }}" \ + --base-url="{{ $defaultBaseUrl }}" \ + --mode="{{ .Values.ragflow.mcp.mode }}" \ + {{- if .Values.ragflow.mcp.hostApiKey }} + --api-key="{{ .Values.ragflow.mcp.hostApiKey }}" \ + {{- else }} + --api-key="" \ + {{- end }} + {{- if not .Values.ragflow.mcp.transport.sse }} + --no-transport-sse-enabled \ + {{- else }} + --transport-sse-enabled \ + {{- end }} + {{- if not .Values.ragflow.mcp.transport.streamableHttp }} + --no-transport-streamable-http-enabled \ + {{- else }} + --transport-streamable-http-enabled \ + {{- end }} + {{- if not .Values.ragflow.mcp.transport.jsonResponse }} + --no-json-response{{- else }} --json-response{{- end }}{{ if $extraArgs }} {{ $extraArgs }}{{ end }} + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + {{- with .Values.ragflow.mcp.extraEnv }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ default 9382 .Values.ragflow.mcp.port }} + {{- $probes := default (dict) .Values.ragflow.mcp.probes }} + {{- if $probes.liveness }} + livenessProbe: + {{- toYaml $probes.liveness | nindent 12 }} + {{- else }} + livenessProbe: + tcpSocket: + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.readiness }} + readinessProbe: + {{- toYaml $probes.readiness | nindent 12 }} + {{- else }} + readinessProbe: + tcpSocket: + port: http + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.startup }} + startupProbe: + {{- toYaml $probes.startup | nindent 12 }} + {{- else }} + startupProbe: + tcpSocket: + port: http + periodSeconds: 10 + failureThreshold: 30 + {{- end }} + volumeMounts: + - mountPath: /ragflow/conf/service_conf.yaml + subPath: service_conf.yaml + name: service-conf-volume + {{- if $localServiceConf }} + - mountPath: /ragflow/conf/local.service_conf.yaml + subPath: local.service_conf.yaml + name: service-conf-volume + {{- end }} + {{- if $llmFactories }} + - mountPath: /ragflow/conf/llm_factories.json + subPath: llm_factories.json + name: service-conf-volume + {{- end }} + {{- with .Values.ragflow.mcp.deployment.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: service-conf-volume + configMap: + name: ragflow-service-config +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + type: {{ .Values.ragflow.mcp.service.type }} + selector: + {{- include "ragflow.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} + ports: + - name: http + port: {{ .Values.ragflow.mcp.service.port }} + targetPort: http +{{- end }} diff --git a/helm/templates/minio.yaml b/helm/templates/minio.yaml index ff8d0ca8986..cea7e3cd403 100644 --- a/helm/templates/minio.yaml +++ b/helm/templates/minio.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.externalServices.s3.enabled }} --- apiVersion: v1 kind: PersistentVolumeClaim @@ -103,3 +104,4 @@ spec: port: 9001 targetPort: console type: {{ .Values.minio.service.type }} +{{- end }} diff --git a/helm/templates/mysql-config.yaml b/helm/templates/mysql-config.yaml index dd8501033d1..749860b6321 100644 --- a/helm/templates/mysql-config.yaml +++ b/helm/templates/mysql-config.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.externalServices.mysql.enabled }} --- apiVersion: v1 kind: ConfigMap @@ -7,3 +8,4 @@ data: init.sql: |- CREATE DATABASE IF NOT EXISTS rag_flow; USE rag_flow; +{{- end }} diff --git a/helm/templates/mysql.yaml b/helm/templates/mysql.yaml index a5998d85bbf..baeac4a824b 100644 --- a/helm/templates/mysql.yaml +++ b/helm/templates/mysql.