AI_POC/TERES_fastapi_backend
12
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.21.1-fastapi

Browse Source
This commit is contained in:
dangzerong
2025-11-04 16:06:36 +08:00
parent 3e58c3d0e9
commit d57b5d76ae
218 changed files with 19617 additions and 72339 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
helm/.helmignore Normal file
View File

@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

24
helm/Chart.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: v2
name: ragflow
description: A Helm chart for deploying RAGFlow on Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "dev"

62
helm/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "ragflow.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "ragflow.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "ragflow.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "ragflow.labels" -}}
helm.sh/chart: {{ include "ragflow.chart" . }}
{{ include "ragflow.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "ragflow.selectorLabels" -}}
app.kubernetes.io/name: {{ include "ragflow.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "ragflow.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "ragflow.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

17
helm/templates/elasticsearch-config.yaml Normal file
View File

@@ -0,0 +1,17 @@
{{- if eq .Values.env.DOC_ENGINE "elasticsearch" -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "ragflow.fullname" . }}-es-config
data:
node.name: "es01"
bootstrap.memory_lock: "false"
discovery.type: "single-node"
xpack.security.enabled: "true"
xpack.security.http.ssl.enabled: "false"
xpack.security.transport.ssl.enabled: "false"
cluster.routing.allocation.disk.watermark.low: 5gb
cluster.routing.allocation.disk.watermark.high: 3gb
cluster.routing.allocation.disk.watermark.flood_stage: 2gb
TZ: {{ .Values.env.TIMEZONE }}
{{- end -}}

131
helm/templates/elasticsearch.yaml Normal file
View File

@@ -0,0 +1,131 @@
{{- if eq .Values.env.DOC_ENGINE "elasticsearch" -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "ragflow.fullname" . }}-es-data
annotations:
"helm.sh/resource-policy": keep
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: elasticsearch
spec:
{{- with .Values.elasticsearch.storage.className }}
storageClassName: {{ . }}
{{- end }}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.elasticsearch.storage.capacity }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "ragflow.fullname" . }}-es
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: elasticsearch
spec:
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: elasticsearch
{{- with .Values.elasticsearch.deployment.strategy }}
strategy:
{{- . | toYaml | nindent 4 }}
{{- end }}
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: elasticsearch
annotations:
checksum/config-es: {{ include (print $.Template.BasePath "/elasticsearch-config.yaml") . | sha256sum }}
checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
{{- if or .Values.imagePullSecrets .Values.elasticsearch.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.elasticsearch.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
initContainers:
- name: fix-data-volume-permissions
image: {{ .Values.elasticsearch.initContainers.alpine.repository }}:{{ .Values.elasticsearch.initContainers.alpine.tag }}
{{- with .Values.elasticsearch.initContainers.alpine.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
command:
- sh
- -c
- "chown -R 1000:0 /usr/share/elasticsearch/data"
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: es-data
- name: sysctl
image: {{ .Values.elasticsearch.initContainers.busybox.repository }}:{{ .Values.elasticsearch.initContainers.busybox.tag }}
{{- with .Values.elasticsearch.initContainers.busybox.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
securityContext:
privileged: true
runAsUser: 0
command: ["sysctl", "-w", "vm.max_map_count=262144"]
containers:
- name: elasticsearch
image: {{ .Values.elasticsearch.image.repository }}:{{ .Values.elasticsearch.image.tag }}
{{- with .Values.elasticsearch.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
- configMapRef:
name: {{ include "ragflow.fullname" . }}-es-config
ports:
- containerPort: 9200
name: http
- containerPort: 9300
name: transport
volumeMounts:
- mountPath: /usr/share/elasticsearch/data
name: es-data
{{- with .Values.elasticsearch.deployment.resources }}
resources:
{{- . | toYaml | nindent 10 }}
{{- end }}
securityContext:
capabilities:
add:
- "IPC_LOCK"
runAsUser: 1000
# NOTE: fsGroup doesn't seem to
# work so use init container instead
# fsGroup: 1000
allowPrivilegeEscalation: false
volumes:
- name: es-data
persistentVolumeClaim:
claimName: {{ include "ragflow.fullname" . }}-es-data
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-es
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: elasticsearch
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: elasticsearch
ports:
- protocol: TCP
port: 9200
targetPort: http
type: {{ .Values.elasticsearch.service.type }}
{{- end -}}

