From 2719cfff59a400af87c91d8da177592fc4d21df5 Mon Sep 17 00:00:00 2001 From: dnviti Date: Wed, 22 Oct 2025 14:35:21 +0200 Subject: [PATCH] Add Helm chart, Docs, and Config conversion script --- CONFIGURATION.md | 511 +++++++++++++++++ deploy/helm/README.md | 400 ++++++++++++++ deploy/helm/datacenter-docs/.helmignore | 32 ++ deploy/helm/datacenter-docs/Chart.yaml | 19 + deploy/helm/datacenter-docs/README.md | 423 +++++++++++++++ .../helm/datacenter-docs/templates/NOTES.txt | 162 ++++++ .../datacenter-docs/templates/_helpers.tpl | 235 ++++++++ .../templates/api-deployment.yaml | 120 ++++ .../datacenter-docs/templates/api-hpa.yaml | 32 ++ .../templates/api-service.yaml | 17 + .../templates/chat-deployment.yaml | 94 ++++ .../templates/chat-service.yaml | 17 + .../datacenter-docs/templates/configmap.yaml | 37 ++ .../templates/frontend-deployment.yaml | 69 +++ .../templates/frontend-service.yaml | 17 + .../datacenter-docs/templates/ingress.yaml | 57 ++ .../templates/mongodb-service.yaml | 17 + .../templates/mongodb-statefulset.yaml | 113 ++++ .../templates/redis-deployment.yaml | 70 +++ .../templates/redis-service.yaml | 17 + .../datacenter-docs/templates/secrets.yaml | 17 + .../templates/serviceaccount.yaml | 13 + .../templates/worker-deployment.yaml | 107 ++++ .../datacenter-docs/templates/worker-hpa.yaml | 24 + .../datacenter-docs/values-development.yaml | 181 ++++++ .../datacenter-docs/values-production.yaml | 304 +++++++++++ deploy/helm/datacenter-docs/values.yaml | 265 +++++++++ deploy/helm/test-chart.sh | 143 +++++ scripts/README.md | 112 ++++ scripts/convert_config.py | 298 ++++++++++ values.yaml | 513 ++++++++++++++++++ 31 files changed, 4436 insertions(+) create mode 100644 CONFIGURATION.md create mode 100644 deploy/helm/README.md create mode 100644 deploy/helm/datacenter-docs/.helmignore create mode 100644 deploy/helm/datacenter-docs/Chart.yaml create mode 100644 deploy/helm/datacenter-docs/README.md create mode 100644 deploy/helm/datacenter-docs/templates/NOTES.txt create mode 100644 deploy/helm/datacenter-docs/templates/_helpers.tpl create mode 100644 deploy/helm/datacenter-docs/templates/api-deployment.yaml create mode 100644 deploy/helm/datacenter-docs/templates/api-hpa.yaml create mode 100644 deploy/helm/datacenter-docs/templates/api-service.yaml create mode 100644 deploy/helm/datacenter-docs/templates/chat-deployment.yaml create mode 100644 deploy/helm/datacenter-docs/templates/chat-service.yaml create mode 100644 deploy/helm/datacenter-docs/templates/configmap.yaml create mode 100644 deploy/helm/datacenter-docs/templates/frontend-deployment.yaml create mode 100644 deploy/helm/datacenter-docs/templates/frontend-service.yaml create mode 100644 deploy/helm/datacenter-docs/templates/ingress.yaml create mode 100644 deploy/helm/datacenter-docs/templates/mongodb-service.yaml create mode 100644 deploy/helm/datacenter-docs/templates/mongodb-statefulset.yaml create mode 100644 deploy/helm/datacenter-docs/templates/redis-deployment.yaml create mode 100644 deploy/helm/datacenter-docs/templates/redis-service.yaml create mode 100644 deploy/helm/datacenter-docs/templates/secrets.yaml create mode 100644 deploy/helm/datacenter-docs/templates/serviceaccount.yaml create mode 100644 deploy/helm/datacenter-docs/templates/worker-deployment.yaml create mode 100644 deploy/helm/datacenter-docs/templates/worker-hpa.yaml create mode 100644 deploy/helm/datacenter-docs/values-development.yaml create mode 100644 deploy/helm/datacenter-docs/values-production.yaml create mode 100644 deploy/helm/datacenter-docs/values.yaml create mode 100755 deploy/helm/test-chart.sh create mode 100755 scripts/convert_config.py create mode 100644 values.yaml diff --git a/CONFIGURATION.md b/CONFIGURATION.md new file mode 100644 index 0000000..78bf0a1 --- /dev/null +++ b/CONFIGURATION.md @@ -0,0 +1,511 @@ +# Configuration Guide + +This guide explains how to configure the Datacenter Documentation & Remediation Engine using the various configuration files available. + +## Configuration Files Overview + +The project supports multiple configuration methods to suit different deployment scenarios: + +### 1. `.env` File (Docker Compose) +- **Location**: Root of the project +- **Format**: Environment variables +- **Use case**: Local development, Docker Compose deployments +- **Template**: `.env.example` + +### 2. `values.yaml` File (Structured Configuration) +- **Location**: Root of the project +- **Format**: YAML +- **Use case**: General configuration, Helm deployments, configuration management +- **Template**: `values.yaml` + +### 3. Helm Chart Values (Kubernetes) +- **Location**: `deploy/helm/datacenter-docs/values.yaml` +- **Format**: YAML (Helm-specific) +- **Use case**: Kubernetes deployments via Helm +- **Variants**: + - `values.yaml` - Default configuration + - `values-development.yaml` - Development settings + - `values-production.yaml` - Production example + +## Quick Start + +### For Docker Compose Development + +1. Copy the environment template: + ```bash + cp .env.example .env + ``` + +2. Edit `.env` with your configuration: + ```bash + nano .env + ``` + +3. Update the following required values: + - `MONGO_ROOT_PASSWORD` - MongoDB password + - `LLM_API_KEY` - Your LLM provider API key + - `LLM_BASE_URL` - LLM provider endpoint + - `MCP_API_KEY` - MCP server API key + +4. Start the services: + ```bash + cd deploy/docker + docker-compose -f docker-compose.dev.yml up -d + ``` + +### For Kubernetes/Helm Deployment + +1. Copy and customize the values file: + ```bash + cp values.yaml my-values.yaml + ``` + +2. Edit `my-values.yaml` with your configuration + +3. Deploy with Helm: + ```bash + helm install my-release deploy/helm/datacenter-docs -f my-values.yaml + ``` + +## Configuration Mapping + +Here's how the `.env` variables map to `values.yaml`: + +| .env Variable | values.yaml Path | Description | +|---------------|------------------|-------------| +| `MONGO_ROOT_USER` | `mongodb.auth.rootUsername` | MongoDB root username | +| `MONGO_ROOT_PASSWORD` | `mongodb.auth.rootPassword` | MongoDB root password | +| `MONGODB_URL` | `mongodb.url` | MongoDB connection URL | +| `MONGODB_DATABASE` | `mongodb.auth.database` | Database name | +| `REDIS_PASSWORD` | `redis.auth.password` | Redis password | +| `REDIS_URL` | `redis.url` | Redis connection URL | +| `MCP_SERVER_URL` | `mcp.server.url` | MCP server endpoint | +| `MCP_API_KEY` | `mcp.server.apiKey` | MCP API key | +| `PROXMOX_HOST` | `proxmox.host` | Proxmox server hostname | +| `PROXMOX_USER` | `proxmox.auth.user` | Proxmox username | +| `PROXMOX_PASSWORD` | `proxmox.auth.password` | Proxmox password | +| `LLM_BASE_URL` | `llm.baseUrl` | LLM API endpoint | +| `LLM_API_KEY` | `llm.apiKey` | LLM API key | +| `LLM_MODEL` | `llm.model` | LLM model name | +| `LLM_TEMPERATURE` | `llm.generation.temperature` | Generation temperature | +| `LLM_MAX_TOKENS` | `llm.generation.maxTokens` | Max tokens per request | +| `API_HOST` | `api.host` | API server host | +| `API_PORT` | `api.port` | API server port | +| `WORKERS` | `api.workers` | Number of API workers | +| `CORS_ORIGINS` | `cors.origins` | Allowed CORS origins | +| `LOG_LEVEL` | `application.logging.level` | Logging level | +| `DEBUG` | `application.debug` | Debug mode | +| `CELERY_BROKER_URL` | `celery.broker.url` | Celery broker URL | +| `CELERY_RESULT_BACKEND` | `celery.result.backend` | Celery result backend | +| `VECTOR_STORE_PATH` | `vectorStore.chroma.path` | Vector store path | +| `EMBEDDING_MODEL` | `vectorStore.embedding.model` | Embedding model name | + +## Configuration Sections + +### 1. Database Configuration + +#### MongoDB +```yaml +mongodb: + auth: + rootUsername: admin + rootPassword: "your-secure-password" + database: datacenter_docs + url: "mongodb://admin:password@mongodb:27017" +``` + +**Security Note**: Always use strong passwords in production! + +#### Redis +```yaml +redis: + auth: + password: "your-redis-password" + url: "redis://redis:6379/0" +``` + +### 2. LLM Provider Configuration + +The system supports multiple LLM providers through OpenAI-compatible APIs: + +#### OpenAI +```yaml +llm: + provider: openai + baseUrl: "https://api.openai.com/v1" + apiKey: "sk-your-key" + model: "gpt-4-turbo-preview" +``` + +#### Anthropic Claude +```yaml +llm: + provider: anthropic + baseUrl: "https://api.anthropic.com/v1" + apiKey: "sk-ant-your-key" + model: "claude-sonnet-4-20250514" +``` + +#### Local (Ollama) +```yaml +llm: + provider: ollama + baseUrl: "http://localhost:11434/v1" + apiKey: "ollama" + model: "llama3" +``` + +### 3. Auto-Remediation Configuration + +Control how the system handles automated problem resolution: + +```yaml +autoRemediation: + enabled: true + minReliabilityScore: 85.0 + requireApprovalThreshold: 90.0 + maxActionsPerHour: 100 + dryRun: false # Set to true for testing +``` + +**Important**: Start with `dryRun: true` to test without making actual changes! + +### 4. Infrastructure Collectors + +Enable/disable different infrastructure data collectors: + +```yaml +collectors: + vmware: + enabled: true + host: "vcenter.example.com" + kubernetes: + enabled: true + proxmox: + enabled: true +``` + +### 5. Security Settings + +```yaml +security: + authentication: + enabled: true + method: "jwt" + rateLimit: + enabled: true + requestsPerMinute: 100 +``` + +## Environment-Specific Configuration + +### Development + +For development, use minimal resources and verbose logging: + +```yaml +application: + logging: + level: "DEBUG" + debug: true + environment: "development" + +autoRemediation: + dryRun: true # Never make real changes in dev + +llm: + baseUrl: "http://localhost:11434/v1" # Use local Ollama +``` + +### Production + +For production, use secure settings and proper resource limits: + +```yaml +application: + logging: + level: "INFO" + debug: false + environment: "production" + +autoRemediation: + enabled: true + minReliabilityScore: 95.0 # Higher threshold + requireApprovalThreshold: 98.0 + dryRun: false + +security: + authentication: + enabled: true + rateLimit: + enabled: true +``` + +## Configuration Best Practices + +### 1. Secret Management + +**Never commit secrets to version control!** + +For development: +- Use `.env` (add to `.gitignore`) +- Use default passwords (change in production) + +For production: +- Use Kubernetes Secrets +- Use external secret managers (Vault, AWS Secrets Manager, etc.) +- Rotate secrets regularly + +Example with Kubernetes Secret: +```bash +kubectl create secret generic datacenter-docs-secrets \ + --from-literal=mongodb-password="$(openssl rand -base64 32)" \ + --from-literal=llm-api-key="your-actual-key" +``` + +### 2. Resource Limits + +Always set appropriate resource limits: + +```yaml +resources: + api: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" +``` + +### 3. High Availability + +For production deployments: + +```yaml +api: + replicaCount: 3 # Multiple replicas + +mongodb: + persistence: + enabled: true + size: 50Gi + storageClass: "fast-ssd" +``` + +### 4. Monitoring + +Enable monitoring and observability: + +```yaml +monitoring: + metrics: + enabled: true + health: + enabled: true + tracing: + enabled: true + provider: "jaeger" +``` + +### 5. Backup Configuration + +Configure regular backups: + +```yaml +backup: + enabled: true + schedule: "0 2 * * *" # Daily at 2 AM + retention: + daily: 7 + weekly: 4 + monthly: 12 +``` + +## Validation + +### Validate .env File + +```bash +# Check for required variables +grep -E "^(MONGODB_URL|LLM_API_KEY|MCP_API_KEY)=" .env +``` + +### Validate values.yaml + +```bash +# Install yq (YAML processor) +# brew install yq # macOS +# sudo apt install yq # Ubuntu + +# Validate YAML syntax +yq eval '.' values.yaml > /dev/null && echo "Valid YAML" || echo "Invalid YAML" + +# Check specific values +yq eval '.llm.apiKey' values.yaml +yq eval '.mongodb.auth.rootPassword' values.yaml +``` + +### Validate Helm Values + +```bash +# Lint the Helm chart +helm lint deploy/helm/datacenter-docs -f my-values.yaml + +# Dry-run installation +helm install test deploy/helm/datacenter-docs -f my-values.yaml --dry-run --debug +``` + +## Troubleshooting + +### Common Issues + +#### 1. MongoDB Connection Failed + +Check: +- MongoDB URL is correct +- Password matches in both MongoDB and application config +- MongoDB service is running + +```bash +# Test MongoDB connection +docker exec -it datacenter-docs-mongodb mongosh \ + -u admin -p admin123 --authenticationDatabase admin +``` + +#### 2. LLM API Errors + +Check: +- API key is valid +- Base URL is correct +- Model name is supported by the provider +- Network connectivity to LLM provider + +```bash +# Test LLM API +curl -H "Authorization: Bearer $LLM_API_KEY" \ + $LLM_BASE_URL/models +``` + +#### 3. Redis Connection Issues + +Check: +- Redis URL is correct +- Redis service is running +- Password is correct (if enabled) + +```bash +# Test Redis connection +docker exec -it datacenter-docs-redis redis-cli ping +``` + +## Converting Between Formats + +### From .env to values.yaml + +We provide a conversion script: + +```bash +# TODO: Create conversion script +# python scripts/env_to_values.py .env > my-values.yaml +``` + +Manual conversion example: +```bash +# .env +MONGODB_URL=mongodb://admin:pass@mongodb:27017 + +# values.yaml +mongodb: + url: "mongodb://admin:pass@mongodb:27017" +``` + +### From values.yaml to .env + +```bash +# Extract specific values +echo "MONGODB_URL=$(yq eval '.mongodb.url' values.yaml)" >> .env +echo "LLM_API_KEY=$(yq eval '.llm.apiKey' values.yaml)" >> .env +``` + +## Examples + +### Example 1: Local Development with Ollama + +```yaml +# values-local.yaml +llm: + provider: ollama + baseUrl: "http://localhost:11434/v1" + apiKey: "ollama" + model: "llama3" + +application: + debug: true + logging: + level: "DEBUG" + +autoRemediation: + dryRun: true +``` + +### Example 2: Production with OpenAI + +```yaml +# values-prod.yaml +llm: + provider: openai + baseUrl: "https://api.openai.com/v1" + apiKey: "sk-prod-key-from-secret-manager" + model: "gpt-4-turbo-preview" + +application: + debug: false + logging: + level: "INFO" + +autoRemediation: + enabled: true + minReliabilityScore: 95.0 + dryRun: false + +security: + authentication: + enabled: true + rateLimit: + enabled: true +``` + +### Example 3: Multi-Environment Setup + +```bash +# Development +helm install dev deploy/helm/datacenter-docs \ + -f values.yaml \ + -f values-development.yaml + +# Staging +helm install staging deploy/helm/datacenter-docs \ + -f values.yaml \ + -f values-staging.yaml + +# Production +helm install prod deploy/helm/datacenter-docs \ + -f values.yaml \ + -f values-production.yaml +``` + +## Related Documentation + +- [Main README](README.md) +- [Docker Deployment](deploy/docker/README.md) +- [Helm Chart](deploy/helm/README.md) +- [Environment Variables](.env.example) +- [Project Repository](https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine) + +## Support + +For configuration help: +- Open an issue: https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine/issues +- Check the documentation +- Review example configurations in `deploy/` directory diff --git a/deploy/helm/README.md b/deploy/helm/README.md new file mode 100644 index 0000000..53ec84a --- /dev/null +++ b/deploy/helm/README.md @@ -0,0 +1,400 @@ +# Helm Deployment + +This directory contains Helm charts for deploying the Datacenter Docs & Remediation Engine on Kubernetes. + +## Contents + +- `datacenter-docs/` - Main Helm chart for the application +- `test-chart.sh` - Automated testing script for chart validation + +## Quick Start + +### Prerequisites + +- Kubernetes cluster (1.19+) +- Helm 3.0+ +- kubectl configured to access your cluster + +### Development/Testing Installation + +```bash +# Install with development settings (minimal resources, local testing) +helm install dev ./datacenter-docs -f ./datacenter-docs/values-development.yaml + +# Access the application +kubectl port-forward svc/dev-datacenter-docs-api 8000:8000 +kubectl port-forward svc/dev-datacenter-docs-frontend 8080:80 + +# View API docs: http://localhost:8000/api/docs +# View frontend: http://localhost:8080 +``` + +### Production Installation + +```bash +# Copy and customize production values +cp datacenter-docs/values-production.yaml my-production-values.yaml + +# Edit my-production-values.yaml: +# - Change all secrets (llmApiKey, apiSecretKey, mongodbPassword) +# - Update ingress hosts +# - Adjust resource limits +# - Configure LLM provider +# - Review auto-remediation settings + +# Install +helm install prod ./datacenter-docs -f my-production-values.yaml + +# Verify deployment +helm list +kubectl get pods +kubectl get ingress +``` + +## Chart Structure + +``` +datacenter-docs/ +├── Chart.yaml # Chart metadata +├── values.yaml # Default configuration +├── values-development.yaml # Development settings +├── values-production.yaml # Production example +├── README.md # Detailed chart documentation +├── .helmignore # Files to exclude from package +└── templates/ + ├── NOTES.txt # Post-install instructions + ├── _helpers.tpl # Template helpers + ├── configmap.yaml # Application configuration + ├── secrets.yaml # Sensitive data + ├── serviceaccount.yaml # Service account + ├── mongodb-statefulset.yaml # MongoDB StatefulSet + ├── mongodb-service.yaml # MongoDB Service + ├── redis-deployment.yaml # Redis Deployment + ├── redis-service.yaml # Redis Service + ├── api-deployment.yaml # API Deployment + ├── api-service.yaml # API Service + ├── api-hpa.yaml # API autoscaling + ├── chat-deployment.yaml # Chat Deployment + ├── chat-service.yaml # Chat Service + ├── worker-deployment.yaml # Worker Deployment + ├── worker-hpa.yaml # Worker autoscaling + ├── frontend-deployment.yaml # Frontend Deployment + ├── frontend-service.yaml # Frontend Service + └── ingress.yaml # Ingress configuration +``` + +## Testing the Chart + +Run the automated test script: + +```bash +cd deploy/helm +./test-chart.sh +``` + +This will: +1. Lint the chart +2. Render templates with different value files +3. Perform dry-run installation +4. Validate Kubernetes manifests +5. Package the chart + +## Common Operations + +### Upgrade Release + +```bash +# Upgrade with new values +helm upgrade prod ./datacenter-docs -f my-production-values.yaml + +# Upgrade with specific parameter changes +helm upgrade prod ./datacenter-docs --set api.replicaCount=10 --reuse-values +``` + +### Check Status + +```bash +# List releases +helm list + +# Get release status +helm status prod + +# Get current values +helm get values prod + +# Get all manifests +helm get manifest prod +``` + +### Rollback + +```bash +# View revision history +helm history prod + +# Rollback to previous version +helm rollback prod + +# Rollback to specific revision +helm rollback prod 2 +``` + +### Uninstall + +```bash +# Uninstall release +helm uninstall prod + +# Also delete PVCs (if using persistent storage) +kubectl delete pvc -l app.kubernetes.io/instance=prod +``` + +## Configuration Files + +### values.yaml +Default configuration with reasonable settings for development/testing. + +### values-development.yaml +Optimized for local development: +- Minimal resource requests/limits +- Single replicas +- Persistence disabled +- Dry-run mode for auto-remediation +- Debug logging +- Ingress disabled (use port-forward) + +### values-production.yaml +Example production configuration: +- Higher resource limits +- Multiple replicas +- Autoscaling enabled +- Persistence enabled with larger volumes +- TLS/SSL enabled +- Production-grade security settings +- All components enabled + +**Important**: Copy and customize this file for your environment. Never use default secrets! + +## Available Components + +| Component | Purpose | Default Enabled | +|-----------|---------|-----------------| +| MongoDB | Document database | Yes | +| Redis | Cache & task queue | Yes | +| API | REST API service | Yes | +| Chat | WebSocket server | No (not implemented) | +| Worker | Celery background tasks | No (not implemented) | +| Frontend | Web UI | Yes | + +Enable/disable components in your values file: + +```yaml +mongodb: + enabled: true +redis: + enabled: true +api: + enabled: true +chat: + enabled: false # Set to true when implemented +worker: + enabled: false # Set to true when implemented +frontend: + enabled: true +``` + +## Architecture + +The chart deploys a complete microservices architecture: + +``` + ┌─────────────┐ + │ Ingress │ + └──────┬──────┘ + │ + ┌─────────────┼─────────────┐ + │ │ │ + ┌────▼────┐ ┌────▼────┐ ┌────▼────┐ + │Frontend │ │ API │ │ Chat │ + └─────────┘ └────┬────┘ └────┬────┘ + │ │ + ┌─────────────┼────────────┘ + │ │ + ┌────▼────┐ ┌────▼────┐ + │ Redis │ │ MongoDB │ + └─────────┘ └─────────┘ + ▲ + │ + ┌────┴────┐ + │ Worker │ + └─────────┘ +``` + +## LLM Provider Configuration + +The chart supports multiple LLM providers. Configure in your values file: + +### OpenAI + +```yaml +config: + llm: + baseUrl: "https://api.openai.com/v1" + model: "gpt-4-turbo-preview" +secrets: + llmApiKey: "sk-your-openai-key" +``` + +### Anthropic Claude + +```yaml +config: + llm: + baseUrl: "https://api.anthropic.com/v1" + model: "claude-3-opus-20240229" +secrets: + llmApiKey: "sk-ant-your-anthropic-key" +``` + +### Local (Ollama) + +```yaml +config: + llm: + baseUrl: "http://ollama-service:11434/v1" + model: "llama2" +secrets: + llmApiKey: "not-needed" +``` + +### Azure OpenAI + +```yaml +config: + llm: + baseUrl: "https://your-resource.openai.azure.com" + model: "gpt-4" +secrets: + llmApiKey: "your-azure-key" +``` + +## Security Best Practices + +For production deployments: + +1. **Change all default secrets** + ```bash + helm install prod ./datacenter-docs \ + --set secrets.llmApiKey="your-actual-key" \ + --set secrets.apiSecretKey="$(openssl rand -base64 32)" \ + --set secrets.mongodbPassword="$(openssl rand -base64 32)" + ``` + +2. **Use external secret management** + - HashiCorp Vault + - AWS Secrets Manager + - Azure Key Vault + - Kubernetes External Secrets Operator + +3. **Enable TLS/SSL** + ```yaml + ingress: + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + tls: + - secretName: datacenter-docs-tls + hosts: + - datacenter-docs.yourdomain.com + ``` + +4. **Review auto-remediation settings** + ```yaml + config: + autoRemediation: + enabled: true + minReliabilityScore: 95.0 # High threshold for production + dryRun: true # Test first, then set to false + ``` + +5. **Implement network policies** +6. **Enable resource quotas** +7. **Regular security scanning** + +## Monitoring and Observability + +The chart is designed to integrate with: +- **Prometheus**: Metrics collection +- **Grafana**: Visualization +- **Jaeger**: Distributed tracing +- **ELK/Loki**: Log aggregation + +Add annotations to enable monitoring: + +```yaml +podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8000" + prometheus.io/path: "/metrics" +``` + +## Troubleshooting + +### Pods not starting + +```bash +# Check pod status +kubectl get pods -l app.kubernetes.io/instance=prod + +# Describe pod for events +kubectl describe pod + +# View logs +kubectl logs -f +``` + +### Storage issues + +```bash +# Check PVC status +kubectl get pvc + +# Check storage class +kubectl get storageclass + +# Manually create PVC if needed +kubectl apply -f - < rendered.yaml +``` + +### Testing Locally + +```bash +# Create kind cluster +kind create cluster + +# Install chart +helm install test ./datacenter-docs \ + --set ingress.enabled=false \ + --set api.autoscaling.enabled=false \ + --set mongodb.persistence.enabled=false + +# Test +kubectl port-forward svc/test-datacenter-docs-api 8000:8000 +curl http://localhost:8000/health +``` + +## Support + +For issues and questions: +- Issues: https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine/issues +- Documentation: https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine + +## License + +See the main repository for license information. diff --git a/deploy/helm/datacenter-docs/templates/NOTES.txt b/deploy/helm/datacenter-docs/templates/NOTES.txt new file mode 100644 index 0000000..e0c7ca8 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/NOTES.txt @@ -0,0 +1,162 @@ +█████████████████████████████████████████████████████████████████████████████ +█ █ +█ Datacenter Docs & Remediation Engine - Successfully Deployed! █ +█ █ +█████████████████████████████████████████████████████████████████████████████ + +Thank you for installing {{ .Chart.Name }}. + +Your release is named {{ .Release.Name }}. +Release namespace: {{ .Release.Namespace }} + +============================================================================== +📦 INSTALLED COMPONENTS: +============================================================================== + +{{- if .Values.mongodb.enabled }} +✓ MongoDB (Database) +{{- end }} +{{- if .Values.redis.enabled }} +✓ Redis (Cache & Task Queue) +{{- end }} +{{- if .Values.api.enabled }} +✓ API Service +{{- end }} +{{- if .Values.chat.enabled }} +✓ Chat Service (WebSocket) +{{- end }} +{{- if .Values.worker.enabled }} +✓ Celery Worker (Background Tasks) +{{- end }} +{{- if .Values.frontend.enabled }} +✓ Frontend (Web UI) +{{- end }} + +============================================================================== +🔍 CHECK DEPLOYMENT STATUS: +============================================================================== + + kubectl get pods -n {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + + kubectl get services -n {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + +============================================================================== +🌐 ACCESS YOUR APPLICATION: +============================================================================== + +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{ if $.Values.ingress.tls }}https{{ else }}http{{ end }}://{{ $host.host }} +{{- end }} +{{- else if .Values.frontend.enabled }} + +To access the frontend, run: + + kubectl port-forward -n {{ .Release.Namespace }} svc/{{ include "datacenter-docs.frontend.fullname" . }} 8080:{{ .Values.frontend.service.port }} + +Then visit: http://localhost:8080 +{{- end }} + +{{- if .Values.api.enabled }} + +To access the API directly, run: + + kubectl port-forward -n {{ .Release.Namespace }} svc/{{ include "datacenter-docs.api.fullname" . }} 8000:{{ .Values.api.service.port }} + +Then visit: http://localhost:8000/api/docs (OpenAPI documentation) +{{- end }} + +============================================================================== +📊 VIEW LOGS: +============================================================================== + +API logs: + kubectl logs -n {{ .Release.Namespace }} -l app.kubernetes.io/component=api -f + +{{- if .Values.worker.enabled }} +Worker logs: + kubectl logs -n {{ .Release.Namespace }} -l app.kubernetes.io/component=worker -f +{{- end }} + +{{- if .Values.chat.enabled }} +Chat logs: + kubectl logs -n {{ .Release.Namespace }} -l app.kubernetes.io/component=chat -f +{{- end }} + +============================================================================== +🔐 SECURITY NOTICE: +============================================================================== + +{{ if eq .Values.secrets.llmApiKey "sk-your-openai-api-key-here" }} +⚠️ WARNING: You are using the default LLM API key! + Update this immediately in production: + + helm upgrade {{ .Release.Name }} datacenter-docs \ + --set secrets.llmApiKey="your-actual-api-key" \ + --reuse-values +{{ end }} + +{{ if eq .Values.secrets.apiSecretKey "your-secret-key-here-change-in-production" }} +⚠️ WARNING: You are using the default API secret key! + Update this immediately in production: + + helm upgrade {{ .Release.Name }} datacenter-docs \ + --set secrets.apiSecretKey="your-actual-secret-key" \ + --reuse-values +{{ end }} + +For production deployments: + - Use strong, unique secrets + - Enable TLS/SSL for all services + - Review security context and RBAC policies + - Consider using external secret management (e.g., HashiCorp Vault) + +============================================================================== +📖 USEFUL COMMANDS: +============================================================================== + +Upgrade release: + helm upgrade {{ .Release.Name }} datacenter-docs --values custom-values.yaml + +Get values: + helm get values {{ .Release.Name }} + +View all resources: + helm get manifest {{ .Release.Name }} + +Uninstall: + helm uninstall {{ .Release.Name }} + +============================================================================== +🛠️ CONFIGURATION: +============================================================================== + +{{- if .Values.config.autoRemediation.enabled }} +✓ Auto-remediation: ENABLED + - Minimum reliability score: {{ .Values.config.autoRemediation.minReliabilityScore }}% + - Approval threshold: {{ .Values.config.autoRemediation.requireApprovalThreshold }}% + {{- if .Values.config.autoRemediation.dryRun }} + - Mode: DRY RUN (no actual changes will be made) + {{- else }} + - Mode: ACTIVE (changes will be applied) + {{- end }} +{{- else }} +⚠️ Auto-remediation: DISABLED +{{- end }} + +LLM Provider: {{ .Values.config.llm.baseUrl }} +Model: {{ .Values.config.llm.model }} + +============================================================================== +📚 DOCUMENTATION & SUPPORT: +============================================================================== + +For more information, visit: + https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine + +Report issues: + https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine/issues + +============================================================================== + +Happy automating! 🚀 diff --git a/deploy/helm/datacenter-docs/templates/_helpers.tpl b/deploy/helm/datacenter-docs/templates/_helpers.tpl new file mode 100644 index 0000000..83e2854 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/_helpers.tpl @@ -0,0 +1,235 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "datacenter-docs.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +*/}} +{{- define "datacenter-docs.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "datacenter-docs.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "datacenter-docs.labels" -}} +helm.sh/chart: {{ include "datacenter-docs.chart" . }} +{{ include "datacenter-docs.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "datacenter-docs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "datacenter-docs.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "datacenter-docs.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "datacenter-docs.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +MongoDB fullname +*/}} +{{- define "datacenter-docs.mongodb.fullname" -}} +{{- printf "%s-mongodb" (include "datacenter-docs.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Redis fullname +*/}} +{{- define "datacenter-docs.redis.fullname" -}} +{{- printf "%s-redis" (include "datacenter-docs.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +API fullname +*/}} +{{- define "datacenter-docs.api.fullname" -}} +{{- printf "%s-api" (include "datacenter-docs.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Chat fullname +*/}} +{{- define "datacenter-docs.chat.fullname" -}} +{{- printf "%s-chat" (include "datacenter-docs.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Worker fullname +*/}} +{{- define "datacenter-docs.worker.fullname" -}} +{{- printf "%s-worker" (include "datacenter-docs.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Frontend fullname +*/}} +{{- define "datacenter-docs.frontend.fullname" -}} +{{- printf "%s-frontend" (include "datacenter-docs.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Component labels for MongoDB +*/}} +{{- define "datacenter-docs.mongodb.labels" -}} +{{ include "datacenter-docs.labels" . }} +app.kubernetes.io/component: database +{{- end }} + +{{/* +Component labels for Redis +*/}} +{{- define "datacenter-docs.redis.labels" -}} +{{ include "datacenter-docs.labels" . }} +app.kubernetes.io/component: cache +{{- end }} + +{{/* +Component labels for API +*/}} +{{- define "datacenter-docs.api.labels" -}} +{{ include "datacenter-docs.labels" . }} +app.kubernetes.io/component: api +{{- end }} + +{{/* +Component labels for Chat +*/}} +{{- define "datacenter-docs.chat.labels" -}} +{{ include "datacenter-docs.labels" . }} +app.kubernetes.io/component: chat +{{- end }} + +{{/* +Component labels for Worker +*/}} +{{- define "datacenter-docs.worker.labels" -}} +{{ include "datacenter-docs.labels" . }} +app.kubernetes.io/component: worker +{{- end }} + +{{/* +Component labels for Frontend +*/}} +{{- define "datacenter-docs.frontend.labels" -}} +{{ include "datacenter-docs.labels" . }} +app.kubernetes.io/component: frontend +{{- end }} + +{{/* +Selector labels for MongoDB +*/}} +{{- define "datacenter-docs.mongodb.selectorLabels" -}} +{{ include "datacenter-docs.selectorLabels" . }} +app.kubernetes.io/component: database +{{- end }} + +{{/* +Selector labels for Redis +*/}} +{{- define "datacenter-docs.redis.selectorLabels" -}} +{{ include "datacenter-docs.selectorLabels" . }} +app.kubernetes.io/component: cache +{{- end }} + +{{/* +Selector labels for API +*/}} +{{- define "datacenter-docs.api.selectorLabels" -}} +{{ include "datacenter-docs.selectorLabels" . }} +app.kubernetes.io/component: api +{{- end }} + +{{/* +Selector labels for Chat +*/}} +{{- define "datacenter-docs.chat.selectorLabels" -}} +{{ include "datacenter-docs.selectorLabels" . }} +app.kubernetes.io/component: chat +{{- end }} + +{{/* +Selector labels for Worker +*/}} +{{- define "datacenter-docs.worker.selectorLabels" -}} +{{ include "datacenter-docs.selectorLabels" . }} +app.kubernetes.io/component: worker +{{- end }} + +{{/* +Selector labels for Frontend +*/}} +{{- define "datacenter-docs.frontend.selectorLabels" -}} +{{ include "datacenter-docs.selectorLabels" . }} +app.kubernetes.io/component: frontend +{{- end }} + +{{/* +Return the proper image name +*/}} +{{- define "datacenter-docs.image" -}} +{{- $registryName := .registry -}} +{{- $repositoryName := .repository -}} +{{- $tag := .tag | toString -}} +{{- if $registryName }} +{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} +{{- else }} +{{- printf "%s:%s" $repositoryName $tag -}} +{{- end }} +{{- end }} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "datacenter-docs.imagePullSecrets" -}} +{{- if .Values.global.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.global.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for HPA +*/}} +{{- define "datacenter-docs.hpa.apiVersion" -}} +{{- if semverCompare ">=1.23-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "autoscaling/v2" -}} +{{- else -}} +{{- print "autoscaling/v2beta2" -}} +{{- end -}} +{{- end -}} diff --git a/deploy/helm/datacenter-docs/templates/api-deployment.yaml b/deploy/helm/datacenter-docs/templates/api-deployment.yaml new file mode 100644 index 0000000..58ddde9 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/api-deployment.yaml @@ -0,0 +1,120 @@ +{{- if .Values.api.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datacenter-docs.api.fullname" . }} + labels: + {{- include "datacenter-docs.api.labels" . | nindent 4 }} +spec: + {{- if not .Values.api.autoscaling.enabled }} + replicas: {{ .Values.api.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "datacenter-docs.api.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datacenter-docs.api.selectorLabels" . | nindent 8 }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datacenter-docs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + - name: wait-for-mongodb + image: busybox:1.36 + command: + - sh + - -c + - | + until nc -z {{ include "datacenter-docs.mongodb.fullname" . }} {{ .Values.mongodb.service.port }}; do + echo "Waiting for MongoDB..." + sleep 2 + done + - name: wait-for-redis + image: busybox:1.36 + command: + - sh + - -c + - | + until nc -z {{ include "datacenter-docs.redis.fullname" . }} {{ .Values.redis.service.port }}; do + echo "Waiting for Redis..." + sleep 2 + done + containers: + - name: api + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}" + imagePullPolicy: {{ .Values.api.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.api.service.targetPort }} + protocol: TCP + env: + - name: MONGODB_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: mongodb-url + - name: REDIS_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: redis-url + - name: LLM_BASE_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: llm-base-url + - name: LLM_MODEL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: llm-model + - name: LLM_API_KEY + valueFrom: + secretKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-secrets + key: llm-api-key + - name: API_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-secrets + key: api-secret-key + - name: LOG_LEVEL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: log-level + - name: PYTHONPATH + value: "/app/src" + livenessProbe: + {{- toYaml .Values.api.