A Helm chart for Obot
To install the chart with the release name obot
:
helm repo add obot https://charts.obot.ai
helm install obot obot/obot
This chart defaults to the open source version of Obot.
If you want to use the enterprise version of Obot instead, set image.repository
to ghcr.io/obot-platform/obot-enterprise
. To install this version, you must create an imagePullSecret and configure that in the chart.
Key | Type | Default | Description |
---|---|---|---|
config.AWS_ACCESS_KEY_ID | string | "" |
An AWS access key with permissions for AWS KMS, used for encryption |
config.AWS_REGION | string | "" |
An AWS region, used to access AWS KMS |
config.AWS_SECRET_ACCESS_KEY | string | "" |
An AWS secret access key with permissions for AWS KMS, used for encryption |
config.GITHUB_AUTH_TOKEN | string | "" |
A github PAT, used to authenticate tool pulls to avoid github ratelimiting |
config.KINM_DB_CONNECTIONS | string | "5" |
Advanced - the number of connections in the database pool for kinm |
config.NAH_THREADINESS | string | "10000" |
Advanced - sets the number of concurrent threads that can run in the Obot controller |
config.OBOT_BOOTSTRAP_TOKEN | string | "" |
Sets a bootstrap token. If authentication is enabled, one will be autogenerated for you if this is not set. |
config.OBOT_GCP_KMS_KEY_URI | string | "" |
The URI of a Google Cloud KMS key, used for encryption |
config.OBOT_SERVER_AUDIT_LOGS_COMPRESS_FILE | bool | true |
Whether to compress audit log files |
config.OBOT_SERVER_AUDIT_LOGS_MODE | string | "off" |
Configures the storage backend for audit logs in Obot. Can be 'off', 'disk', or 's3' |
config.OBOT_SERVER_AUDIT_LOGS_STORE_S3BUCKET | string | "" |
The name of the S3 bucket to store audit logs in. Only used if config.OBOT_SERVER_AUDIT_LOGS_MODE is 's3' |
config.OBOT_SERVER_AUDIT_LOGS_STORE_S3ENDPOINT | string | "" |
If config.OBOT_SERVER_AUDIT_LOGS_MODE is 's3' and you are not using AWS S3, this needs to be set to the S3 api endpoint of your provider. |
config.OBOT_SERVER_AUDIT_LOGS_USE_PATH_STYLE | bool | false |
Whether to use path style for S3 |
config.OBOT_SERVER_AUTH_ADMIN_EMAILS | string | "" |
A comma separated list of email addresses that will have the Admin role in Obot. |
config.OBOT_SERVER_DISALLOW_LOCALHOST_MCP | string | "" |
disallow MCP servers that try to connect to localhost. Defaults to false. |
config.OBOT_SERVER_DSN | string | "" |
The DSN for your database. For example: postgres://:@/<db_name> |
config.OBOT_SERVER_ENABLE_AUTHENTICATION | bool | false |
Enables authentication for Obot |
config.OBOT_SERVER_ENCRYPTION_CONFIG_FILE | string | "" |
The path to a file containing the encryption configuration. Only used if config.OBOT_SERVER_ENCRYPTION_PROVIDER is 'custom' |
config.OBOT_SERVER_ENCRYPTION_KEY | string | "" |
The key to use for encryption. Only used if config.OBOT_SERVER_ENCRYPTION_PROVIDER is 'custom'. A key can be generated with openssl rand -base64 32 |
config.OBOT_SERVER_ENCRYPTION_PROVIDER | string | "" |
Configures an encryption provider for credentials in Obot |
config.OBOT_SERVER_HOSTNAME | string | "" |
The hostname of your Obot instance, including protocol |
config.OBOT_SERVER_KNOWLEDGE_FILE_WORKERS | string | "5" |
Advanced - sets the number of workers for knowledge |
config.OBOT_SERVER_MCPBASE_IMAGE | string | "ghcr.io/obot-platform/mcp-images-phat:main" |
Deploy MCP servers in the cluster using this base image. Setting this value will also create the necessary service account, role and rolebinding. |
config.OBOT_SERVER_MCPCLUSTER_DOMAIN | string | "" |
The cluster domain to use for MCP services. Defaults to cluster.local. Only matters if the above image is set. |
config.OBOT_SERVER_OTEL_BASE_EXPORT_ENDPOINT | string | "" |
The base export endpoint for OpenTelemetry |
config.OBOT_SERVER_OTEL_BEARER_TOKEN | string | "" |
The bearer token for authentication with OpenTelemetry |
config.OBOT_SERVER_OTEL_SAMPLE_PROB | string | "" |
The sampling probability for OpenTelemetry |
config.OBOT_SERVER_RETENTION_POLICY_HOURS | string | "" |