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.externalServices.mysql.enabled }} --- apiVersion: v1 kind: PersistentVolumeClaim @@ -108,3 +109,4 @@ spec: port: 3306 targetPort: mysql type: {{ .Values.mysql.service.type }} +{{- end }} diff --git a/helm/templates/ragflow.yaml b/helm/templates/ragflow.yaml deleted file mode 100644 index efa0ced9ae4..00000000000 --- a/helm/templates/ragflow.yaml +++ /dev/null @@ -1,119 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "ragflow.fullname" . }} - labels: - {{- include "ragflow.labels" . | nindent 4 }} - app.kubernetes.io/component: ragflow -spec: - replicas: 1 - selector: - matchLabels: - {{- include "ragflow.selectorLabels" . | nindent 6 }} - app.kubernetes.io/component: ragflow - {{- with .Values.ragflow.deployment.strategy }} - strategy: - {{- . | toYaml | nindent 4 }} - {{- end }} - template: - metadata: - labels: - {{- include "ragflow.labels" . | nindent 8 }} - app.kubernetes.io/component: ragflow - annotations: - checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }} - checksum/config-ragflow: {{ include (print $.Template.BasePath "/ragflow_config.yaml") . | sha256sum }} - spec: - {{- if or .Values.imagePullSecrets .Values.ragflow.image.pullSecrets }} - imagePullSecrets: - {{- with .Values.imagePullSecrets }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.ragflow.image.pullSecrets }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - containers: - - name: ragflow - image: {{ .Values.ragflow.image.repository }}:{{ .Values.ragflow.image.tag }} - {{- with .Values.ragflow.image.pullPolicy }} - imagePullPolicy: {{ . }} - {{- end }} - ports: - - containerPort: 80 - name: http - - containerPort: 9380 - name: http-api - volumeMounts: - - mountPath: /etc/nginx/conf.d/ragflow.conf - subPath: ragflow.conf - name: nginx-config-volume - - mountPath: /etc/nginx/proxy.conf - subPath: proxy.conf - name: nginx-config-volume - - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - name: nginx-config-volume - {{- with .Values.ragflow.service_conf }} - - mountPath: /ragflow/conf/local.service_conf.yaml - subPath: local.service_conf.yaml - name: service-conf-volume - {{- end }} - {{- with .Values.ragflow.llm_factories }} - - mountPath: /ragflow/conf/llm_factories.json - subPath: llm_factories.json - name: service-conf-volume - {{- end }} - envFrom: - - secretRef: - name: {{ include "ragflow.fullname" . }}-env-config - {{- with .Values.ragflow.deployment.resources }} - resources: - {{- . | toYaml | nindent 10 }} - {{- end }} - volumes: - - name: nginx-config-volume - configMap: - name: nginx-config - - name: service-conf-volume - configMap: - name: ragflow-service-config ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "ragflow.fullname" . }} - labels: - {{- include "ragflow.labels" . | nindent 4 }} - app.kubernetes.io/component: ragflow -spec: - selector: - {{- include "ragflow.selectorLabels" . | nindent 4 }} - app.kubernetes.io/component: ragflow - ports: - - protocol: TCP - port: 80 - targetPort: http - name: http - type: {{ .Values.ragflow.service.type }} ---- -{{- if .Values.ragflow.api.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-api - labels: - {{- include "ragflow.labels" . | nindent 4 }} - app.kubernetes.io/component: ragflow -spec: - selector: - {{- include "ragflow.selectorLabels" . | nindent 4 }} - app.kubernetes.io/component: ragflow - ports: - - protocol: TCP - port: 80 - targetPort: http-api - name: http-api - type: {{ .Values.ragflow.api.service.type }} -{{- end }} diff --git a/helm/templates/ragflow_config.yaml b/helm/templates/ragflow_config.yaml index 533bd3df9a8..6f527cbd8e9 100644 --- a/helm/templates/ragflow_config.yaml +++ b/helm/templates/ragflow_config.yaml @@ -1,17 +1,120 @@ +{{- $fullname := include "ragflow.fullname" . }} +{{- $namespace := .Release.Namespace }} + +{{- $serviceConf := dict }} + +{{- $mysqlCreds := default (dict) .Values.mysql.credentials }} +{{- $mysqlPassword := default "infini_rag_flow_helm" (get $mysqlCreds "password") }} +{{- $mysqlDb := default "rag_flow" (get $mysqlCreds "name") }} +{{- $mysqlUser := default "root" (get $mysqlCreds "user") }} +{{- $mysqlConf := dict "name" $mysqlDb "user" $mysqlUser "password" $mysqlPassword "host" (printf "%s-mysql.