first cut at redis (#2226)

* first cut at redis

* fix startup dependencies on redis

* kombu cleanup - fail silently

* mypy

* add redis_host environment override

* update REDIS_HOST env var in docker-compose.dev.yml

* update the rest of the docker files

* update contributing guide

* renaming cache to cache_volume

* add redis password to various deployments

* try setting up pr testing for helm

* fix indent

* hopefully this release version actually exists

* fix command line option to --chart-dirs

* fetch-depth 0

* edit values.yaml

* try setting ct working directory

* bypass testing only on change for now

* move files and lint them

* update helm testing

* some issues suggest using --config works

* add vespa repo

* add postgresql repo

* increase timeout

* try amd64 runner

* fix redis password reference

* add comment to helm chart testing workflow

* rename helm testing workflow to disable it

---------

Co-authored-by: Richard Kuo <rkuo@rkuo.com>

deployment/helm/charts/danswer/.gitignore

@@ -0,0 +1,3 @@
+### Helm ###
+# Chart dependencies
+**/charts/*.tgz

deployment/helm/charts/danswer/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

deployment/helm/charts/danswer/Chart.lock

@@ -0,0 +1,12 @@
+dependencies:
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 14.3.1
+- name: vespa
+  repository: https://unoplat.github.io/vespa-helm-charts
+  version: 0.2.3
+- name: nginx
+  repository: oci://registry-1.docker.io/bitnamicharts
+  version: 15.14.0
+digest: sha256:ab17b5d2c3883055cb4a26bf530043521be5220c24f804e954bb428273d16ba8
+generated: "2024-05-24T16:55:30.598279-07:00"

deployment/helm/charts/danswer/Chart.yaml

@@ -0,0 +1,32 @@
+apiVersion: v2
+name: danswer-stack
+description: A Helm chart for Kubernetes
+home: https://www.danswer.ai/
+sources:
+  - "https://github.com/danswer-ai/danswer"
+type: application
+version: 0.2.0
+appVersion: "latest"
+annotations:
+  category: Productivity
+  licenses: MIT
+  images: |
+    - name: webserver
+      image: docker.io/danswer/danswer-web-server:latest
+    - name: background
+      image: docker.io/danswer/danswer-backend:latest
+    - name: vespa
+      image: vespaengine/vespa:8.277.17
+dependencies:
+  - name: postgresql
+    version: 14.3.1
+    repository: https://charts.bitnami.com/bitnami
+    condition: postgresql.enabled
+  - name: vespa
+    version: 0.2.3
+    repository: https://unoplat.github.io/vespa-helm-charts
+    condition: vespa.enabled
+  - name: nginx
+    version: 15.14.0
+    repository: oci://registry-1.docker.io/bitnamicharts
+    condition: nginx.enabled

deployment/helm/charts/danswer/templates/_helpers.tpl

@@ -0,0 +1,83 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "danswer-stack.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "danswer-stack.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "danswer-stack.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "danswer-stack.labels" -}}
+helm.sh/chart: {{ include "danswer-stack.chart" . }}
+{{ include "danswer-stack.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "danswer-stack.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "danswer-stack.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "danswer-stack.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "danswer-stack.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Set secret name
+*/}}
+{{- define "danswer-stack.secretName" -}}
+{{- default (default "danswer-secrets" .Values.auth.secretName) .Values.auth.existingSecret }}
+{{- end }}
+
+{{/*
+Create env vars from secrets
+*/}}
+{{- define "danswer-stack.envSecrets" -}}
+    {{- range $name, $key := .Values.auth.secretKeys }}
+- name: {{ $name | upper | replace "-" "_" | quote }}
+  valueFrom:
+    secretKeyRef:
+      name: {{ include "danswer-stack.secretName" $ }}
+      key: {{ default $name $key }}
+    {{- end }}
+{{- end }}
+