53
helm/templates/env.yaml Normal file
View File

@@ -0,0 +1,53 @@
{{- /*
TODO: Split env vars into separate secrets so that each pod
only gets passed the secrets it really needs.
*/}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "ragflow.fullname" . }}-env-config
type: Opaque
stringData:
{{- range $key, $val := .Values.env }}
{{- if $val }}
{{ $key }}: {{ quote $val }}
{{- end }}
{{- end }}
{{- /*
Use host names derived from internal cluster DNS
*/}}
REDIS_HOST: {{ printf "%s-redis.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
MYSQL_HOST: {{ printf "%s-mysql.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
MINIO_HOST: {{ printf "%s-minio.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
{{- /*
Fail if passwords are not provided in release values
*/}}
REDIS_PASSWORD: {{ .Values.env.REDIS_PASSWORD | required "REDIS_PASSWORD is required" }}
{{- /*
NOTE: MySQL uses MYSQL_ROOT_PASSWORD env var but Ragflow container expects
MYSQL_PASSWORD so we need to define both as the same value here.
*/}}
{{- with .Values.env.MYSQL_PASSWORD | required "MYSQL_PASSWORD is required" }}
MYSQL_PASSWORD: {{ . }}
MYSQL_ROOT_PASSWORD: {{ . }}
{{- end }}
{{- with .Values.env.MINIO_PASSWORD | required "MINIO_PASSWORD is required" }}
MINIO_PASSWORD: {{ . }}
MINIO_ROOT_PASSWORD: {{ . }}
{{- end }}
{{- /*
Only provide env vars for enabled doc engine
*/}}
{{- if eq .Values.env.DOC_ENGINE "elasticsearch" }}
ES_HOST: {{ printf "%s-es.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
ELASTIC_PASSWORD: {{ .Values.env.ELASTIC_PASSWORD | required "ELASTIC_PASSWORD is required" }}
{{- else if eq .Values.env.DOC_ENGINE "infinity" }}
INFINITY_HOST: {{ printf "%s-infinity.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
{{- else if eq .Values.env.DOC_ENGINE "opensearch" }}
OS_HOST: {{ printf "%s-opensearch.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
OS_PORT: "9201"
OPENSEARCH_PASSWORD: {{ .Values.env.OPENSEARCH_PASSWORD | required "OPENSEARCH_PASSWORD is required" }}
OPENSEARCH_INITIAL_ADMIN_PASSWORD: {{ .Values.env.OPENSEARCH_PASSWORD | required "OPENSEARCH_PASSWORD is required" }}
{{- else }}
{{ fail "env.DOC_ENGINE must be either 'elasticsearch', 'opensearch' or 'infinity'" }}
{{- end }}