%s.svc" $fullname $namespace) "port" 3306 "max_connections" 900 "stale_timeout" 300 "max_allowed_packet" 1073741824 }} +{{- if .Values.externalServices.mysql.enabled }} + {{- $_ := set $mysqlConf "host" (required "externalServices.mysql.host is required when externalServices.mysql.enabled" .Values.externalServices.mysql.host) }} + {{- if .Values.externalServices.mysql.port }}{{- $_ := set $mysqlConf "port" .Values.externalServices.mysql.port }}{{- end }} + {{- if .Values.externalServices.mysql.name }}{{- $_ := set $mysqlConf "name" .Values.externalServices.mysql.name }}{{- end }} + {{- $extMysqlUser := required "externalServices.mysql.user is required when externalServices.mysql.enabled" .Values.externalServices.mysql.user }} + {{- $extMysqlPassword := required "externalServices.mysql.password is required when externalServices.mysql.enabled" .Values.externalServices.mysql.password }} + {{- $_ := set $mysqlConf "user" $extMysqlUser }} + {{- $_ := set $mysqlConf "password" $extMysqlPassword }} + {{- if .Values.externalServices.mysql.max_connections }}{{- $_ := set $mysqlConf "max_connections" .Values.externalServices.mysql.max_connections }}{{- end }} + {{- if .Values.externalServices.mysql.stale_timeout }}{{- $_ := set $mysqlConf "stale_timeout" .Values.externalServices.mysql.stale_timeout }}{{- end }} + {{- if .Values.externalServices.mysql.max_allowed_packet }}{{- $_ := set $mysqlConf "max_allowed_packet" .Values.externalServices.mysql.max_allowed_packet }}{{- end }} +{{- end }} +{{- $_ := set $serviceConf "mysql" $mysqlConf }} + +{{- $redisCreds := default (dict) .Values.redis.credentials }} +{{- $redisPassword := default "infini_rag_flow_helm" (get $redisCreds "password") }} +{{- $redisDb := default 1 (get $redisCreds "db") }} +{{- $redisConf := dict "host" (printf "%s-redis.%s.svc:6379" $fullname $namespace) "password" $redisPassword "db" $redisDb }} +{{- if .Values.externalServices.redis.enabled }} + {{- $_ := set $redisConf "host" (required "externalServices.redis.host is required when externalServices.redis.enabled" .Values.externalServices.redis.host) }} + {{- if .Values.externalServices.redis.password }}{{- $_ := set $redisConf "password" .Values.externalServices.redis.password }}{{- end }} + {{- if hasKey .Values.externalServices.redis "db" }}{{- $_ := set $redisConf "db" .Values.externalServices.redis.db }}{{- end }} +{{- end }} +{{- $_ := set $serviceConf "redis" $redisConf }} + +{{- if .Values.externalServices.s3.enabled }} + {{- $s3Conf := dict "access_key" "rag_flow" "secret_key" "infini_rag_flow_helm" "endpoint_url" (required "externalServices.s3.endpoint_url is required when externalServices.s3.enabled" .Values.externalServices.s3.endpoint_url) }} + {{- if .Values.externalServices.s3.access_key }}{{- $_ := set $s3Conf "access_key" .Values.externalServices.s3.access_key }}{{- end }} + {{- if .Values.externalServices.s3.secret_key }}{{- $_ := set $s3Conf "secret_key" .Values.externalServices.s3.secret_key }}{{- end }} + {{- if .Values.externalServices.s3.session_token }}{{- $_ := set $s3Conf "session_token" .Values.externalServices.s3.session_token }}{{- end }} + {{- if .Values.externalServices.s3.region_name }}{{- $_ := set $s3Conf "region_name" .Values.externalServices.s3.region_name }}{{- end }} + {{- if and (not .Values.externalServices.s3.region_name) .Values.externalServices.s3.region }}{{- $_ := set $s3Conf "region_name" .Values.externalServices.s3.region }}{{- end }} + {{- if .Values.externalServices.s3.bucket }}{{- $_ := set $s3Conf "bucket" .Values.externalServices.s3.bucket }}{{- end }} + {{- if .Values.externalServices.s3.prefix_path }}{{- $_ := set $s3Conf "prefix_path" .Values.externalServices.s3.prefix_path }}{{- end }} + {{- if .Values.externalServices.s3.signature_version }}{{- $_ := set $s3Conf "signature_version" .Values.externalServices.s3.signature_version }}{{- end }} + {{- if .Values.externalServices.s3.addressing_style }}{{- $_ := set $s3Conf "addressing_style" .Values.externalServices.s3.addressing_style }}{{- end }} + {{- $_ := set $serviceConf "s3" $s3Conf }} +{{- else }} + {{- $minioCreds := default (dict) .Values.minio.credentials }} + {{- $minioUser := default "rag_flow" (get $minioCreds "user") }} + {{- $minioPassword := default "infini_rag_flow_helm" (get $minioCreds "password") }} + {{- $minioConf := dict "user" $minioUser "password" $minioPassword "host" (printf "%s-minio.%s.svc:9000" $fullname $namespace) }} + {{- $_ := set $serviceConf "minio" $minioConf }} +{{- end }} + +{{- $docEngine := default "" .Values.env.DOC_ENGINE }} +{{- if eq $docEngine "elasticsearch" }} + {{- $esCreds := default (dict) .Values.elasticsearch.credentials }} + {{- $esUsername := default "elastic" (get $esCreds "username") }} + {{- $esPassword := default "infini_rag_flow_helm" (get $esCreds "password") }} + {{- $esConf := dict "hosts" (printf "http://%s-es.%s.svc:9200" $fullname $namespace) "username" $esUsername "password" $esPassword }} + {{- if .Values.externalServices.elasticsearch.enabled }} + {{- $_ := set $esConf "hosts" (required "externalServices.elasticsearch.hosts is required when externalServices.elasticsearch.enabled" .Values.externalServices.elasticsearch.hosts) }} + {{- if .Values.externalServices.elasticsearch.username }} + {{- $_ := set $esConf "username" .Values.externalServices.elasticsearch.username }} + {{- end }} + {{- if .Values.externalServices.elasticsearch.password }} + {{- $_ := set $esConf "password" .Values.externalServices.elasticsearch.password }} + {{- end }} + {{- end }} + {{- $_ := set $serviceConf "es" $esConf }} +{{- else if eq $docEngine "opensearch" }} + {{- $osConf := dict "hosts" (printf "http://%s-opensearch.%s.svc:9201" $fullname $namespace) "username" "admin" "password" "infini_rag_flow_OS_01" }} + {{- $_ := set $serviceConf "os" $osConf }} +{{- else if eq $docEngine "infinity" }} + {{- $infinityConf := dict "uri" (printf "%s-infinity.%s.svc:23817" $fullname $namespace) "db_name" "default_db" }} + {{- $_ := set $serviceConf "infinity" $infinityConf }} +{{- end }} + +{{- $hasServiceConf := gt (len $serviceConf) 0 }} +{{- $hasLocalConf := .Values.ragflow.service_conf }} +{{- $hasLlmFactories := .Values.ragflow.llm_factories }} + +{{- if or $hasServiceConf $hasLocalConf $hasLlmFactories }} --- apiVersion: v1 kind: ConfigMap metadata: name: ragflow-service-config data: - {{- with .Values.ragflow.service_conf }} + {{- if $hasLocalConf }} local.service_conf.yaml: | - {{- . | toYaml | nindent 4 }} + {{- .Values.ragflow.service_conf | toYaml | nindent 4 }} {{- end }} - {{- with .Values.ragflow.llm_factories }} + {{- if $hasServiceConf }} + service_conf.yaml: | + ragflow: + host: 0.0.0.0 + http_port: 9380 + admin: + host: 0.0.0.0 + http_port: 9381 + {{- $serviceConf | toYaml | nindent 4 }} + {{- end }} + {{- if $hasLlmFactories }} llm_factories.json: | - {{- . | toPrettyJson | nindent 4 }} + {{- .Values.ragflow.llm_factories | toPrettyJson | nindent 4 }} {{- end }} +{{- end }} +--- +{{- $apiServiceName := include "ragflow.componentFullname" (dict "root" . "component" "api") }} +{{- $apiServiceUrl := printf "http://%s.