The retention policy for the system. Set to 0 to disable retention. Default is 2160 (90 days) if left blank. This field should just be a number in a string, no h suffix. |
config.OPENAI_API_KEY | string | "" |
An OpenAI API Key used to configure access to OpenAI models, which are the default in Obot. |
config.existingSecret | string | "" |
The name of an existing secret to use for config instead of creating a new one. Must contain keys in env format, just like below. OBOT_SERVER_MCPNAMESPACE is automatically added to the secret if config.OBOT_SERVER_MCPBASE_IMAGE is set. |
extraEnv | object | {} |
A map of additional environment variables to set |
extraEnvFrom | list | [] |
A list of additional environment variables to set from a secret |
extraVolumeMounts | list | [] |
A list of additional volume mounts to create |
extraVolumes | list | [] |
A list of additional volumes to create |
image.pullPolicy | string | "IfNotPresent" |
Kubernetes image pullPolicy to use for Obot |
image.repository | string | "ghcr.io/obot-platform/obot" |
The name of the docker repository for Obot. ghcr.io/obot-platform/obot for open-source or ghcr.io/obot-platform/obot-enterprise for enterprise. Please note that for enterprise you will need to set an imagePullSecret |
image.tag | string | "" |
The docker tag to pull for obot. If blank, will default to the chart appVersion |
imagePullSecrets | list | [] |
Configures kubernetes secrets to use for pulling private images. Expects a list of objects. imagePullSecrets:[{"name": "fooBar"}] |
ingress.annotations | object | {} |
Configure annotations to add to the ingress object |
ingress.className | string | nil |
Configures a preexisting ingress class to use. |
ingress.enabled | bool | false |
Enables ingress creation for Obot. |
ingress.extraPaths | list | [] |
Define complete path objects, will be inserted before regular paths. Can be useful for things like ALB Ingress Controller actions |
ingress.hosts | list | [] |
List of hostnames to configure the ingress with |
ingress.paths[0].path | string | "/" |
|
ingress.paths[0].pathType | string | "Prefix" |
|
ingress.tls | list | [] |
List of secrets used to configure TLS for the ingress. |
mcpNamespace.annotations."argocd.argoproj.io/sync-wave" | string | "-1" |
|
mcpNamespace.name | string | "" |
The namespace in which to deploy the MCP servers. Will only be created if config.OBOT_SERVER_MCPBASE_IMAGE image is set. Defaults to {{ .Release.Name }}-mcp |
persistence.accessModes | list | ["ReadWriteOnce"] |
Persistent Volume access modes |
persistence.enabled | bool | true |
Enables persistence using a PVC |
persistence.existingClaim | string | "" |
|
persistence.path | string | "/data" |
The path the volume will be mounted |
persistence.size | string | "8Gi" |
e Persistent Volume size |
persistence.storageClass | string | "" |
Persistent Volume storage class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner |
replicaCount | int | 1 |
The number of Obot server instances to run |
resources | object | {} |
Resource requests and limits to use for Obot |
service.annotations | object | {} |
Extra annotations to add to service object |
service.port | int | 80 |
Port for the Kubernetes service to expose |
service.spec | object | {} |
Any extra fields to add to the service object spec |
service.type | string | "ClusterIP" |
Type of Kubernetes service to create |
serviceAccount.annotations | object | {} |
|
serviceAccount.create | bool | true |
|
serviceAccount.name | string | "" |
|
updateStrategy | string | "RollingUpdate" |
Configures what update strategy to use for the deployment (Recreate or RollingUpdate) |
This repo will be updated automatically whenever there is a release of Obot (and by extension, the helm chart). The GitHub Actions that control this can be found here.
You can manually update the documentation in this readme using helm-docs
. If you have both the charts
and obot
repos checked out in the same folder, you can use this command:
helm-docs -c ../obot/chart -o '../../charts/README.md' --template-files '../../charts/README.md.gotmpl'
The template for the readme is ./README.md.gotmpl