122
helm/templates/infinity.yaml Normal file
View File

@@ -0,0 +1,122 @@
{{- if eq .Values.env.DOC_ENGINE "infinity" -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "ragflow.fullname" . }}-infinity
annotations:
"helm.sh/resource-policy": keep
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: infinity
spec:
{{- with .Values.infinity.storage.className }}
storageClassName: {{ . }}
{{- end }}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.infinity.storage.capacity }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "ragflow.fullname" . }}-infinity
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: infinity
spec:
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: infinity
{{- with .Values.infinity.deployment.strategy }}
strategy:
{{- . | toYaml | nindent 4 }}
{{- end }}
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: infinity
annotations:
checksum/config: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
{{- if or .Values.imagePullSecrets .Values.infinity.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.infinity.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: infinity
image: {{ .Values.infinity.image.repository }}:{{ .Values.infinity.image.tag }}
{{- with .Values.infinity.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
ports:
- containerPort: 23817
name: thrift
- containerPort: 23820
name: http
- containerPort: 5432
name: psql
volumeMounts:
- mountPath: /var/infinity
name: infinity-data
{{- with .Values.infinity.deployment.resources }}
resources:
{{- . | toYaml | nindent 10 }}
{{- end }}
securityContext:
capabilities:
add:
- "NET_BIND_SERVICE"
seccompProfile:
type: RuntimeDefault
livenessProbe:
httpGet:
path: /admin/node/current
port: 23820
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 10
failureThreshold: 120
volumes:
- name: infinity-data
persistentVolumeClaim:
claimName: {{ include "ragflow.fullname" . }}-infinity
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-infinity
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: infinity
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: infinity
ports:
- protocol: TCP
port: 23817
targetPort: thrift
name: thrift
- protocol: TCP
port: 23820
targetPort: http
name: http
- protocol: TCP
port: 5432
targetPort: psql
name: psql
type: {{ .Values.infinity.service.type }}
{{- end -}}

43
helm/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,43 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "ragflow.fullname" . }}
labels:
{{- include "ragflow.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- with .Values.ingress.className }}
ingressClassName: {{ . }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- with .pathType }}
pathType: {{ . }}
{{- end }}
backend:
service:
name: {{ $.Release.Name }}
port:
name: http
{{- end }}
{{- end }}
{{- end }}

105
helm/templates/minio.yaml Normal file
View File

@@ -0,0 +1,105 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "ragflow.fullname" . }}-minio
annotations:
"helm.sh/resource-policy": keep
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: minio
spec:
{{- with .Values.minio.storage.className }}
storageClassName: {{ . }}
{{- end }}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.minio.storage.capacity }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "ragflow.fullname" . }}-minio
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: minio
annotations:
checksum/config: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: minio
{{- with .Values.minio.deployment.strategy }}
strategy:
{{- . | toYaml | nindent 4 }}
{{- end }}
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: minio
spec:
{{- if or .Values.imagePullSecrets .Values.minio.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.minio.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: minio
image: {{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }}
{{- with .Values.minio.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
args:
- server
- "--console-address=:9001"
- "/data"
ports:
- containerPort: 9000
name: s3
- containerPort: 9001
name: console
{{- with .Values.minio.deployment.resources }}
resources:
{{- . | toYaml | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /data
name: minio-data
volumes:
- name: minio-data
persistentVolumeClaim:
claimName: {{ include "ragflow.fullname" . }}-minio
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-minio
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: minio
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: minio
ports:
- name: s3
protocol: TCP
port: 9000
targetPort: s3
- name: console
protocol: TCP
port: 9001
targetPort: console
type: {{ .Values.minio.service.type }}

9
helm/templates/mysql-config.yaml Normal file
View File

@@ -0,0 +1,9 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-init-script
data:
init.sql: |-
CREATE DATABASE IF NOT EXISTS rag_flow;
USE rag_flow;

110
helm/templates/mysql.yaml Normal file
View File

@@ -0,0 +1,110 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "ragflow.fullname" . }}-mysql
annotations:
"helm.sh/resource-policy": keep
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: mysql
spec:
{{- with .Values.mysql.storage.className }}
storageClassName: {{ . }}
{{- end }}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.mysql.storage.capacity }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "ragflow.fullname" . }}-mysql
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: mysql
spec:
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: mysql
{{- with .Values.mysql.deployment.strategy }}
strategy:
{{- . | toYaml | nindent 4 }}
{{- end }}
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: mysql
annotations:
checksum/config-mysql: {{ include (print $.Template.BasePath "/mysql-config.yaml") . | sha256sum }}
checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
{{- if or .Values.imagePullSecrets .Values.mysql.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.mysql.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: mysql
image: {{ .Values.mysql.image.repository }}:{{ .Values.mysql.image.tag }}
{{- with .Values.mysql.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
args:
- --max_connections=1000
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_general_ci
- --default-authentication-plugin=mysql_native_password
- --tls_version=TLSv1.2,TLSv1.3
- --init-file=/data/application/init.sql
- --disable-log-bin
ports:
- containerPort: 3306
name: mysql
{{- with .Values.mysql.deployment.resources }}
resources:
{{- . | toYaml | nindent 10 }}
{{- end }}
volumeMounts:
- mountPath: /var/lib/mysql
name: mysql-data
- mountPath: /data/application/init.sql
subPath: init.sql
readOnly: true
name: init-script-volume
volumes:
- name: mysql-data
persistentVolumeClaim:
claimName: {{ include "ragflow.fullname" . }}-mysql
- name: init-script-volume
configMap:
name: mysql-init-script
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-mysql
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: mysql
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: mysql
ports:
- protocol: TCP
port: 3306
targetPort: mysql
type: {{ .Values.mysql.service.type }}