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.api.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.api.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/api-hpa.yaml b/deploy/helm/datacenter-docs/templates/api-hpa.yaml new file mode 100644 index 0000000..beea52a --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/api-hpa.yaml @@ -0,0 +1,32 @@ +{{- if and .Values.api.enabled .Values.api.autoscaling.enabled }} +apiVersion: {{ include "datacenter-docs.hpa.apiVersion" . }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "datacenter-docs.api.fullname" . }} + labels: + {{- include "datacenter-docs.api.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "datacenter-docs.api.fullname" . }} + minReplicas: {{ .Values.api.autoscaling.minReplicas }} + maxReplicas: {{ .Values.api.autoscaling.maxReplicas }} + metrics: + {{- if .Values.api.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.api.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.api.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.api.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/api-service.yaml b/deploy/helm/datacenter-docs/templates/api-service.yaml new file mode 100644 index 0000000..cf26a69 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/api-service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.api.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "datacenter-docs.api.fullname" . }} + labels: + {{- include "datacenter-docs.api.labels" . | nindent 4 }} +spec: + type: {{ .Values.api.service.type }} + ports: + - port: {{ .Values.api.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "datacenter-docs.api.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/chat-deployment.yaml b/deploy/helm/datacenter-docs/templates/chat-deployment.yaml new file mode 100644 index 0000000..36040b9 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/chat-deployment.yaml @@ -0,0 +1,94 @@ +{{- if .Values.chat.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datacenter-docs.chat.fullname" . }} + labels: + {{- include "datacenter-docs.chat.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.chat.replicaCount }} + selector: + matchLabels: + {{- include "datacenter-docs.chat.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datacenter-docs.chat.selectorLabels" . | nindent 8 }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datacenter-docs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + - name: wait-for-mongodb + image: busybox:1.36 + command: + - sh + - -c + - | + until nc -z {{ include "datacenter-docs.mongodb.fullname" . }} {{ .Values.mongodb.service.port }}; do + echo "Waiting for MongoDB..." + sleep 2 + done + containers: + - name: chat + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.chat.image.repository }}:{{ .Values.chat.image.tag }}" + imagePullPolicy: {{ .Values.chat.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.chat.service.targetPort }} + protocol: TCP + env: + - name: MONGODB_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: mongodb-url + - name: LLM_BASE_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: llm-base-url + - name: LLM_MODEL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: llm-model + - name: LLM_API_KEY + valueFrom: + secretKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-secrets + key: llm-api-key + - name: LOG_LEVEL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: log-level + - name: PYTHONPATH + value: "/app/src" + resources: + {{- toYaml .Values.chat.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/chat-service.yaml b/deploy/helm/datacenter-docs/templates/chat-service.yaml new file mode 100644 index 0000000..9a206ad --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/chat-service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.chat.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "datacenter-docs.chat.fullname" . }} + labels: + {{- include "datacenter-docs.chat.labels" . | nindent 4 }} +spec: + type: {{ .Values.chat.service.type }} + ports: + - port: {{ .Values.chat.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "datacenter-docs.chat.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/configmap.yaml b/deploy/helm/datacenter-docs/templates/configmap.yaml new file mode 100644 index 0000000..5629631 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/configmap.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "datacenter-docs.fullname" . }}-config + labels: + {{- include "datacenter-docs.labels" . | nindent 4 }} +data: + # MongoDB connection + mongodb-url: {{ tpl .Values.config.mongodbUrl . | quote }} + + # Redis connection + redis-url: {{ tpl .Values.config.redisUrl . | quote }} + + # LLM configuration + llm-base-url: {{ .Values.config.llm.baseUrl | quote }} + llm-model: {{ .Values.config.llm.model | quote }} + llm-max-tokens: {{ .Values.config.llm.maxTokens | quote }} + llm-temperature: {{ .Values.config.llm.temperature | quote }} + + # MCP configuration + mcp-base-url: {{ .Values.config.mcp.baseUrl | quote }} + mcp-timeout: {{ .Values.config.mcp.timeout | quote }} + + # Auto-remediation configuration + auto-remediation-enabled: {{ .Values.config.autoRemediation.enabled | quote }} + auto-remediation-min-reliability: {{ .Values.config.autoRemediation.minReliabilityScore | quote }} + auto-remediation-approval-threshold: {{ .Values.config.autoRemediation.requireApprovalThreshold | quote }} + auto-remediation-max-actions-per-hour: {{ .Values.config.autoRemediation.maxActionsPerHour | quote }} + auto-remediation-dry-run: {{ .Values.config.autoRemediation.dryRun | quote }} + + # Security configuration + api-key-enabled: {{ .Values.config.apiKeyEnabled | quote }} + cors-origins: {{ join "," .Values.config.corsOrigins | quote }} + + # Logging configuration + log-level: {{ .Values.config.logLevel | quote }} + log-format: {{ .Values.config.logFormat | quote }} diff --git a/deploy/helm/datacenter-docs/templates/frontend-deployment.yaml b/deploy/helm/datacenter-docs/templates/frontend-deployment.yaml new file mode 100644 index 0000000..68cff20 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/frontend-deployment.yaml @@ -0,0 +1,69 @@ +{{- if .Values.frontend.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datacenter-docs.frontend.fullname" . }} + labels: + {{- include "datacenter-docs.frontend.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.frontend.replicaCount }} + selector: + matchLabels: + {{- include "datacenter-docs.frontend.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datacenter-docs.frontend.selectorLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datacenter-docs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: frontend + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}" + imagePullPolicy: {{ .Values.frontend.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.frontend.service.targetPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + resources: + {{- toYaml .Values.frontend.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/frontend-service.yaml b/deploy/helm/datacenter-docs/templates/frontend-service.yaml new file mode 100644 index 0000000..d5d6c65 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/frontend-service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.frontend.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "datacenter-docs.frontend.fullname" . }} + labels: + {{- include "datacenter-docs.frontend.labels" . | nindent 4 }} +spec: + type: {{ .Values.frontend.service.type }} + ports: + - port: {{ .Values.frontend.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "datacenter-docs.frontend.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/ingress.yaml b/deploy/helm/datacenter-docs/templates/ingress.yaml new file mode 100644 index 0000000..679c161 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/ingress.yaml @@ -0,0 +1,57 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "datacenter-docs.fullname" . }} + labels: + {{- include "datacenter-docs.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.className }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + {{- if eq .service "frontend" }} + name: {{ include "datacenter-docs.frontend.fullname" $ }} + {{- else if eq .service "api" }} + name: {{ include "datacenter-docs.api.fullname" $ }} + {{- else if eq .service "chat" }} + name: {{ include "datacenter-docs.chat.fullname" $ }} + {{- else }} + name: {{ .service }} + {{- end }} + port: + {{- if eq .service "frontend" }} + number: {{ $.Values.frontend.service.port }} + {{- else if eq .service "api" }} + number: {{ $.Values.api.service.port }} + {{- else if eq .service "chat" }} + number: {{ $.Values.chat.service.port }} + {{- else }} + number: 80 + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/mongodb-service.yaml b/deploy/helm/datacenter-docs/templates/mongodb-service.yaml new file mode 100644 index 0000000..b4a533e --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/mongodb-service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.mongodb.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "datacenter-docs.mongodb.fullname" . }} + labels: + {{- include "datacenter-docs.mongodb.labels" . | nindent 4 }} +spec: + type: {{ .Values.mongodb.service.type }} + ports: + - port: {{ .Values.mongodb.service.port }} + targetPort: mongodb + protocol: TCP + name: mongodb + selector: + {{- include "datacenter-docs.mongodb.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/mongodb-statefulset.yaml b/deploy/helm/datacenter-docs/templates/mongodb-statefulset.yaml new file mode 100644 index 0000000..b70c122 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/mongodb-statefulset.yaml @@ -0,0 +1,113 @@ +{{- if .Values.mongodb.enabled }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "datacenter-docs.mongodb.fullname" . }} + labels: + {{- include "datacenter-docs.mongodb.labels" . | nindent 4 }} +spec: + serviceName: {{ include "datacenter-docs.mongodb.fullname" . }} + replicas: 1 + selector: + matchLabels: + {{- include "datacenter-docs.mongodb.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datacenter-docs.mongodb.selectorLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datacenter-docs.serviceAccountName" . }} + securityContext: + fsGroup: 999 + runAsUser: 999 + containers: + - name: mongodb + image: "{{ .Values.mongodb.image.repository }}:{{ .Values.mongodb.image.tag }}" + imagePullPolicy: {{ .Values.mongodb.image.pullPolicy }} + ports: + - name: mongodb + containerPort: 27017 + protocol: TCP + env: + - name: MONGO_INITDB_ROOT_USERNAME + valueFrom: + secretKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-secrets + key: mongodb-username + - name: MONGO_INITDB_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-secrets + key: mongodb-password + - name: MONGO_INITDB_DATABASE + value: {{ .Values.mongodb.auth.database | quote }} + livenessProbe: + exec: + command: + - mongosh + - --eval + - "db.adminCommand('ping')" + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + exec: + command: + - mongosh + - --eval + - "db.adminCommand('ping')" + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + resources: + {{- toYaml .Values.mongodb.resources | nindent 12 }} + volumeMounts: + - name: data + mountPath: /data/db + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.mongodb.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: data + labels: + {{- include "datacenter-docs.mongodb.labels" . | nindent 10 }} + spec: + accessModes: + - ReadWriteOnce + {{- if .Values.mongodb.persistence.storageClass }} + {{- if (eq "-" .Values.mongodb.