%s.svc:%d" $apiServiceName .Release.Namespace (int .Values.ragflow.api.service.port) }} +{{- $adminServiceUrl := "" }} +{{- if .Values.ragflow.admin.enabled }} +{{- $adminServiceName := include "ragflow.componentFullname" (dict "root" . "component" "admin") }} +{{- $adminServiceUrl = printf "http://%s.%s.svc:%d" $adminServiceName .Release.Namespace (int .Values.ragflow.admin.service.port) }} +{{- end }} --- apiVersion: v1 kind: ConfigMap @@ -31,10 +134,24 @@ data: gzip_vary on; gzip_disable "MSIE [1-6]\."; + location = /healthz { + access_log off; + add_header Content-Type text/plain; + return 200 "ok\n"; + } + + {{- if not .Values.ingress.enabled }} location ~ ^/(v1|api) { - proxy_pass http://localhost:9380; + proxy_pass {{ $apiServiceUrl }}; + include proxy.conf; + } +{{- if .Values.ragflow.admin.enabled }} + location ~ ^/api/v1/admin { + proxy_pass {{ $adminServiceUrl }}; include proxy.conf; } + {{- end }} + {{- end }} location / { index index.html; @@ -49,6 +166,7 @@ data: } proxy.conf: | proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_http_version 1.1; @@ -58,7 +176,7 @@ data: proxy_send_timeout 3600s; nginx.conf: | user root; - worker_processes auto; + worker_processes ${NGINX_WORKER_PROCESSES}; error_log /var/log/nginx/error.log notice; pid /var/run/nginx.pid; diff --git a/helm/templates/redis.yaml b/helm/templates/redis.yaml index 2d382f3fa9d..6a3215fbadd 100644 --- a/helm/templates/redis.yaml +++ b/helm/templates/redis.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.externalServices.redis.enabled }} --- apiVersion: v1 kind: Service @@ -131,3 +132,4 @@ spec: matchLabels: {{- include "ragflow.selectorLabels" . | nindent 6 }} app.kubernetes.io/component: redis +{{- end }} diff --git a/helm/templates/tests/test-connection.yaml b/helm/templates/tests/test-connection.yaml index f3d3a48413f..75a1496493e 100644 --- a/helm/templates/tests/test-connection.yaml +++ b/helm/templates/tests/test-connection.yaml @@ -13,5 +13,6 @@ spec: command: - 'wget' args: - - {{ printf "%s.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }} + - -qO- + - {{ printf "http://%s.%s.svc:%d/v1/system/ping" (include "ragflow.componentFullname" (dict "root" . "component" "api")) .Release.Namespace (int .Values.ragflow.api.service.port) }} restartPolicy: Never diff --git a/helm/templates/worker.yaml b/helm/templates/worker.yaml new file mode 100644 index 00000000000..3e21272241e --- /dev/null +++ b/helm/templates/worker.yaml @@ -0,0 +1,167 @@ +{{- $component := "worker" }} +{{- $name := include "ragflow.componentFullname" (dict "root" . "component" $component) }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $name }} + labels: + {{- include "ragflow.labels" . | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + replicas: {{ .Values.ragflow.worker.replicaCount }} + {{- with .Values.ragflow.worker.deployment.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + selector: + matchLabels: + {{- include "ragflow.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: {{ $component }} + template: + metadata: + labels: + {{- include "ragflow.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: {{ $component }} + {{- with .Values.ragflow.worker.