18
helm/templates/opensearch-config.yaml Normal file
View File

@@ -0,0 +1,18 @@
{{- if eq .Values.env.DOC_ENGINE "opensearch" -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "ragflow.fullname" . }}-opensearch-config
data:
node.name: opensearch01
bootstrap.memory_lock: "false"
discovery.type: single-node
plugins.security.disabled: "false"
plugins.security.ssl.http.enabled: "false"
plugins.security.ssl.transport.enabled: "true"
cluster.routing.allocation.disk.watermark.low: 5gb
cluster.routing.allocation.disk.watermark.high: 3gb
cluster.routing.allocation.disk.watermark.flood_stage: 2gb
TZ: {{ .Values.env.TIMEZONE }}
http.port: "9201"
{{- end -}}

135
helm/templates/opensearch.yaml Normal file
View File

@@ -0,0 +1,135 @@
{{- if eq .Values.env.DOC_ENGINE "opensearch" -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "ragflow.fullname" . }}-opensearch-data
annotations:
"helm.sh/resource-policy": keep
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: opensearch
spec:
{{- with .Values.opensearch.storage.className }}
storageClassName: {{ . }}
{{- end }}
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.opensearch.storage.capacity }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "ragflow.fullname" . }}-opensearch
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: opensearch
spec:
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: opensearch
{{- with .Values.opensearch.deployment.strategy }}
strategy:
{{- . | toYaml | nindent 4 }}
{{- end }}
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: opensearch
annotations:
checksum/config-opensearch: {{ include (print $.Template.BasePath "/opensearch-config.yaml") . | sha256sum }}
checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
{{- if or .Values.imagePullSecrets .Values.opensearch.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.opensearch.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
initContainers:
- name: fix-data-volume-permissions
image: {{ .Values.opensearch.initContainers.alpine.repository }}:{{ .Values.opensearch.initContainers.alpine.tag }}
{{- with .Values.opensearch.initContainers.alpine.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
command:
- sh
- -c
- "chown -R 1000:0 /usr/share/opensearch/data"
volumeMounts:
- mountPath: /usr/share/opensearch/data
name: opensearch-data
- name: sysctl
image: {{ .Values.opensearch.initContainers.busybox.repository }}:{{ .Values.opensearch.initContainers.busybox.tag }}
{{- with .Values.opensearch.initContainers.busybox.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
securityContext:
privileged: true
runAsUser: 0
command: ["sysctl", "-w", "vm.max_map_count=262144"]
containers:
- name: opensearch
image: {{ .Values.opensearch.image.repository }}:{{ .Values.opensearch.image.tag }}
{{- with .Values.opensearch.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
- configMapRef:
name: {{ include "ragflow.fullname" . }}-opensearch-config
ports:
- containerPort: 9201
name: http
volumeMounts:
- mountPath: /usr/share/opensearch/data
name: opensearch-data
{{- with .Values.opensearch.deployment.resources }}
resources:
{{- . | toYaml | nindent 10 }}
{{- end }}
securityContext:
capabilities:
add:
- "IPC_LOCK"
runAsUser: 1000
allowPrivilegeEscalation: false
livenessProbe:
exec:
command:
- sh
- -c
- curl -u admin:$OPENSEARCH_PASSWORD localhost:9201
initialDelaySeconds: 30
periodSeconds: 10
failureThreshold: 6
volumes:
- name: opensearch-data
persistentVolumeClaim:
claimName: {{ include "ragflow.fullname" . }}-opensearch-data
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-opensearch
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: opensearch
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: opensearch
ports:
- protocol: TCP
port: 9201
targetPort: http
type: {{ .Values.opensearch.service.type }}
{{- end -}}