deployment/helm/charts/danswer/templates/api-deployment.yaml

@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-api-deployment
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.api.autoscaling.enabled }}
+  replicas: {{ .Values.api.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "danswer-stack.selectorLabels" . | nindent 6 }}
+      {{- if .Values.api.deploymentLabels }}
+      {{- toYaml .Values.api.deploymentLabels | nindent 6 }}
+      {{- end }}
+  template:
+    metadata:
+      {{- with .Values.api.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "danswer-stack.labels" . | nindent 8 }}
+        {{- with .Values.api.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "danswer-stack.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.api.podSecurityContext | nindent 8 }}
+      containers:
+        - name: api-server
+          securityContext:
+            {{- toYaml .Values.api.securityContext | nindent 12 }}
+          image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.api.image.pullPolicy }}
+          command:
+            - "/bin/sh"
+            - "-c"
+            - |
+              alembic upgrade head &&
+              echo "Starting Danswer Api Server" &&
+              uvicorn danswer.main:app --host 0.0.0.0 --port 8080
+          ports:
+            - name: api-server-port
+              containerPort: {{ .Values.api.service.port }}
+              protocol: TCP
+          resources:
+            {{- toYaml .Values.api.resources | nindent 12 }}
+          envFrom:
+            - configMapRef:
+                name: {{ .Values.config.envConfigMapName }}
+          env:
+            {{- include "danswer-stack.envSecrets" . | nindent 12}}

deployment/helm/charts/danswer/templates/api-hpa.yaml

@@ -0,0 +1,32 @@
+{{- if .Values.api.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-api
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "danswer-stack.fullname" . }}
+  minReplicas: {{ .Values.api.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.api.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.api.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.api.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.api.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.api.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}

deployment/helm/charts/danswer/templates/api-service.yaml

@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: Service
+metadata:
+  # INTERNAL_URL env variable depends on this, don't change without changing INTERNAL_URL
+  name: {{ include "danswer-stack.fullname" . }}-api-service
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+    {{- if .Values.api.deploymentLabels }}
+    {{- toYaml .Values.api.deploymentLabels | nindent 4 }}
+    {{- end }}
+spec:
+  type: {{ .Values.api.service.type }}
+  ports:
+    - port: {{ .Values.api.service.port }}
+      targetPort: api-server-port
+      protocol: TCP
+      name: api-server-port
+  selector:
+    {{- include "danswer-stack.selectorLabels" . | nindent 4 }}
+    {{- if .Values.api.deploymentLabels }}
+    {{- toYaml .Values.api.deploymentLabels | nindent 4 }}
+    {{- end }}

deployment/helm/charts/danswer/templates/background-deployment.yaml

@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-background
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.background.autoscaling.enabled }}
+  replicas: {{ .Values.background.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "danswer-stack.selectorLabels" . | nindent 6 }}
+      {{- if .Values.background.deploymentLabels }}
+      {{- toYaml .Values.background.deploymentLabels | nindent 6 }}
+      {{- end }}
+  template:
+    metadata:
+      {{- with .Values.background.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "danswer-stack.labels" . | nindent 8 }}
+        {{- with .Values.background.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "danswer-stack.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.background.podSecurityContext | nindent 8 }}
+      containers:
+        - name: background
+          securityContext:
+            {{- toYaml .Values.background.securityContext | nindent 12 }}
+          image: "{{ .Values.background.image.repository }}:{{ .Values.background.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.background.image.pullPolicy }}
+          command: ["/usr/bin/supervisord"]
+          resources:
+            {{- toYaml .Values.background.resources | nindent 12 }}
+          envFrom:
+            - configMapRef:
+                name: {{ .Values.config.envConfigMapName }}
+          env:
+            - name: ENABLE_MULTIPASS_INDEXING
+              value: "{{ .Values.background.enableMiniChunk }}"
+            {{- include "danswer-stack.envSecrets" . | nindent 12}}

deployment/helm/charts/danswer/templates/background-hpa.yaml

@@ -0,0 +1,32 @@
+{{- if .Values.background.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-background
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "danswer-stack.fullname" . }}
+  minReplicas: {{ .Values.background.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.background.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.background.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.background.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.background.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.background.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}

deployment/helm/charts/danswer/templates/configmap.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.config.envConfigMapName }}
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+data:
+  INTERNAL_URL: "http://{{ include "danswer-stack.fullname" . }}-api-service:{{ .Values.api.service.port | default 8080 }}"
+  POSTGRES_HOST: {{ .Release.Name }}-postgresql
+  VESPA_HOST: "document-index-service"
+  MODEL_SERVER_HOST: "{{ include "danswer-stack.fullname" . }}-inference-model-service"
+  INDEXING_MODEL_SERVER_HOST: "{{ include "danswer-stack.fullname" . }}-indexing-model-service"
+{{- range $key, $value := .Values.configMap }}
+  {{ $key }}: "{{ $value }}"
+{{- end }}