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: {{ .Values.mongodb.persistence.storageClass | quote }} + {{- end }} + {{- end }} + resources: + requests: + storage: {{ .Values.mongodb.persistence.size | quote }} + {{- else }} + volumes: + - name: data + emptyDir: {} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/redis-deployment.yaml b/deploy/helm/datacenter-docs/templates/redis-deployment.yaml new file mode 100644 index 0000000..e8b0246 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/redis-deployment.yaml @@ -0,0 +1,70 @@ +{{- if .Values.redis.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datacenter-docs.redis.fullname" . }} + labels: + {{- include "datacenter-docs.redis.labels" . | nindent 4 }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "datacenter-docs.redis.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datacenter-docs.redis.selectorLabels" . | nindent 8 }} + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datacenter-docs.serviceAccountName" . }} + securityContext: + fsGroup: 999 + runAsUser: 999 + containers: + - name: redis + image: "{{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}" + imagePullPolicy: {{ .Values.redis.image.pullPolicy }} + ports: + - name: redis + containerPort: 6379 + protocol: TCP + livenessProbe: + exec: + command: + - redis-cli + - ping + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + exec: + command: + - redis-cli + - ping + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + resources: + {{- toYaml .Values.redis.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/redis-service.yaml b/deploy/helm/datacenter-docs/templates/redis-service.yaml new file mode 100644 index 0000000..519e304 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/redis-service.yaml @@ -0,0 +1,17 @@ +{{- if .Values.redis.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "datacenter-docs.redis.fullname" . }} + labels: + {{- include "datacenter-docs.redis.labels" . | nindent 4 }} +spec: + type: {{ .Values.redis.service.type }} + ports: + - port: {{ .Values.redis.service.port }} + targetPort: redis + protocol: TCP + name: redis + selector: + {{- include "datacenter-docs.redis.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/secrets.yaml b/deploy/helm/datacenter-docs/templates/secrets.yaml new file mode 100644 index 0000000..0889efc --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/secrets.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "datacenter-docs.fullname" . }}-secrets + labels: + {{- include "datacenter-docs.labels" . | nindent 4 }} +type: Opaque +stringData: + # LLM API Key + llm-api-key: {{ .Values.secrets.llmApiKey | quote }} + + # API Secret Key + api-secret-key: {{ .Values.secrets.apiSecretKey | quote }} + + # MongoDB credentials + mongodb-username: {{ .Values.secrets.mongodbUsername | quote }} + mongodb-password: {{ .Values.secrets.mongodbPassword | quote }} diff --git a/deploy/helm/datacenter-docs/templates/serviceaccount.yaml b/deploy/helm/datacenter-docs/templates/serviceaccount.yaml new file mode 100644 index 0000000..f872ba4 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "datacenter-docs.serviceAccountName" . }} + labels: + {{- include "datacenter-docs.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: true +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/worker-deployment.yaml b/deploy/helm/datacenter-docs/templates/worker-deployment.yaml new file mode 100644 index 0000000..7015659 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/worker-deployment.yaml @@ -0,0 +1,107 @@ +{{- if .Values.worker.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datacenter-docs.worker.fullname" . }} + labels: + {{- include "datacenter-docs.worker.labels" . | nindent 4 }} +spec: + {{- if not .Values.worker.autoscaling.enabled }} + replicas: {{ .Values.worker.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "datacenter-docs.worker.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datacenter-docs.worker.selectorLabels" . | nindent 8 }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datacenter-docs.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + - name: wait-for-mongodb + image: busybox:1.36 + command: + - sh + - -c + - | + until nc -z {{ include "datacenter-docs.mongodb.fullname" . }} {{ .Values.mongodb.service.port }}; do + echo "Waiting for MongoDB..." + sleep 2 + done + - name: wait-for-redis + image: busybox:1.36 + command: + - sh + - -c + - | + until nc -z {{ include "datacenter-docs.redis.fullname" . }} {{ .Values.redis.service.port }}; do + echo "Waiting for Redis..." + sleep 2 + done + containers: + - name: worker + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag }}" + imagePullPolicy: {{ .Values.worker.image.pullPolicy }} + env: + - name: MONGODB_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: mongodb-url + - name: REDIS_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: redis-url + - name: LLM_BASE_URL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: llm-base-url + - name: LLM_MODEL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: llm-model + - name: LLM_API_KEY + valueFrom: + secretKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-secrets + key: llm-api-key + - name: LOG_LEVEL + valueFrom: + configMapKeyRef: + name: {{ include "datacenter-docs.fullname" . }}-config + key: log-level + - name: PYTHONPATH + value: "/app/src" + resources: + {{- toYaml .Values.worker.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/templates/worker-hpa.yaml b/deploy/helm/datacenter-docs/templates/worker-hpa.yaml new file mode 100644 index 0000000..f0e8580 --- /dev/null +++ b/deploy/helm/datacenter-docs/templates/worker-hpa.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.worker.enabled .Values.worker.autoscaling.enabled }} +apiVersion: {{ include "datacenter-docs.hpa.apiVersion" . }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "datacenter-docs.worker.fullname" . }} + labels: + {{- include "datacenter-docs.worker.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "datacenter-docs.worker.fullname" . }} + minReplicas: {{ .Values.worker.autoscaling.minReplicas }} + maxReplicas: {{ .Values.worker.autoscaling.maxReplicas }} + metrics: + {{- if .Values.worker.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.worker.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/deploy/helm/datacenter-docs/values-development.yaml b/deploy/helm/datacenter-docs/values-development.yaml new file mode 100644 index 0000000..352c0b0 --- /dev/null +++ b/deploy/helm/datacenter-docs/values-development.yaml @@ -0,0 +1,181 @@ +# Development values for datacenter-docs +# This configuration is optimized for local development and testing +# Use with: helm install dev ./datacenter-docs -f values-development.yaml + +global: + imagePullPolicy: IfNotPresent + storageClass: "" + +# MongoDB - minimal resources for development +mongodb: + enabled: true + image: + repository: mongo + tag: "7" + pullPolicy: IfNotPresent + auth: + rootUsername: admin + rootPassword: admin123 + database: datacenter_docs + persistence: + enabled: false # Use emptyDir for faster testing + size: 1Gi + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + +# Redis - minimal resources +redis: + enabled: true + resources: + requests: + memory: "64Mi" + cpu: "50m" + limits: + memory: "256Mi" + cpu: "200m" + +# API service - single replica for development +api: + enabled: true + replicaCount: 1 + image: + repository: datacenter-docs-api + tag: "latest" + pullPolicy: IfNotPresent + service: + type: ClusterIP + port: 8000 + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "1Gi" + cpu: "500m" + autoscaling: + enabled: false # Disable for development + +# Chat service - disabled by default (not implemented) +chat: + enabled: false + +# Worker service - disabled by default (not implemented) +worker: + enabled: false + +# Frontend - single replica +frontend: + enabled: true + replicaCount: 1 + image: + repository: datacenter-docs-frontend + tag: "latest" + pullPolicy: IfNotPresent + resources: + requests: + memory: "64Mi" + cpu: "50m" + limits: + memory: "128Mi" + cpu: "100m" + +# Ingress - disabled for development (use port-forward) +ingress: + enabled: false + +# Application configuration for development +config: + mongodbUrl: "mongodb://admin:admin123@{{ include \"datacenter-docs.mongodb.fullname\" . }}:27017/datacenter_docs?authSource=admin" + redisUrl: "redis://{{ include \"datacenter-docs.redis.fullname\" . }}:6379/0" + + llm: + # Use local LLM for development (no API costs) + baseUrl: "http://localhost:11434/v1" # Ollama + model: "llama2" + + # Or use OpenAI with a test key + # baseUrl: "https://api.openai.com/v1" + # model: "gpt-3.5-turbo" + + maxTokens: 2048 + temperature: 0.7 + + mcp: + baseUrl: "http://mcp-server:8080" + timeout: 30 + + # Auto-remediation in dry-run mode for safety + autoRemediation: + enabled: true + minReliabilityScore: 85.0 + requireApprovalThreshold: 90.0 + maxActionsPerHour: 100 + dryRun: true # ALWAYS dry-run in development + + apiKeyEnabled: false # Disable for easier testing + corsOrigins: + - "http://localhost:3000" + - "http://localhost:8080" + - "http://localhost:8000" + + logLevel: "DEBUG" # Verbose logging for development + logFormat: "text" # Human-readable logs + +# Secrets - safe defaults for development only +secrets: + llmApiKey: "not-needed-for-local-llm" + apiSecretKey: "dev-secret-key-not-for-production" + mongodbUsername: "admin" + mongodbPassword: "admin123" + +# ServiceAccount +serviceAccount: + create: true + annotations: {} + name: "" + +# Relaxed security for development +podSecurityContext: + fsGroup: 1000 + +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + +# No node selectors or tolerations +nodeSelector: {} +tolerations: [] +affinity: {} + +# No priority class +priorityClassName: "" + +# Development tips: +# +# 1. Port-forward to access services: +# kubectl port-forward svc/dev-datacenter-docs-api 8000:8000 +# kubectl port-forward svc/dev-datacenter-docs-frontend 8080:80 +# +# 2. View logs: +# kubectl logs -l app.kubernetes.io/component=api -f +# +# 3. Access MongoDB directly: +# kubectl port-forward svc/dev-datacenter-docs-mongodb 27017:27017 +# mongosh mongodb://admin:admin123@localhost:27017 +# +# 4. Quick iteration: +# # Make code changes +# docker build -t datacenter-docs-api:latest -f deploy/docker/Dockerfile.api . +# kubectl rollout restart deployment/dev-datacenter-docs-api +# +# 5. Clean slate: +# helm uninstall dev +# kubectl delete pvc --all +# helm install dev ./datacenter-docs -f values-development.yaml diff --git a/deploy/helm/datacenter-docs/values-production.yaml b/deploy/helm/datacenter-docs/values-production.yaml new file mode 100644 index 0000000..2e504c4 --- /dev/null +++ b/deploy/helm/datacenter-docs/values-production.yaml @@ -0,0 +1,304 @@ +# Production values for datacenter-docs +# This is an example configuration for production deployment +# Copy this file and customize it for your environment + +global: + imagePullPolicy: Always + storageClass: "standard" # Use your storage class + +# MongoDB configuration for production +mongodb: + enabled: true + auth: + rootUsername: admin + rootPassword: "CHANGE-THIS-IN-PRODUCTION" # Use strong password + database: datacenter_docs + persistence: + enabled: true + size: 50Gi # Adjust based on expected data volume + storageClass: "fast-ssd" # Use SSD storage class for better performance + resources: + requests: + memory: "2Gi" + cpu: "1000m" + limits: + memory: "4Gi" + cpu: "2000m" + +# Redis configuration for production +redis: + enabled: true + resources: + requests: + memory: "256Mi" + cpu: "200m" + limits: + memory: "1Gi" + cpu: "1000m" + +# API service - production scale +api: + enabled: true + replicaCount: 5 + image: + repository: your-registry.io/datacenter-docs-api + tag: "v1.0.0" # Use specific version, not latest + pullPolicy: Always + service: + type: ClusterIP + port: 8000 + resources: + requests: + memory: "1Gi" + cpu: "500m" + limits: + memory: "4Gi" + cpu: "2000m" + autoscaling: + enabled: true + minReplicas: 5 + maxReplicas: 20 + targetCPUUtilizationPercentage: 70 + targetMemoryUtilizationPercentage: 80 + +# Chat service - enable in production +chat: + enabled: true + replicaCount: 3 + image: + repository: your-registry.io/datacenter-docs-chat + tag: "v1.0.0" + pullPolicy: Always + resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + +# Worker service - enable in production +worker: + enabled: true + replicaCount: 5 + image: + repository: your-registry.io/datacenter-docs-worker + tag: "v1.0.0" + pullPolicy: Always + resources: + requests: + memory: "1Gi" + cpu: "500m" + limits: + memory: "4Gi" + cpu: "2000m" + autoscaling: + enabled: true + minReplicas: 3 + maxReplicas: 20 + targetCPUUtilizationPercentage: 75 + +# Frontend - production scale +frontend: + enabled: true + replicaCount: 3 + image: + repository: your-registry.io/datacenter-docs-frontend + tag: "v1.0.0" + pullPolicy: Always + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + +# Ingress - production configuration +ingress: + enabled: true + className: "nginx" + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "50m" + nginx.ingress.kubernetes.io/rate-limit: "100" + nginx.ingress.kubernetes.io/limit-rps: "50" + hosts: + - host: datacenter-docs.yourdomain.com + paths: + - path: / + pathType: Prefix + service: frontend + - path: /api + pathType: Prefix + service: api + - path: /ws + pathType: Prefix + service: chat + tls: + - secretName: datacenter-docs-tls + hosts: + - datacenter-docs.yourdomain.com + +# Application configuration for production +config: + # MongoDB connection (if using external MongoDB, change this) + mongodbUrl: "mongodb://admin:CHANGE-THIS-IN-PRODUCTION@{{ include \"datacenter-docs.mongodb.fullname\" . }}:27017/datacenter_docs?authSource=admin" + + # Redis connection + redisUrl: "redis://{{ include \"datacenter-docs.redis.fullname\" . }}:6379/0" + + # LLM Provider configuration + llm: + # For OpenAI + baseUrl: "https://api.openai.com/v1" + model: "gpt-4-turbo-preview" + + # For Anthropic Claude (alternative) + # baseUrl: "https://api.anthropic.com/v1" + # model: "claude-3-opus-20240229" + + # For Azure OpenAI (alternative) + # baseUrl: "https://your-resource.openai.azure.com" + # model: "gpt-4" + + maxTokens: 4096 + temperature: 0.7 + + # MCP configuration + mcp: + baseUrl: "http://mcp-server:8080" + timeout: 30 + + # Auto-remediation configuration + autoRemediation: + enabled: true + minReliabilityScore: 90.0 # Higher threshold for production + requireApprovalThreshold: 95.0 + maxActionsPerHour: 50 # Conservative limit + dryRun: false # Set to true for initial deployment + + # Security + apiKeyEnabled: true + corsOrigins: + - "https://datacenter-docs.yourdomain.com" + - "https://admin.yourdomain.com" + + # Logging + logLevel: "INFO" # Use "DEBUG" for troubleshooting + logFormat: "json" + +# Secrets - MUST BE CHANGED IN PRODUCTION +secrets: + # LLM API Key + llmApiKey: "CHANGE-THIS-TO-YOUR-ACTUAL-API-KEY" + + # API authentication secret key + apiSecretKey: "CHANGE-THIS-TO-A-STRONG-RANDOM-KEY" + + # MongoDB credentials + mongodbUsername: "admin" + mongodbPassword: "CHANGE-THIS-IN-PRODUCTION" + +# ServiceAccount +serviceAccount: + create: true + annotations: + # Add cloud provider annotations if needed + # eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT-ID:role/IAM-ROLE-NAME + name: "" + +# Pod security context +podSecurityContext: + fsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + +# Container security context +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: 1000 + +# Node selector - place workloads on specific nodes +nodeSelector: + workload-type: "application" + # kubernetes.io/arch: amd64 + +# Tolerations - allow scheduling on tainted nodes +tolerations: + - key: "workload-type" + operator: "Equal" + value: "application" + effect: "NoSchedule" + +# Affinity rules - spread pods across zones and nodes +affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - datacenter-docs + topologyKey: kubernetes.io/hostname + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/component + operator: In + values: + - api + topologyKey: topology.kubernetes.io/zone + +# Priority class - ensure critical pods are scheduled first +priorityClassName: "high-priority" + +# Additional production recommendations: +# +# 1. Use external secret management: +# - HashiCorp Vault +# - AWS Secrets Manager +# - Azure Key Vault +# - Google Secret Manager +# +# 2. Enable monitoring: +# - Prometheus metrics +# - Grafana dashboards +# - AlertManager alerts +# +# 3. Enable logging: +# - ELK Stack +# - Loki +# - CloudWatch +# +# 4. Enable tracing: +# - Jaeger +# - OpenTelemetry +# +# 5. Backup strategy: +# - MongoDB backups (Velero, native tools) +# - Disaster recovery plan +# +# 6. Network policies: +# - Restrict pod-to-pod communication +# - Isolate database access +# +# 7. Pod disruption budgets: +# - Ensure high availability during updates +# +# 8. Regular security scans: +# - Container image scanning +# - Dependency vulnerability scanning diff --git a/deploy/helm/datacenter-docs/values.yaml b/deploy/helm/datacenter-docs/values.yaml new file mode 100644 index 0000000..ec45aac --- /dev/null +++ b/deploy/helm/datacenter-docs/values.yaml @@ -0,0 +1,265 @@ +# Default values for datacenter-docs +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + imagePullPolicy: IfNotPresent + storageClass: "" + +# MongoDB configuration +mongodb: + enabled: true + image: + repository: mongo + tag: "7" + pullPolicy: IfNotPresent + service: + type: ClusterIP + port: 27017 + auth: + enabled: true + rootUsername: admin + rootPassword: admin123 + database: datacenter_docs + persistence: + enabled: true + size: 10Gi + storageClass: "" + resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + +# Redis configuration +redis: + enabled: true + image: + repository: redis + tag: "7-alpine" + pullPolicy: IfNotPresent + service: + type: ClusterIP + port: 6379 + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + +# API service configuration +api: + enabled: true + replicaCount: 2 + image: + repository: datacenter-docs-api + tag: "latest" + pullPolicy: Always + service: + type: ClusterIP + port: 8000 + targetPort: 8000 + resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + autoscaling: + enabled: true + minReplicas: 2 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 + livenessProbe: + httpGet: + path: /health + port: 8000 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: 8000 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + +# Chat service configuration +chat: + enabled: false # Not yet implemented + replicaCount: 1 + image: + repository: datacenter-docs-chat + tag: "latest" + pullPolicy: Always + service: + type: ClusterIP + port: 8001 + targetPort: 8001 + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "1Gi" + cpu: "500m" + +# Worker service configuration +worker: + enabled: false # Not yet implemented + replicaCount: 3 + image: + repository: datacenter-docs-worker + tag: "latest" + pullPolicy: Always + resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + autoscaling: + enabled: true + minReplicas: 1 + maxReplicas: 10 + targetCPUUtilizationPercentage: 80 + +# Frontend service configuration +frontend: + enabled: true + replicaCount: 2 + image: + repository: datacenter-docs-frontend + tag: "latest" + pullPolicy: Always + service: + type: ClusterIP + port: 80 + targetPort: 80 + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "256Mi" + cpu: "200m" + +# Ingress configuration +ingress: + enabled: true + className: "nginx" + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "50m" + hosts: + - host: datacenter-docs.example.com + paths: + - path: / + pathType: Prefix + service: frontend + - path: /api + pathType: Prefix + service: api + - path: /ws + pathType: Prefix + service: chat + tls: + - secretName: datacenter-docs-tls + hosts: + - datacenter-docs.example.com + +# Application configuration +config: + # MongoDB connection + mongodbUrl: "mongodb://admin:admin123@{{ include \"datacenter-docs.mongodb.fullname\" . }}:27017/datacenter_docs?authSource=admin" + + # Redis connection + redisUrl: "redis://{{ include \"datacenter-docs.redis.fullname\" . }}:6379/0" + + # LLM Provider configuration + llm: + baseUrl: "https://api.openai.com/v1" + model: "gpt-4-turbo-preview" + maxTokens: 4096 + temperature: 0.7 + + # MCP configuration + mcp: + baseUrl: "http://mcp-server:8080" + timeout: 30 + + # Auto-remediation configuration + autoRemediation: + enabled: true + minReliabilityScore: 85.0 + requireApprovalThreshold: 90.0 + maxActionsPerHour: 100 + dryRun: false + + # Security + apiKeyEnabled: true + corsOrigins: + - "http://localhost:3000" + - "https://datacenter-docs.example.com" + + # Logging + logLevel: "INFO" + logFormat: "json" + +# Secrets (should be overridden in production) +secrets: + # LLM API Key + llmApiKey: "sk-your-openai-api-key-here" + + # API authentication + apiSecretKey: "your-secret-key-here-change-in-production" + + # MongoDB credentials (override mongodb.auth if using external DB) + mongodbUsername: "admin" + mongodbPassword: "admin123" + +# ServiceAccount configuration +serviceAccount: + create: true + annotations: {} + name: "" + +# Pod annotations +podAnnotations: {} + +# Pod security context +podSecurityContext: + fsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + +# Container security context +securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: false + +# Node selector +nodeSelector: {} + +# Tolerations +tolerations: [] + +# Affinity rules +affinity: {} + +# Priority class +priorityClassName: "" diff --git a/deploy/helm/test-chart.sh b/deploy/helm/test-chart.sh new file mode 100755 index 0000000..00730d0 --- /dev/null +++ b/deploy/helm/test-chart.sh @@ -0,0 +1,143 @@ +#!/bin/bash +# Test script for Helm chart validation +# Usage: ./test-chart.sh + +set -e + +CHART_DIR="datacenter-docs" +RELEASE_NAME="test-datacenter-docs" + +echo "==========================================" +echo "Helm Chart Testing Script" +echo "==========================================" +echo "" + +# Check if helm is installed +if ! command -v helm &> /dev/null; then + echo "ERROR: helm is not installed. Please install Helm first." + exit 1 +fi + +echo "✓ Helm version: $(helm version --short)" +echo "" + +# Lint the chart +echo "==========================================" +echo "Step 1: Linting Chart" +echo "==========================================" +helm lint ${CHART_DIR} +echo "✓ Lint passed" +echo "" + +# Template rendering with default values +echo "==========================================" +echo "Step 2: Template Rendering (default values)" +echo "==========================================" +helm template ${RELEASE_NAME} ${CHART_DIR} > /tmp/rendered-default.yaml +echo "✓ Template rendering successful" +echo " Output: /tmp/rendered-default.yaml" +echo "" + +# Template rendering with development values +echo "==========================================" +echo "Step 3: Template Rendering (development values)" +echo "==========================================" +helm template ${RELEASE_NAME} ${CHART_DIR} -f ${CHART_DIR}/values-development.yaml > /tmp/rendered-dev.yaml +echo "✓ Template rendering successful" +echo " Output: /tmp/rendered-dev.yaml" +echo "" + +# Template rendering with production values +echo "==========================================" +echo "Step 4: Template Rendering (production values)" +echo "==========================================" +helm template ${RELEASE_NAME} ${CHART_DIR} -f ${CHART_DIR}/values-production.yaml > /tmp/rendered-prod.yaml +echo "✓ Template rendering successful" +echo " Output: /tmp/rendered-prod.yaml" +echo "" + +# Dry run installation +echo "==========================================" +echo "Step 5: Dry Run Installation" +echo "==========================================" +helm install ${RELEASE_NAME} ${CHART_DIR} --dry-run --debug > /tmp/dry-run.log 2>&1 +echo "✓ Dry run successful" +echo " Output: /tmp/dry-run.log" +echo "" + +# Test with disabled components +echo "==========================================" +echo "Step 6: Template with Disabled Components" +echo "==========================================" +helm template ${RELEASE_NAME} ${CHART_DIR} \ + --set mongodb.enabled=false \ + --set redis.enabled=false \ + --set api.enabled=false \ + --set frontend.enabled=false \ + > /tmp/rendered-minimal.yaml +echo "✓ Minimal template rendering successful" +echo " Output: /tmp/rendered-minimal.yaml" +echo "" + +# Test with all components enabled +echo "==========================================" +echo "Step 7: Template with All Components" +echo "==========================================" +helm template ${RELEASE_NAME} ${CHART_DIR} \ + --set chat.enabled=true \ + --set worker.enabled=true \ + > /tmp/rendered-full.yaml +echo "✓ Full template rendering successful" +echo " Output: /tmp/rendered-full.yaml" +echo "" + +# Validate Kubernetes manifests (if kubectl is available) +if command -v kubectl &> /dev/null; then + echo "==========================================" + echo "Step 8: Kubernetes Manifest Validation" + echo "==========================================" + + if kubectl version --client &> /dev/null; then + kubectl apply --dry-run=client -f /tmp/rendered-default.yaml > /dev/null 2>&1 + echo "✓ Kubernetes manifest validation passed" + else + echo "⚠ kubectl not connected to cluster, skipping validation" + fi + echo "" +else + echo "⚠ kubectl not found, skipping Kubernetes validation" + echo "" +fi + +# Package the chart +echo "==========================================" +echo "Step 9: Packaging Chart" +echo "==========================================" +helm package ${CHART_DIR} -d /tmp/ +echo "✓ Chart packaged successfully" +echo " Output: /tmp/datacenter-docs-*.tgz" +echo "" + +# Summary +echo "==========================================" +echo "All Tests Passed! ✓" +echo "==========================================" +echo "" +echo "Generated files:" +echo " - /tmp/rendered-default.yaml (default values)" +echo " - /tmp/rendered-dev.yaml (development values)" +echo " - /tmp/rendered-prod.yaml (production values)" +echo " - /tmp/rendered-minimal.yaml (minimal components)" +echo " - /tmp/rendered-full.yaml (all components)" +echo " - /tmp/dry-run.log (dry run output)" +echo " - /tmp/datacenter-docs-*.tgz (packaged chart)" +echo "" +echo "To install the chart locally:" +echo " helm install my-release ${CHART_DIR}" +echo "" +echo "To install with development values:" +echo " helm install dev ${CHART_DIR} -f ${CHART_DIR}/values-development.yaml" +echo "" +echo "To install with production values (customize first!):" +echo " helm install prod ${CHART_DIR} -f ${CHART_DIR}/values-production.yaml" +echo "" diff --git a/scripts/README.md b/scripts/README.md index ad40ec1..95044a2 100644 --- a/scripts/README.md +++ b/scripts/README.md @@ -148,6 +148,118 @@ After running the validation script, you'll find: --- +## 🔄 convert_config.py + +**Configuration Format Converter** + +### Description + +Converts between `.env` and `values.yaml` configuration formats, making it easy to switch between Docker Compose and Helm deployments. + +### Usage + +#### Prerequisites + +```bash +pip install pyyaml +``` + +#### Convert .env to values.yaml + +```bash +./scripts/convert_config.py env-to-yaml .env values.yaml +``` + +#### Convert values.yaml to .env + +```bash +./scripts/convert_config.py yaml-to-env values.yaml .env +``` + +### Examples + +**Example 1: Create values.yaml from existing .env** + +```bash +# You have an existing .env file from Docker development +./scripts/convert_config.py env-to-yaml .env my-values.yaml + +# Use the generated values.yaml with Helm +helm install my-release deploy/helm/datacenter-docs -f my-values.yaml +``` + +**Example 2: Generate .env from values.yaml** + +```bash +# You have a values.yaml from Kubernetes deployment +./scripts/convert_config.py yaml-to-env values.yaml .env + +# Use the generated .env with Docker Compose +cd deploy/docker +docker-compose -f docker-compose.dev.yml up -d +``` + +**Example 3: Environment migration** + +```bash +# Convert development .env to staging values.yaml +./scripts/convert_config.py env-to-yaml .env.development values-staging.yaml + +# Manually adjust staging-specific settings +nano values-staging.yaml + +# Deploy to staging Kubernetes cluster +helm install staging deploy/helm/datacenter-docs -f values-staging.yaml +``` + +### Supported Configuration + +The script converts: + +- **MongoDB**: Connection settings and authentication +- **Redis**: Connection and authentication +- **MCP Server**: URL and API key +- **Proxmox**: Host, authentication, SSL settings +- **LLM**: Provider settings (OpenAI, Anthropic, Ollama, etc.) +- **API**: Server configuration and workers +- **CORS**: Allowed origins +- **Application**: Logging and debug settings +- **Celery**: Broker and result backend +- **Vector Store**: ChromaDB and embedding model + +### Output + +``` +Reading .env file: .env +Converting to values.yaml format... +Writing values.yaml: my-values.yaml +✓ Conversion completed successfully! + +Output written to: my-values.yaml +``` + +### Limitations + +- Converts common configuration options only +- Complex nested structures may require manual adjustment +- Helm-specific values (resource limits, replicas) not included in .env conversion +- Always review and test converted configuration + +### Tips + +1. **Review output**: Always check converted files for accuracy +2. **Test first**: Validate in development before production +3. **Keep secrets secure**: Use proper secret management tools +4. **Version control**: Track configuration changes + +### See Also + +- [CONFIGURATION.md](../CONFIGURATION.md) - Complete configuration guide +- [.env.example](../.env.example) - Environment variable template +- [values.yaml](../values.yaml) - YAML configuration template + +--- + ## 🚀 Quick Start ```bash diff --git a/scripts/convert_config.py b/scripts/convert_config.py new file mode 100755 index 0000000..305b2f4 --- /dev/null +++ b/scripts/convert_config.py @@ -0,0 +1,298 @@ +#!/usr/bin/env python3 +""" +Configuration Converter +Converts between .env and values.yaml formats +""" + +import os +import sys +import argparse +from pathlib import Path +from typing import Dict, Any +import yaml + + +def parse_env_file(env_file: Path) -> Dict[str, str]: + """Parse .env file and return dictionary of variables.""" + env_vars = {} + + with open(env_file, 'r') as f: + for line in f: + line = line.strip() + + # Skip comments and empty lines + if not line or line.startswith('#'): + continue + + # Parse KEY=VALUE + if '=' in line: + key, value = line.split('=', 1) + env_vars[key.strip()] = value.strip() + + return env_vars + + +def env_to_values(env_vars: Dict[str, str]) -> Dict[str, Any]: + """Convert environment variables to values.yaml structure.""" + + values = { + 'mongodb': { + 'auth': { + 'rootUsername': env_vars.get('MONGO_ROOT_USER', 'admin'), + 'rootPassword': env_vars.get('MONGO_ROOT_PASSWORD', 'changeme'), + 'database': env_vars.get('MONGODB_DATABASE', 'datacenter_docs'), + }, + 'url': env_vars.get('MONGODB_URL', 'mongodb://admin:changeme@mongodb:27017'), + }, + 'redis': { + 'auth': { + 'password': env_vars.get('REDIS_PASSWORD', 'changeme'), + }, + 'url': env_vars.get('REDIS_URL', 'redis://redis:6379/0'), + }, + 'mcp': { + 'server': { + 'url': env_vars.get('MCP_SERVER_URL', 'https://mcp.company.local'), + 'apiKey': env_vars.get('MCP_API_KEY', 'your_mcp_api_key_here'), + }, + }, + 'proxmox': { + 'host': env_vars.get('PROXMOX_HOST', 'proxmox.example.com'), + 'port': int(env_vars.get('PROXMOX_PORT', '8006')), + 'auth': { + 'user': env_vars.get('PROXMOX_USER', 'root@pam'), + 'password': env_vars.get('PROXMOX_PASSWORD', 'your-password-here'), + }, + 'ssl': { + 'verify': env_vars.get('PROXMOX_VERIFY_SSL', 'false').lower() == 'true', + }, + 'timeout': int(env_vars.get('PROXMOX_TIMEOUT', '30')), + }, + 'llm': { + 'baseUrl': env_vars.get('LLM_BASE_URL', 'https://api.openai.com/v1'), + 'apiKey': env_vars.get('LLM_API_KEY', 'sk-your-openai-api-key-here'), + 'model': env_vars.get('LLM_MODEL', 'gpt-4-turbo-preview'), + 'generation': { + 'temperature': float(env_vars.get('LLM_TEMPERATURE', '0.3')), + 'maxTokens': int(env_vars.get('LLM_MAX_TOKENS', '4096')), + }, + }, + 'api': { + 'host': env_vars.get('API_HOST', '0.0.0.0'), + 'port': int(env_vars.get('API_PORT', '8000')), + 'workers': int(env_vars.get('WORKERS', '4')), + }, + 'cors': { + 'origins': env_vars.get('CORS_ORIGINS', 'http://localhost:3000').split(','), + }, + 'application': { + 'logging': { + 'level': env_vars.get('LOG_LEVEL', 'INFO'), + }, + 'debug': env_vars.get('DEBUG', 'false').lower() == 'true', + }, + 'celery': { + 'broker': { + 'url': env_vars.get('CELERY_BROKER_URL', 'redis://redis:6379/0'), + }, + 'result': { + 'backend': env_vars.get('CELERY_RESULT_BACKEND', 'redis://redis:6379/0'), + }, + }, + 'vectorStore': { + 'chroma': { + 'path': env_vars.get('VECTOR_STORE_PATH', './data/chroma_db'), + }, + 'embedding': { + 'model': env_vars.get('EMBEDDING_MODEL', 'sentence-transformers/all-MiniLM-L6-v2'), + }, + }, + } + + return values + + +def values_to_env(values: Dict[str, Any]) -> Dict[str, str]: + """Convert values.yaml structure to environment variables.""" + + env_vars = {} + + # MongoDB + if 'mongodb' in values: + mongo = values['mongodb'] + if 'auth' in mongo: + env_vars['MONGO_ROOT_USER'] = mongo['auth'].get('rootUsername', 'admin') + env_vars['MONGO_ROOT_PASSWORD'] = mongo['auth'].get('rootPassword', 'changeme') + env_vars['MONGODB_DATABASE'] = mongo['auth'].get('database', 'datacenter_docs') + env_vars['MONGODB_URL'] = mongo.get('url', 'mongodb://admin:changeme@mongodb:27017') + + # Redis + if 'redis' in values: + redis = values['redis'] + if 'auth' in redis: + env_vars['REDIS_PASSWORD'] = redis['auth'].get('password', 'changeme') + env_vars['REDIS_URL'] = redis.get('url', 'redis://redis:6379/0') + + # MCP + if 'mcp' in values and 'server' in values['mcp']: + mcp = values['mcp']['server'] + env_vars['MCP_SERVER_URL'] = mcp.get('url', 'https://mcp.company.local') + env_vars['MCP_API_KEY'] = mcp.get('apiKey', 'your_mcp_api_key_here') + + # Proxmox + if 'proxmox' in values: + px = values['proxmox'] + env_vars['PROXMOX_HOST'] = px.get('host', 'proxmox.example.com') + env_vars['PROXMOX_PORT'] = str(px.get('port', 8006)) + if 'auth' in px: + env_vars['PROXMOX_USER'] = px['auth'].get('user', 'root@pam') + env_vars['PROXMOX_PASSWORD'] = px['auth'].get('password', 'your-password-here') + if 'ssl' in px: + env_vars['PROXMOX_VERIFY_SSL'] = str(px['ssl'].get('verify', False)).lower() + env_vars['PROXMOX_TIMEOUT'] = str(px.get('timeout', 30)) + + # LLM + if 'llm' in values: + llm = values['llm'] + env_vars['LLM_BASE_URL'] = llm.get('baseUrl', 'https://api.openai.com/v1') + env_vars['LLM_API_KEY'] = llm.get('apiKey', 'sk-your-openai-api-key-here') + env_vars['LLM_MODEL'] = llm.get('model', 'gpt-4-turbo-preview') + if 'generation' in llm: + env_vars['LLM_TEMPERATURE'] = str(llm['generation'].get('temperature', 0.3)) + env_vars['LLM_MAX_TOKENS'] = str(llm['generation'].get('maxTokens', 4096)) + + # API + if 'api' in values: + api = values['api'] + env_vars['API_HOST'] = api.get('host', '0.0.0.0') + env_vars['API_PORT'] = str(api.get('port', 8000)) + env_vars['WORKERS'] = str(api.get('workers', 4)) + + # CORS + if 'cors' in values: + origins = values['cors'].get('origins', ['http://localhost:3000']) + env_vars['CORS_ORIGINS'] = ','.join(origins) + + # Application + if 'application' in values: + app = values['application'] + if 'logging' in app: + env_vars['LOG_LEVEL'] = app['logging'].get('level', 'INFO') + env_vars['DEBUG'] = str(app.get('debug', False)).lower() + + # Celery + if 'celery' in values: + celery = values['celery'] + if 'broker' in celery: + env_vars['CELERY_BROKER_URL'] = celery['broker'].get('url', 'redis://redis:6379/0') + if 'result' in celery: + env_vars['CELERY_RESULT_BACKEND'] = celery['result'].get('backend', 'redis://redis:6379/0') + + # Vector Store + if 'vectorStore' in values: + vs = values['vectorStore'] + if 'chroma' in vs: + env_vars['VECTOR_STORE_PATH'] = vs['chroma'].get('path', './data/chroma_db') + if 'embedding' in vs: + env_vars['EMBEDDING_MODEL'] = vs['embedding'].get('model', 'sentence-transformers/all-MiniLM-L6-v2') + + return env_vars + + +def write_env_file(env_vars: Dict[str, str], output_file: Path): + """Write environment variables to .env file.""" + + with open(output_file, 'w') as f: + f.write("# =============================================================================\n") + f.write("# Datacenter Documentation System - Configuration\n") + f.write("# Generated from values.yaml\n") + f.write("# =============================================================================\n\n") + + # Group by