119
helm/templates/ragflow.yaml Normal file
View File

@@ -0,0 +1,119 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "ragflow.fullname" . }}
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: ragflow
spec:
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: ragflow
{{- with .Values.ragflow.deployment.strategy }}
strategy:
{{- . | toYaml | nindent 4 }}
{{- end }}
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: ragflow
annotations:
checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
checksum/config-ragflow: {{ include (print $.Template.BasePath "/ragflow_config.yaml") . | sha256sum }}
spec:
{{- if or .Values.imagePullSecrets .Values.ragflow.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.ragflow.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: ragflow
image: {{ .Values.ragflow.image.repository }}:{{ .Values.ragflow.image.tag }}
{{- with .Values.ragflow.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
ports:
- containerPort: 80
name: http
- containerPort: 9380
name: http-api
volumeMounts:
- mountPath: /etc/nginx/conf.d/ragflow.conf
subPath: ragflow.conf
name: nginx-config-volume
- mountPath: /etc/nginx/proxy.conf
subPath: proxy.conf
name: nginx-config-volume
- mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
name: nginx-config-volume
{{- with .Values.ragflow.service_conf }}
- mountPath: /ragflow/conf/local.service_conf.yaml
subPath: local.service_conf.yaml
name: service-conf-volume
{{- end }}
{{- with .Values.ragflow.llm_factories }}
- mountPath: /ragflow/conf/llm_factories.json
subPath: llm_factories.json
name: service-conf-volume
{{- end }}
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
{{- with .Values.ragflow.deployment.resources }}
resources:
{{- . | toYaml | nindent 10 }}
{{- end }}
volumes:
- name: nginx-config-volume
configMap:
name: nginx-config
- name: service-conf-volume
configMap:
name: ragflow-service-config
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: ragflow
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: ragflow
ports:
- protocol: TCP
port: 80
targetPort: http
name: http
type: {{ .Values.ragflow.service.type }}
---
{{- if .Values.ragflow.api.service.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-api
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: ragflow
spec:
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: ragflow
ports:
- protocol: TCP
port: 80
targetPort: http-api
name: http-api
type: {{ .Values.ragflow.api.service.type }}
{{- end }}

89
helm/templates/ragflow_config.yaml Normal file
View File

@@ -0,0 +1,89 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ragflow-service-config
data:
{{- with .Values.ragflow.service_conf }}
local.service_conf.yaml: |
{{- . | toYaml | nindent 4 }}
{{- end }}
{{- with .Values.ragflow.llm_factories }}
llm_factories.json: |
{{- . | toPrettyJson | nindent 4 }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-config
data:
ragflow.conf: |
server {
listen 80;
server_name _;
root /ragflow/web/dist;
gzip on;
gzip_min_length 1k;
gzip_comp_level 9;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
location ~ ^/(v1|api) {
proxy_pass http://localhost:9380;
include proxy.conf;
}
location / {
index index.html;
try_files $uri $uri/ /index.html;
}
# Cache-Control: max-age~@~AExpires
location ~ ^/static/(css|js|media)/ {
expires 10y;
access_log off;
}
}
proxy.conf: |
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
nginx.conf: |
user root;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
client_max_body_size 128M;
include /etc/nginx/conf.d/ragflow.conf;
}