deployment/helm/charts/danswer/templates/danswer-secret.yaml

@@ -0,0 +1,11 @@
+{{- if not .Values.auth.existingSecret -}}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "danswer-stack.secretName" . }}
+type: Opaque
+stringData:
+  {{- range $name, $value := .Values.auth.secrets }}
+  {{ $name }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}

deployment/helm/charts/danswer/templates/indexing-model-deployment.yaml

@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-indexing-model
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      {{- include "danswer-stack.selectorLabels" . | nindent 6 }}
+      {{- if .Values.indexCapability.deploymentLabels }}
+      {{- toYaml .Values.indexCapability.deploymentLabels | nindent 6 }}
+      {{- end }}
+  template:
+    metadata:
+      {{- with .Values.indexCapability.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "danswer-stack.labels" . | nindent 8 }}
+        {{- with .Values.indexCapability.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      containers:
+      - name: indexing-model-server
+        image: danswer/danswer-model-server:latest
+        imagePullPolicy: IfNotPresent
+        command: [ "uvicorn", "model_server.main:app", "--host", "0.0.0.0", "--port", "9000", "--limit-concurrency", "10" ]
+        ports:
+        - containerPort: 9000
+        envFrom:
+          - configMapRef:
+              name: {{ .Values.config.envConfigMapName }}
+        env:
+          - name: INDEXING_ONLY
+            value: "{{ default "True" .Values.indexCapability.indexingOnly }}"
+          {{- include "danswer-stack.envSecrets" . | nindent 10}}
+        volumeMounts:
+        {{- range .Values.indexCapability.volumeMounts }}
+        - name: {{ .name }}
+          mountPath: {{ .mountPath }}
+        {{- end }}
+      volumes:
+      {{- range .Values.indexCapability.volumes }}
+      - name: {{ .name }}
+        persistentVolumeClaim:
+          claimName: {{ .persistentVolumeClaim.claimName }}
+      {{- end }}

deployment/helm/charts/danswer/templates/indexing-model-pvc.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.indexCapability.indexingModelPVC.name }}
+spec:
+  accessModes:
+    - {{ .Values.indexCapability.indexingModelPVC.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.indexCapability.indexingModelPVC.storage | quote }}

deployment/helm/charts/danswer/templates/indexing-model-service.yaml

@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-indexing-model-service
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  selector:
+    {{- include "danswer-stack.selectorLabels" . | nindent 4 }}
+    {{- if .Values.indexCapability.deploymentLabels }}
+    {{- toYaml .Values.indexCapability.deploymentLabels | nindent 4 }}
+    {{- end }}
+  ports:
+    - name: {{ .Values.indexCapability.service.name }}
+      protocol: TCP
+      port: {{ .Values.indexCapability.service.port }}
+      targetPort: {{ .Values.indexCapability.service.port }}
+  type: {{ .Values.indexCapability.service.type }}

deployment/helm/charts/danswer/templates/inference-model-deployment.yaml

@@ -0,0 +1,45 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-inference-model
+  labels:
+    {{- range .Values.inferenceCapability.deployment.labels }}
+    {{ .key }}: {{ .value }}
+    {{- end }}
+spec:
+  replicas: {{ .Values.inferenceCapability.deployment.replicas }}
+  selector:
+    matchLabels:
+      {{- range .Values.inferenceCapability.deployment.labels }}
+      {{ .key }}: {{ .value }}
+      {{- end }}
+  template:
+    metadata:
+      labels:
+        {{- range .Values.inferenceCapability.podLabels }}
+        {{ .key }}: {{ .value }}
+        {{- end }}
+    spec:
+      containers:
+      - name: {{ .Values.inferenceCapability.service.name }}
+        image: {{ .Values.inferenceCapability.deployment.image.repository }}:{{ .Values.inferenceCapability.deployment.image.tag }}
+        imagePullPolicy: {{ .Values.inferenceCapability.deployment.image.pullPolicy }}
+        command: {{ toYaml .Values.inferenceCapability.deployment.command | nindent 14 }}
+        ports:
+        - containerPort: {{ .Values.inferenceCapability.service.port }}
+        envFrom:
+        - configMapRef:
+            name: {{ .Values.config.envConfigMapName }}
+        env:
+          {{- include "danswer-stack.envSecrets" . | nindent 12}}
+        volumeMounts:
+        {{- range .Values.inferenceCapability.deployment.volumeMounts }}
+        - name: {{ .name }}
+          mountPath: {{ .mountPath }}
+        {{- end }}
+      volumes:
+      {{- range .Values.inferenceCapability.deployment.volumes }}
+      - name: {{ .name }}
+        persistentVolumeClaim:
+          claimName: {{ .persistentVolumeClaim.claimName }}
+      {{- end }}