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $globalPullSecrets := .Values.imagePullSecrets }} + {{- $basePullSecrets := .Values.ragflow.image.pullSecrets }} + {{- $workerImage := default (dict) .Values.ragflow.worker.image }} + {{- $componentPullSecrets := default list $workerImage.pullSecrets }} + {{- if or (or $globalPullSecrets $basePullSecrets) $componentPullSecrets }} + imagePullSecrets: + {{- with $globalPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $basePullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $componentPullSecrets }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- $localServiceConf := .Values.ragflow.service_conf }} + {{- $llmFactories := .Values.ragflow.llm_factories }} + {{- $consumerRange := .Values.ragflow.worker.consumerRange }} + {{- $rangeEnabled := and $consumerRange $consumerRange.enabled }} + {{- $consumeBegin := default 0 (and $consumerRange $consumerRange.begin) }} + containers: + - name: {{ $component }} + {{- $imageRepository := default .Values.ragflow.image.repository $workerImage.repository }} + {{- $imageTag := default .Values.ragflow.image.tag $workerImage.tag }} + image: {{ printf "%s:%s" $imageRepository $imageTag }} + {{- $pullPolicy := default .Values.ragflow.image.pullPolicy $workerImage.pullPolicy }} + {{- with $pullPolicy }} + imagePullPolicy: {{ . }} + {{- end }} + command: + - /bin/bash + - -lc + - | + set -eo pipefail + cd /ragflow + : "${POD_NAME:=$(hostname)}" + + export LD_LIBRARY_PATH="/usr/lib/x86_64-linux-gnu/" + PY=python3 + JEMALLOC_PATH="$(pkg-config --variable=libdir jemalloc)/libjemalloc.so" + HOST_ID="${HOST_ID:-${POD_NAME}}" + CONSUMER_NO=0 + USE_RANGE={{ ternary "1" "0" $rangeEnabled }} + if [[ "${USE_RANGE}" -eq 1 ]]; then + CONSUMER_BEGIN={{ $consumeBegin }} + CONSUMER_NO="${CONSUMER_BEGIN}" + fi + + declare -a ARGS +{{- range $arg := .Values.ragflow.worker.extraArgs }} + ARGS+=({{ $arg | quote }}) +{{- end }} + + exec env LD_PRELOAD="${JEMALLOC_PATH}" "${PY}" rag/svr/task_executor.py "${HOST_ID}_${CONSUMER_NO}" "${ARGS[@]}" + envFrom: + - secretRef: + name: {{ include "ragflow.fullname" . }}-env-config + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + {{- with .Values.ragflow.worker.extraEnv }} +{{- toYaml . | nindent 12 }} + {{- end }} + {{- $probes := default (dict) .Values.ragflow.worker.probes }} + {{- if $probes.liveness }} + livenessProbe: + {{- toYaml $probes.liveness | nindent 12 }} + {{- else }} + livenessProbe: + exec: + command: + - /bin/bash + - -lc + - | + ps -p 1 -o cmd= | grep -q "rag/svr/task_executor.py" + initialDelaySeconds: 30 + periodSeconds: 15 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.readiness }} + readinessProbe: + {{- toYaml $probes.readiness | nindent 12 }} + {{- else }} + readinessProbe: + exec: + command: + - /bin/bash + - -lc + - | + ps -p 1 -o cmd= | grep -q "rag/svr/task_executor.py" + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + {{- end }} + {{- if $probes.startup }} + startupProbe: + {{- toYaml $probes.startup | nindent 12 }} + {{- else }} + startupProbe: + exec: + command: + - /bin/bash + - -lc + - | + ps -p 1 -o cmd= | grep -q "rag/svr/task_executor.py" + periodSeconds: 10 + failureThreshold: 30 + {{- end }} + volumeMounts: + - mountPath: /ragflow/conf/service_conf.yaml + subPath: service_conf.yaml + name: service-conf-volume + {{- if $localServiceConf }} + - mountPath: /ragflow/conf/local.service_conf.yaml + subPath: local.service_conf.yaml + name: service-conf-volume + {{- end }} + {{- if $llmFactories }} + - mountPath: /ragflow/conf/llm_factories.json + subPath: llm_factories.json + name: service-conf-volume + {{- end }} + {{- with .Values.ragflow.worker.deployment.