133
helm/templates/redis.yaml Normal file
View File

@@ -0,0 +1,133 @@
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-redis
annotations:
"helm.sh/resource-policy": keep
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: redis
spec:
ports:
- port: 6379
name: redis
protocol: TCP
clusterIP: None # Headless service for StatefulSet
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: redis
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "ragflow.fullname" . }}-redis
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: redis
spec:
serviceName: {{ include "ragflow.fullname" . }}-redis
replicas: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: redis
template:
metadata:
labels:
{{- include "ragflow.labels" . | nindent 8 }}
app.kubernetes.io/component: redis
annotations:
checksum/config-env: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
{{- if or .Values.imagePullSecrets .Values.redis.image.pullSecrets }}
imagePullSecrets:
{{- with .Values.imagePullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.image.pullSecrets }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
terminationGracePeriodSeconds: 60
containers:
- name: redis
image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}
{{- with .Values.redis.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
command:
- "sh"
- "-c"
- "exec redis-server --requirepass ${REDIS_PASSWORD} --maxmemory 128mb --maxmemory-policy allkeys-lru"
envFrom:
- secretRef:
name: {{ include "ragflow.fullname" . }}-env-config
ports:
- containerPort: 6379
name: redis
{{- if .Values.redis.persistence.enabled }}
volumeMounts:
- name: redis-data
mountPath: /data
{{- end }}
{{- with .Values.redis.deployment.resources }}
resources:
{{- . | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.redis.persistence.enabled }}
{{- with .Values.redis.persistence.retentionPolicy }}
persistentVolumeClaimRetentionPolicy:
{{- with .whenDeleted }}
whenDeleted: {{ . }}
{{- end }}
{{- with .whenScaled }}
whenScaled: {{ . }}
{{- end }}
{{- end }}
volumeClaimTemplates:
- metadata:
name: redis-data
labels:
{{- include "ragflow.selectorLabels" . | nindent 10 }}
app.kubernetes.io/component: redis
spec:
accessModes:
- ReadWriteOnce
{{- with .Values.redis.storage.className }}
storageClassName: {{ . }}
{{- end }}
resources:
requests:
storage: {{ .Values.redis.storage.capacity }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "ragflow.fullname" . }}-redis-svc
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: redis
spec:
ports:
- port: 6379
targetPort: redis
protocol: TCP
selector:
{{- include "ragflow.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: redis
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "ragflow.fullname" . }}-redis-pdb
labels:
{{- include "ragflow.labels" . | nindent 4 }}
app.kubernetes.io/component: redis
spec:
minAvailable: 1
selector:
matchLabels:
{{- include "ragflow.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: redis

17
helm/templates/tests/test-connection.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "ragflow.fullname" . }}-test-connection"
labels:
{{- include "ragflow.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command:
- 'wget'
args:
- {{ printf "%s.%s.svc" (include "ragflow.fullname" .) .Release.Namespace }}
restartPolicy: Never