deployment/helm/charts/danswer/templates/inference-model-pvc.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.inferenceCapability.pvc.name }}
+spec:
+  accessModes: 
+    {{- toYaml .Values.inferenceCapability.pvc.accessModes | nindent 4 }}
+  resources:
+    requests:
+      storage: {{ .Values.inferenceCapability.pvc.storage }}

deployment/helm/charts/danswer/templates/inference-model-service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-inference-model-service
+spec:
+  type: {{ .Values.inferenceCapability.service.type }}
+  ports:
+    - port: {{ .Values.inferenceCapability.service.port }}
+      targetPort: {{ .Values.inferenceCapability.service.port }}
+      protocol: TCP
+      name: {{ .Values.inferenceCapability.service.name }}
+  selector:
+    {{- range .Values.inferenceCapability.deployment.labels }}
+    {{ .key }}: {{ .value }}
+    {{- end }}

deployment/helm/charts/danswer/templates/nginx-conf.yaml

@@ -0,0 +1,44 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: danswer-nginx-conf
+data:
+  nginx.conf: |
+    upstream api_server {
+        server {{ include "danswer-stack.fullname" . }}-api-service:{{ .Values.api.service.port }} fail_timeout=0;
+    }
+
+    upstream web_server {
+        server {{ include "danswer-stack.fullname" . }}-webserver:{{ .Values.webserver.service.port }} fail_timeout=0;
+    }
+
+    server {
+        listen 1024;
+        server_name $$DOMAIN;
+
+        client_max_body_size 5G;    # Maximum upload size
+
+        location ~ ^/api(.*)$ {
+            rewrite ^/api(/.*)$ $1 break;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header Host $host;
+            proxy_http_version 1.1;
+            proxy_buffering off;
+            proxy_redirect off;
+            proxy_pass http://api_server;
+        }
+
+        location / {
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header Host $host;
+            proxy_http_version 1.1;
+            proxy_redirect off;
+            proxy_pass http://web_server;
+        }
+    }

deployment/helm/charts/danswer/templates/serviceaccount.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "danswer-stack.serviceAccountName" . }}
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}

deployment/helm/charts/danswer/templates/tests/test-connection.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "danswer-stack.fullname" . }}-test-connection"
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "danswer-stack.fullname" . }}:{{ .Values.webserver.service.port }}']
+  restartPolicy: Never

deployment/helm/charts/danswer/templates/webserver-deployment.yaml

@@ -0,0 +1,60 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-webserver
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.webserver.autoscaling.enabled }}
+  replicas: {{ .Values.webserver.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "danswer-stack.selectorLabels" . | nindent 6 }}
+      {{- if .Values.webserver.deploymentLabels }}
+      {{- toYaml .Values.webserver.deploymentLabels | nindent 6 }}
+      {{- end }}
+  template:
+    metadata:
+      {{- with .Values.webserver.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "danswer-stack.labels" . | nindent 8 }}
+        {{- with .Values.webserver.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "danswer-stack.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.webserver.podSecurityContext | nindent 8 }}
+      containers:
+        - name: web-server
+          securityContext:
+            {{- toYaml .Values.webserver.securityContext | nindent 12 }}
+          image: "{{ .Values.webserver.image.repository }}:{{ .Values.webserver.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.webserver.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.webserver.service.port }}
+              protocol: TCP
+          resources:
+            {{- toYaml .Values.webserver.resources | nindent 12 }}
+          envFrom:
+            - configMapRef:
+                name: {{ .Values.config.envConfigMapName }}
+          env:
+            {{- include "danswer-stack.envSecrets" . | nindent 12}}
+          {{- with .Values.webserver.volumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.webserver.volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