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: service-conf-volume + configMap: + name: ragflow-service-config diff --git a/helm/values.yaml b/helm/values.yaml index 3e2b96b4f3f..f4835554b0e 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -1,98 +1,148 @@ -# Based on docker compose .env file - -# Global image pull secrets configuration imagePullSecrets: [] - env: - # The type of doc engine to use. - # Available options: - # - `elasticsearch` (default) - # - `infinity` (https://github.com/infiniflow/infinity) - # - `opensearch` (https://github.com/opensearch-project/OpenSearch) - # DOC_ENGINE: elasticsearch DOC_ENGINE: infinity - # DOC_ENGINE: opensearch - - # The version of Elasticsearch. - STACK_VERSION: "8.11.3" - - # The password for Elasticsearch - ELASTIC_PASSWORD: infini_rag_flow_helm - - # The password for OpenSearch. - # At least one uppercase letter, one lowercase letter, one digit, and one special character - OPENSEARCH_PASSWORD: infini_rag_flow_OS_01 - - # The password for MySQL - MYSQL_PASSWORD: infini_rag_flow_helm - # The database of the MySQL service to use - MYSQL_DBNAME: rag_flow - - # The username for MinIO. - MINIO_ROOT_USER: rag_flow - # The password for MinIO - MINIO_PASSWORD: infini_rag_flow_helm - - # The password for Redis - REDIS_PASSWORD: infini_rag_flow_helm - - # The local time zone. - TZ: "Asia/Shanghai" - - # Uncomment the following line if you have limited access to huggingface.co: - # HF_ENDPOINT: https://hf-mirror.com - - # The maximum file size for each uploaded file, in bytes. - # You can uncomment this line and update the value if you wish to change 128M file size limit - # MAX_CONTENT_LENGTH: "134217728" - # After making the change, ensure you update `client_max_body_size` in nginx/nginx.conf correspondingly. - - # The number of document chunks processed in a single batch during document parsing. + STACK_VERSION: 8.11.3 + TZ: Asia/Shanghai DOC_BULK_SIZE: 4 - - # The number of text chunks processed in a single batch during embedding vectorization. EMBEDDING_BATCH_SIZE: 16 - +externalServices: + redis: + enabled: false + host: 'redis:6379' + password: 'password' + db: 1 + mysql: + enabled: false + name: 'rag_flow' + user: 'root' + password: 'password' + host: 'mysql' + port: 3306 + max_connections: 900 + stale_timeout: 300 + max_allowed_packet: 1073741824 + s3: + enabled: false + access_key: '' + secret_key: '' + session_token: '' + region_name: '' + endpoint_url: '' + bucket: '' + prefix_path: '' + signature_version: '' + addressing_style: '' + elasticsearch: + enabled: false + hosts: 'http://elasticsearch:9200' + username: 'elastic' + password: 'password' ragflow: image: repository: infiniflow/ragflow tag: v0.21.1-slim pullPolicy: IfNotPresent pullSecrets: [] - # Optional service configuration overrides - # to be written to local.service_conf.yaml - # inside the RAGFlow container - # https://ragflow.io/docs/dev/configurations#service-configuration - service_conf: - - # Optional yaml formatted override for the - # llm_factories.json file inside the RAGFlow - # container. - llm_factories: - # factory_llm_infos: - # - name: OpenAI-API-Compatible - # logo: "" - # tags: "LLM,TEXT EMBEDDING,SPEECH2TEXT,MODERATION" - # status: "1" - # llm: - # - llm_name: my-custom-llm - # tags: "LLM,CHAT," - # max_tokens: 100000 - # model_type: chat - # is_tools: false - - # Kubernetes configuration - deployment: - strategy: - resources: - service: - # Use LoadBalancer to expose the web interface externally - type: ClusterIP + service_conf: null + llm_factories: null + frontend: + replicaCount: 2 + deployment: + strategy: null + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 200m + memory: 200Mi + podAnnotations: {} + probes: {} + service: + type: ClusterIP + port: 80 api: + debug: false + replicaCount: 2 + deployment: + strategy: null + resources: + limits: + cpu: '1' + memory: 2Gi + requests: + cpu: 500m + memory: 1Gi + podAnnotations: {} + extraEnv: [] + extraArgs: [] + probes: {} + service: + type: ClusterIP + port: 80 + worker: + replicaCount: 2 + deployment: + strategy: null + resources: + limits: + cpu: '2' + memory: 4Gi + requests: + cpu: '1' + memory: 2Gi + podAnnotations: {} + consumerRange: + enabled: false + begin: 0 + extraArgs: [] + extraEnv: [] + probes: {} + admin: + enabled: false + debug: false + replicaCount: 1 + deployment: + strategy: null + resources: + limits: + cpu: '1' + memory: 2Gi + requests: + cpu: 500m + memory: 1Gi + podAnnotations: {} + extraArgs: [] + extraEnv: [] + probes: {} + service: + type: ClusterIP + port: 80 + mcp: + enabled: false + replicaCount: 1 + deployment: + strategy: null + resources: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: '1' + memory: 1Gi + podAnnotations: {} + mode: self-host + hostApiKey: '' + transport: + sse: true + streamableHttp: true + jsonResponse: true + extraArgs: [] + extraEnv: [] + probes: {} service: - enabled: true type: ClusterIP - + port: 80 infinity: image: repository: infiniflow/infinity @@ -100,18 +150,20 @@ infinity: pullPolicy: IfNotPresent pullSecrets: [] storage: - className: + className: null capacity: 5Gi deployment: - strategy: - resources: + strategy: null + resources: null service: type: ClusterIP - elasticsearch: + credentials: + username: elastic + password: infini_rag_flow_helm image: repository: elasticsearch - tag: "8.11.3" + tag: 8.11.3 pullPolicy: IfNotPresent pullSecrets: [] initContainers: @@ -124,17 +176,16 @@ elasticsearch: tag: latest pullPolicy: IfNotPresent storage: - className: + className: null capacity: 20Gi deployment: - strategy: + strategy: null resources: requests: - cpu: "4" - memory: "16Gi" + cpu: '4' + memory: 16Gi service: type: ClusterIP - opensearch: image: repository: opensearchproject/opensearch @@ -151,84 +202,90 @@ opensearch: tag: latest pullPolicy: IfNotPresent storage: - className: + className: null capacity: 20Gi deployment: - strategy: + strategy: null resources: requests: - cpu: "4" - memory: "16Gi" + cpu: '4' + memory: 16Gi service: type: ClusterIP - minio: + credentials: + user: rag_flow + password: infini_rag_flow_helm image: repository: quay.io/minio/minio tag: RELEASE.2023-12-20T01-00-02Z pullPolicy: IfNotPresent pullSecrets: [] storage: - className: + className: null capacity: 5Gi deployment: - strategy: - resources: + strategy: null + resources: null service: type: ClusterIP - mysql: + credentials: + name: rag_flow + user: root + password: infini_rag_flow_helm image: repository: mysql tag: 8.0.39 pullPolicy: IfNotPresent pullSecrets: [] storage: - className: + className: null capacity: 5Gi deployment: - strategy: - resources: + strategy: null + resources: null service: type: ClusterIP - redis: + credentials: + password: infini_rag_flow_helm + db: 1 image: repository: valkey/valkey tag: 8 pullPolicy: IfNotPresent pullSecrets: [] storage: - className: + className: null capacity: 5Gi persistence: enabled: true - # Set's the retention policy for the persistent storage (only available in k8s 1.32 or later) - # https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - # retentionPolicy: - # whenDeleted: Delete - # whenScaled: Delete deployment: - strategy: - resources: + strategy: null + resources: null service: type: ClusterIP - - -# This block is for setting up web service ingress. For more information, see: -# https://kubernetes.io/docs/concepts/services-networking/ingress/ ingress: enabled: false - className: "" + className: '' annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific + - host: chart-example.local + paths: + - path: / + pathType: Prefix + backend: + component: frontend + port: http + - path: /api + pathType: Prefix + backend: + component: api + port: http + - path: /v1 + pathType: Prefix + backend: + component: api + port: http tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local