234
helm/values.yaml Normal file
View File

@@ -0,0 +1,234 @@
# Based on docker compose .env file
# Global image pull secrets configuration
imagePullSecrets: []
env:
# The type of doc engine to use.
# Available options:
# - `elasticsearch` (default)
# - `infinity` (https://github.com/infiniflow/infinity)
# - `opensearch` (https://github.com/opensearch-project/OpenSearch)
# DOC_ENGINE: elasticsearch
DOC_ENGINE: infinity
# DOC_ENGINE: opensearch
# The version of Elasticsearch.
STACK_VERSION: "8.11.3"
# The password for Elasticsearch
ELASTIC_PASSWORD: infini_rag_flow_helm
# The password for OpenSearch.
# At least one uppercase letter, one lowercase letter, one digit, and one special character
OPENSEARCH_PASSWORD: infini_rag_flow_OS_01
# The password for MySQL
MYSQL_PASSWORD: infini_rag_flow_helm
# The database of the MySQL service to use
MYSQL_DBNAME: rag_flow
# The username for MinIO.
MINIO_ROOT_USER: rag_flow
# The password for MinIO
MINIO_PASSWORD: infini_rag_flow_helm
# The password for Redis
REDIS_PASSWORD: infini_rag_flow_helm
# The local time zone.
TIMEZONE: "Asia/Shanghai"
# Uncomment the following line if you have limited access to huggingface.co:
# HF_ENDPOINT: https://hf-mirror.com
# The maximum file size for each uploaded file, in bytes.
# You can uncomment this line and update the value if you wish to change 128M file size limit
# MAX_CONTENT_LENGTH: "134217728"
# After making the change, ensure you update `client_max_body_size` in nginx/nginx.conf correspondingly.
# The number of document chunks processed in a single batch during document parsing.
DOC_BULK_SIZE: 4
# The number of text chunks processed in a single batch during embedding vectorization.
EMBEDDING_BATCH_SIZE: 16
ragflow:
image:
repository: infiniflow/ragflow
tag: v0.21.1-slim
pullPolicy: IfNotPresent
pullSecrets: []
# Optional service configuration overrides
# to be written to local.service_conf.yaml
# inside the RAGFlow container
# https://ragflow.io/docs/dev/configurations#service-configuration
service_conf:
# Optional yaml formatted override for the
# llm_factories.json file inside the RAGFlow
# container.
llm_factories:
# factory_llm_infos:
# - name: OpenAI-API-Compatible
# logo: ""
# tags: "LLM,TEXT EMBEDDING,SPEECH2TEXT,MODERATION"
# status: "1"
# llm:
# - llm_name: my-custom-llm
# tags: "LLM,CHAT,"
# max_tokens: 100000
# model_type: chat
# is_tools: false
# Kubernetes configuration
deployment:
strategy:
resources:
service:
# Use LoadBalancer to expose the web interface externally
type: ClusterIP
api:
service:
enabled: true
type: ClusterIP
infinity:
image:
repository: infiniflow/infinity
tag: v0.6.1
pullPolicy: IfNotPresent
pullSecrets: []
storage:
className:
capacity: 5Gi
deployment:
strategy:
resources:
service:
type: ClusterIP
elasticsearch:
image:
repository: elasticsearch
tag: "8.11.3"
pullPolicy: IfNotPresent
pullSecrets: []
initContainers:
alpine:
repository: alpine
tag: latest
pullPolicy: IfNotPresent
busybox:
repository: busybox
tag: latest
pullPolicy: IfNotPresent
storage:
className:
capacity: 20Gi
deployment:
strategy:
resources:
requests:
cpu: "4"
memory: "16Gi"
service:
type: ClusterIP
opensearch:
image:
repository: opensearchproject/opensearch
tag: 2.19.1
pullPolicy: IfNotPresent
pullSecrets: []
initContainers:
alpine:
repository: alpine
tag: latest
pullPolicy: IfNotPresent
busybox:
repository: busybox
tag: latest
pullPolicy: IfNotPresent
storage:
className:
capacity: 20Gi
deployment:
strategy:
resources:
requests:
cpu: "4"
memory: "16Gi"
service:
type: ClusterIP
minio:
image:
repository: quay.io/minio/minio
tag: RELEASE.2023-12-20T01-00-02Z
pullPolicy: IfNotPresent
pullSecrets: []
storage:
className:
capacity: 5Gi
deployment:
strategy:
resources:
service:
type: ClusterIP
mysql:
image:
repository: mysql
tag: 8.0.39
pullPolicy: IfNotPresent
pullSecrets: []
storage:
className:
capacity: 5Gi
deployment:
strategy:
resources:
service:
type: ClusterIP
redis:
image:
repository: valkey/valkey
tag: 8
pullPolicy: IfNotPresent
pullSecrets: []
storage:
className:
capacity: 5Gi
persistence:
enabled: true
# Set's the retention policy for the persistent storage (only available in k8s 1.32 or later)
# https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
# retentionPolicy:
# whenDeleted: Delete
# whenScaled: Delete
deployment:
strategy:
resources:
service:
type: ClusterIP
# This block is for setting up web service ingress. For more information, see:
# https://kubernetes.io/docs/concepts/services-networking/ingress/
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local