deployment/helm/charts/danswer/templates/webserver-hpa.yaml

@@ -0,0 +1,32 @@
+{{- if .Values.webserver.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-webserver
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "danswer-stack.fullname" . }}
+  minReplicas: {{ .Values.webserver.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.webserver.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.webserver.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.webserver.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.webserver.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.webserver.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}

deployment/helm/charts/danswer/templates/webserver-service.yaml

@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "danswer-stack.fullname" . }}-webserver
+  labels:
+    {{- include "danswer-stack.labels" . | nindent 4 }}
+    {{- if .Values.webserver.deploymentLabels }}
+    {{- toYaml .Values.webserver.deploymentLabels | nindent 4 }}
+    {{- end }}
+spec:
+  type: {{ .Values.webserver.service.type }}
+  ports:
+    - port: {{ .Values.webserver.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "danswer-stack.selectorLabels" . | nindent 4 }}
+    {{- if .Values.webserver.deploymentLabels }}
+    {{- toYaml .Values.webserver.deploymentLabels | nindent 4 }}
+    {{- end }}

deployment/helm/charts/danswer/values.yaml

@@ -0,0 +1,452 @@
+# Default values for danswer-stack.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+inferenceCapability:
+  service:
+    name: inference-model-server-service
+    type: ClusterIP
+    port: 9000
+  pvc:
+    name: inference-model-pvc
+    accessModes:
+      - ReadWriteOnce
+    storage: 3Gi
+  deployment:
+    name: inference-model-server-deployment
+    replicas: 1
+    labels:
+      - key: app
+        value: inference-model-server
+    image:
+      repository: danswer/danswer-model-server
+      tag: latest
+      pullPolicy: IfNotPresent
+    command: ["uvicorn", "model_server.main:app", "--host", "0.0.0.0", "--port", "9000"]
+    port: 9000
+    volumeMounts:
+      - name: inference-model-storage
+        mountPath: /root/.cache
+    volumes:
+      - name: inference-model-storage
+        persistentVolumeClaim:
+          claimName: inference-model-pvc
+  podLabels:
+    - key: app
+      value: inference-model-server
+
+indexCapability:
+  service:
+    type: ClusterIP
+    port: 9000
+    name: indexing-model-server-port
+  deploymentLabels:
+    app: indexing-model-server
+  podLabels:
+    app: indexing-model-server
+  indexingOnly: "True"
+  podAnnotations: {}
+  volumeMounts:
+    - name: indexing-model-storage
+      mountPath: /root/.cache
+  volumes:
+    - name: indexing-model-storage
+      persistentVolumeClaim:
+        claimName: indexing-model-storage
+  indexingModelPVC:
+    name: indexing-model-storage
+    accessMode: "ReadWriteOnce"
+    storage: "3Gi"
+
+config:
+  envConfigMapName: env-configmap
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: false
+  # Automatically mount a ServiceAccount's API credentials?
+  automount: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+postgresql:
+  primary:
+    persistence:
+      size: 5Gi
+  enabled: true
+  auth:
+    existingSecret: danswer-secrets
+    secretKeys:
+      adminPasswordKey: postgres_password  # overwriting as postgres typically expects 'postgres-password'
+
+nginx:
+  containerPorts:
+    http: 1024
+  extraEnvVars:
+    - name: DOMAIN
+      value: localhost
+  service:
+    ports:
+      http: 80
+      danswer: 3000
+    targetPort:
+      http: http
+      danswer: http
+
+  existingServerBlockConfigmap: danswer-nginx-conf
+
+webserver:
+  replicaCount: 1
+  image:
+    repository: danswer/danswer-web-server
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: ""
+  deploymentLabels:
+    app: web-server
+  podAnnotations: {}
+  podLabels:
+    app: web-server
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext: {}
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+
+  service:
+    type: ClusterIP
+    port: 3000
+
+  resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 100
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+
+  # Additional volumes on the output Deployment definition.
+  volumes: []
+  # - name: foo
+  #   secret:
+  #     secretName: mysecret
+  #     optional: false
+
+  # Additional volumeMounts on the output Deployment definition.
+  volumeMounts: []
+  # - name: foo
+  #   mountPath: "/etc/foo"
+  #   readOnly: true
+
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+api:
+  replicaCount: 1
+  image:
+    repository: danswer/danswer-backend
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: ""
+  deploymentLabels:
+    app: api-server
+  podAnnotations: {}
+  podLabels:
+    scope: danswer-backend
+    app: api-server
+
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext: {}
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+
+  service:
+    type: ClusterIP
+    port: 8080
+
+  resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #  requests:
+  #    cpu: 1000m  # Requests 1 CPU core
+  #    memory: 1Gi  # Requests 1 GiB of memory
+  #  limits:
+  #    cpu: 2000m  # Limits to 2 CPU cores
+  #    memory: 2Gi  # Limits to 2 GiB of memory
+
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 100
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+
+  # Additional volumes on the output Deployment definition.
+  volumes: []
+  # - name: foo
+  #   secret:
+  #     secretName: mysecret
+  #     optional: false
+
+  # Additional volumeMounts on the output Deployment definition.
+  volumeMounts: []
+  # - name: foo
+  #   mountPath: "/etc/foo"
+  #   readOnly: true
+
+  nodeSelector: {}
+  tolerations: []
+
+
+background:
+  replicaCount: 1
+  image:
+    repository: danswer/danswer-backend
+    pullPolicy: IfNotPresent
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: latest
+  podAnnotations: {}
+  podLabels:
+    scope: danswer-backend
+    app: background
+  deploymentLabels:
+    app: background
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext: {}
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+  enableMiniChunk: "true"
+  resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #  requests:
+  #    cpu: 1000m  # Requests 1 CPU core
+  #    memory: 1Gi  # Requests 1 GiB of memory
+  #  limits:
+  #    cpu: 2000m  # Limits to 2 CPU cores
+  #    memory: 2Gi  # Limits to 2 GiB of memory
+
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 100
+    targetCPUUtilizationPercentage: 80
+    # targetMemoryUtilizationPercentage: 80
+
+  # Additional volumes on the output Deployment definition.
+  volumes: []
+  # - name: foo
+  #   secret:
+  #     secretName: mysecret
+  #     optional: false
+
+  # Additional volumeMounts on the output Deployment definition.
+  volumeMounts: []
+  # - name: foo
+  #   mountPath: "/etc/foo"
+  #   readOnly: true
+
+  nodeSelector: {}
+  tolerations: []
+
+vespa:
+  replicaCount: 1
+  image:
+    repository: vespa
+    pullPolicy: IfNotPresent
+    tag: "8.277.17"
+  podAnnotations: {}
+  podLabels:
+    app: vespa
+    app.kubernetes.io/instance: danswer
+    app.kubernetes.io/name: vespa
+  enabled: true
+
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext:
+    privileged: true
+    runAsUser: 0
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+
+  resources:
+  # The Vespa Helm chart specifies default resources, which are quite modest. We override
+  # them here to increase chances of the chart running successfully.
+    requests:
+      cpu: 1500m
+      memory: 4000Mi
+    limits:
+      cpu: 1500m
+      memory: 4000Mi
+
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+
+# ingress:
+#  enabled: false
+#  className: ""
+#  annotations: {}
+#    # kubernetes.io/ingress.class: nginx
+#    # kubernetes.io/tls-acme: "true"
+#  hosts:
+#    - host: chart-example.local
+#      paths:
+#        - path: /
+#          pathType: ImplementationSpecific
+#  tls: []
+#  #  - secretName: chart-example-tls
+#  #    hosts:
+#  #      - chart-example.local
+
+persistence:
+  vespa:
+    enabled: true
+    existingClaim: ""
+    storageClassName: ""
+    accessModes:
+      - ReadWriteOnce
+    size: 5Gi
+
+auth:
+  # for storing smtp, oauth, slack, and other secrets
+  # keys are lowercased version of env vars (e.g. SMTP_USER -> smtp_user)
+  existingSecret: ""  # danswer-secrets
+  # optionally override the secret keys to reference in the secret
+  # this is used to populate the env vars in individual deployments
+  # the values here reference the keys in secrets below
+  secretKeys:
+    postgres_password: "postgres_password"
+    smtp_pass: ""
+    oauth_client_id: ""
+    oauth_client_secret: ""
+    oauth_cookie_secret: ""
+    gen_ai_api_key: ""
+    danswer_bot_slack_app_token: ""
+    danswer_bot_slack_bot_token: ""
+    redis_password: "redis_password"
+  # will be overridden by the existingSecret if set
+  secretName: "danswer-secrets"
+  # set values as strings, they will be base64 encoded
+  # this is used to populate the secrets yaml
+  secrets:
+    postgres_password: "postgres"
+    smtp_pass: ""
+    oauth_client_id: ""
+    oauth_client_secret: ""
+    oauth_cookie_secret: ""
+    gen_ai_api_key: ""
+    danswer_bot_slack_app_token: ""
+    danswer_bot_slack_bot_token: ""
+    redis_password: "password"
+
+configMap:
+  AUTH_TYPE: "disabled"  # Change this for production uses unless Danswer is only accessible behind VPN
+  SESSION_EXPIRE_TIME_SECONDS: "86400"  # 1 Day Default
+  VALID_EMAIL_DOMAINS: ""  # Can be something like danswer.ai, as an extra double-check
+  SMTP_SERVER: ""  # For sending verification emails, if unspecified then defaults to 'smtp.gmail.com'
+  SMTP_PORT: ""  # For sending verification emails, if unspecified then defaults to '587'
+  SMTP_USER: ""  # 'your-email@company.com'
+  # SMTP_PASS: ""  # 'your-gmail-password'
+  EMAIL_FROM: ""  # 'your-email@company.com' SMTP_USER missing used instead
+  # Gen AI Settings
+  GEN_AI_MAX_TOKENS: ""
+  QA_TIMEOUT: "60"
+  MAX_CHUNKS_FED_TO_CHAT: ""
+  DISABLE_LLM_DOC_RELEVANCE: ""
+  DISABLE_LLM_CHOOSE_SEARCH: ""
+  DISABLE_LLM_QUERY_REPHRASE: ""
+  # Query Options
+  DOC_TIME_DECAY: ""
+  HYBRID_ALPHA: ""
+  EDIT_KEYWORD_QUERY: ""
+  MULTILINGUAL_QUERY_EXPANSION: ""
+  LANGUAGE_HINT: ""
+  LANGUAGE_CHAT_NAMING_HINT: ""
+  QA_PROMPT_OVERRIDE: ""
+  # Internet Search Tool
+  BING_API_KEY: ""
+  # Don't change the NLP models unless you know what you're doing
+  DOCUMENT_ENCODER_MODEL: ""
+  NORMALIZE_EMBEDDINGS: ""
+  ASYM_QUERY_PREFIX: ""
+  ASYM_PASSAGE_PREFIX: ""
+  DISABLE_RERANK_FOR_STREAMING: ""
+  MODEL_SERVER_PORT: ""
+  MIN_THREADS_ML_MODELS: ""
+  # Indexing Configs
+  NUM_INDEXING_WORKERS: ""
+  DISABLE_INDEX_UPDATE_ON_SWAP: ""
+  DASK_JOB_CLIENT_ENABLED: ""
+  CONTINUE_ON_CONNECTOR_FAILURE: ""
+  EXPERIMENTAL_CHECKPOINTING_ENABLED: ""
+  CONFLUENCE_CONNECTOR_LABELS_TO_SKIP: ""
+  JIRA_API_VERSION: ""
+  GONG_CONNECTOR_START_TIME: ""
+  NOTION_CONNECTOR_ENABLE_RECURSIVE_PAGE_LOOKUP: ""
+  # DanswerBot SlackBot Configs
+  # DANSWER_BOT_SLACK_APP_TOKEN: ""
+  # DANSWER_BOT_SLACK_BOT_TOKEN: ""
+  DANSWER_BOT_DISABLE_DOCS_ONLY_ANSWER: ""
+  DANSWER_BOT_DISPLAY_ERROR_MSGS: ""
+  DANSWER_BOT_RESPOND_EVERY_CHANNEL: ""
+  DANSWER_BOT_DISABLE_COT: ""  # Currently unused
+  NOTIFY_SLACKBOT_NO_ANSWER: ""
+  # Logging
+  # Optional Telemetry, please keep it on (nothing sensitive is collected)? <3
+  # https://docs.danswer.dev/more/telemetry
+  DISABLE_TELEMETRY: ""
+  LOG_LEVEL: ""
+  LOG_ALL_MODEL_INTERACTIONS: ""
+  LOG_DANSWER_MODEL_INTERACTIONS: ""
+  LOG_VESPA_TIMING_INFORMATION: ""
+  # Shared or Non-backend Related
+  WEB_DOMAIN: "http://localhost:3000"  # for web server and api server
+  DOMAIN: "localhost"  # for nginx