section + sections = { + 'MongoDB': ['MONGO_ROOT_USER', 'MONGO_ROOT_PASSWORD', 'MONGODB_URL', 'MONGODB_DATABASE'], + 'Redis': ['REDIS_PASSWORD', 'REDIS_URL'], + 'MCP': ['MCP_SERVER_URL', 'MCP_API_KEY'], + 'Proxmox': ['PROXMOX_HOST', 'PROXMOX_PORT', 'PROXMOX_USER', 'PROXMOX_PASSWORD', + 'PROXMOX_VERIFY_SSL', 'PROXMOX_TIMEOUT'], + 'LLM': ['LLM_BASE_URL', 'LLM_API_KEY', 'LLM_MODEL', 'LLM_TEMPERATURE', 'LLM_MAX_TOKENS'], + 'API': ['API_HOST', 'API_PORT', 'WORKERS'], + 'CORS': ['CORS_ORIGINS'], + 'Application': ['LOG_LEVEL', 'DEBUG'], + 'Celery': ['CELERY_BROKER_URL', 'CELERY_RESULT_BACKEND'], + 'Vector Store': ['VECTOR_STORE_PATH', 'EMBEDDING_MODEL'], + } + + for section, keys in sections.items(): + f.write(f"# {section}\n") + for key in keys: + if key in env_vars: + f.write(f"{key}={env_vars[key]}\n") + f.write("\n") + + +def main(): + parser = argparse.ArgumentParser( + description='Convert between .env and values.yaml configuration formats' + ) + parser.add_argument( + 'mode', + choices=['env-to-yaml', 'yaml-to-env'], + help='Conversion mode' + ) + parser.add_argument( + 'input', + type=Path, + help='Input file path' + ) + parser.add_argument( + 'output', + type=Path, + help='Output file path' + ) + + args = parser.parse_args() + + # Check input file exists + if not args.input.exists(): + print(f"Error: Input file not found: {args.input}", file=sys.stderr) + sys.exit(1) + + try: + if args.mode == 'env-to-yaml': + # Convert .env to values.yaml + print(f"Reading .env file: {args.input}") + env_vars = parse_env_file(args.input) + + print("Converting to values.yaml format...") + values = env_to_values(env_vars) + + print(f"Writing values.yaml: {args.output}") + with open(args.output, 'w') as f: + yaml.dump(values, f, default_flow_style=False, sort_keys=False, indent=2) + + print("✓ Conversion completed successfully!") + + else: # yaml-to-env + # Convert values.yaml to .env + print(f"Reading values.yaml file: {args.input}") + with open(args.input, 'r') as f: + values = yaml.safe_load(f) + + print("Converting to .env format...") + env_vars = values_to_env(values) + + print(f"Writing .env file: {args.output}") + write_env_file(env_vars, args.output) + + print("✓ Conversion completed successfully!") + + print(f"\nOutput written to: {args.output}") + + except Exception as e: + print(f"Error during conversion: {e}", file=sys.stderr) + sys.exit(1) + + +if __name__ == '__main__': + main() diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..73abea6 --- /dev/null +++ b/values.yaml @@ -0,0 +1,513 @@ +# ============================================================================= +# Datacenter Documentation System - Configuration Values +# This file provides a structured YAML configuration based on .env variables +# Can be used with Helm or directly for configuration management +# ============================================================================= + +# ============================================================================= +# MongoDB Configuration +# ============================================================================= +mongodb: + # Authentication + auth: + enabled: true + rootUsername: admin + rootPassword: admin123 + database: datacenter_docs + + # Connection URL (auto-generated in Helm, can be overridden) + url: "mongodb://admin:admin123@mongodb:27017" + + # Service configuration + service: + host: mongodb + port: 27017 + + # Persistence (for Kubernetes deployments) + persistence: + enabled: true + size: 10Gi + storageClass: "longhorn" + +# ============================================================================= +# Redis Configuration +# ============================================================================= +redis: + # Authentication + auth: + enabled: false + password: admin + + # Connection URL + url: "redis://redis:6379/0" + + # Service configuration + service: + host: redis + port: 6379 + + # Database number + database: 0 + +# ============================================================================= +# MCP Server Configuration +# ============================================================================= +mcp: + # MCP server connection + server: + url: "https://mcp.company.local" + apiKey: "7DKfHC8i79iPp43tFKNyiHEXQRSec4dH" + timeout: 30 + + # Enable MCP integration + enabled: true + +# ============================================================================= +# Proxmox VE Configuration +# ============================================================================= +proxmox: + # Proxmox server + host: "proxmox.apps.home.arpa.viti" + port: 443 + + # Authentication Method 1: Username + Password (less secure) + auth: + user: "monitoring@pve" + name: "docs-llm-token" + password: "4d97d058-cc96-4189-936d-fe6a6583fcbd" + + # Authentication Method 2: API Token (RECOMMENDED) + # To create: Datacenter → Permissions → API Tokens + # Format: user@realm!tokenname + # token: + # user: "automation@pam" + # name: "docs-collector" + # value: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" + + # SSL Configuration + ssl: + verify: false # Set to true in production with valid certificates + + # Connection settings + timeout: 30 + + # Enable Proxmox collector + enabled: true + +# ============================================================================= +# LLM Configuration (OpenAI-compatible API) +# ============================================================================= +llm: + # Provider selection - uncomment the one you want to use + + # --- OpenAI (Default) --- + provider: openai + baseUrl: "https://llm-studio.apps.home.arpa.viti/v1" + apiKey: "" + model: "llama-3.2-3b-instruct" + # Alternative models: gpt-4, gpt-3.5-turbo, gpt-4o + + # --- Anthropic Claude --- + # provider: anthropic + # baseUrl: "https://api.anthropic.com/v1" + # apiKey: "sk-ant-your-anthropic-key-here" + # model: "claude-sonnet-4-20250514" + # Alternative models: claude-3-opus-20240229, claude-3-sonnet-20240229 + + # --- LLMStudio (Local) --- + # provider: llmstudio + # baseUrl: "http://localhost:1234/v1" + # apiKey: "not-needed" + # model: "your-local-model-name" + + # --- Open-WebUI (Local) --- + # provider: openwebui + # baseUrl: "http://localhost:8080/v1" + # apiKey: "your-open-webui-key" + # model: "llama3" + # Alternative models: mistral, mixtral, codellama + + # --- Ollama (Local) --- + # provider: ollama + # baseUrl: "http://localhost:11434/v1" + # apiKey: "ollama" + # model: "llama3" + # Alternative models: mistral, mixtral, codellama, phi3 + + # Generation Settings + generation: + temperature: 0.3 + maxTokens: 4096 + topP: 1.0 + frequencyPenalty: 0.0 + presencePenalty: 0.0 + +# ============================================================================= +# API Configuration +# ============================================================================= +api: + # Server settings + host: "0.0.0.0" + port: 8000 + workers: 4 + + # Service configuration (for Kubernetes) + service: + type: ClusterIP + port: 8000 + targetPort: 8000 + + # Application settings + debug: false + reloadOnChange: false + + # Security + secretKey: "your-secret-key-change-in-production" + apiKeyEnabled: true + +# ============================================================================= +# CORS Configuration +# ============================================================================= +cors: + enabled: true + origins: + - "http://localhost:3000" + - "https://docs.company.local" + allowCredentials: true + allowMethods: + - "GET" + - "POST" + - "PUT" + - "DELETE" + - "PATCH" + - "OPTIONS" + allowHeaders: + - "*" + +# ============================================================================= +# Application Settings +# ============================================================================= +application: + # Logging + logging: + level: "INFO" # DEBUG, INFO, WARNING, ERROR, CRITICAL + format: "json" # json or text + + # Debug mode + debug: false + + # Environment + environment: "production" # development, staging, production + +# ============================================================================= +# Auto-Remediation Configuration +# ============================================================================= +autoRemediation: + # Enable/disable auto-remediation + enabled: true + + # Reliability thresholds + minReliabilityScore: 85.0 + requireApprovalThreshold: 90.0 + + # Rate limiting + maxActionsPerHour: 100 + maxActionsPerDay: 500 + + # Safety settings + dryRun: false # Set to true for testing + requireHumanApproval: false + + # Notification settings + notifications: + enabled: true + channels: + - email + - slack + +# ============================================================================= +# Celery Configuration (Background Tasks) +# ============================================================================= +celery: + # Broker configuration + broker: + url: "redis://redis:6379/0" + transport: "redis" + + # Result backend + result: + backend: "redis://redis:6379/0" + expires: 3600 + + # Worker configuration + worker: + concurrency: 4 + maxTasksPerChild: 1000 + prefetchMultiplier: 4 + + # Task configuration + task: + acks_late: true + reject_on_worker_lost: true + time_limit: 3600 + soft_time_limit: 3000 + + # Queue configuration + queues: + default: + name: "default" + priority: 5 + high_priority: + name: "high_priority" + priority: 10 + low_priority: + name: "low_priority" + priority: 1 + +# ============================================================================= +# Vector Store Configuration +# ============================================================================= +vectorStore: + # Storage type + type: "chroma" # chroma, pinecone, weaviate + + # ChromaDB configuration + chroma: + path: "./data/chroma_db" + persistDirectory: "/data/vector_store" + + # Embedding configuration + embedding: + model: "sentence-transformers/all-MiniLM-L6-v2" + dimensions: 384 + + # Alternative models: + # - "sentence-transformers/all-mpnet-base-v2" (768 dims, better quality) + # - "BAAI/bge-small-en-v1.5" (384 dims, good performance) + # - "thenlper/gte-small" (384 dims, multilingual) + + # Search configuration + search: + topK: 5 + scoreThreshold: 0.7 + +# ============================================================================= +# Documentation Generation Settings +# ============================================================================= +documentation: + # Generation settings + generation: + enabled: true + autoUpdate: true + updateInterval: 3600 # seconds + + # Output configuration + output: + format: "markdown" # markdown, html, pdf + directory: "./docs/generated" + templateDirectory: "./templates/docs" + + # Content settings + content: + includeTimestamps: true + includeMetadata: true + includeDiagrams: true + includeExamples: true + +# ============================================================================= +# Ticket Management Settings +# ============================================================================= +tickets: + # Auto-categorization + autoCategorization: + enabled: true + confidenceThreshold: 0.8 + + # Priority assignment + autoPriority: + enabled: true + + # SLA settings + sla: + critical: 1 # hours + high: 4 + medium: 24 + low: 72 + + # Notification settings + notifications: + enabled: true + onCreation: true + onStatusChange: true + onResolution: true + +# ============================================================================= +# Collectors Configuration +# ============================================================================= +collectors: + # VMware vCenter + vmware: + enabled: false + host: "vcenter.example.com" + username: "administrator@vsphere.local" + password: "your-password" + verifySsl: false + collectInterval: 3600 + + # Kubernetes + kubernetes: + enabled: false + configPath: "~/.kube/config" + context: "default" + collectInterval: 1800 + + # Network devices + network: + enabled: false + devices: [] + # - host: "switch1.example.com" + # type: "cisco" + # username: "admin" + # password: "password" + collectInterval: 7200 + + # Storage + storage: + enabled: false + systems: [] + collectInterval: 3600 + +# ============================================================================= +# Monitoring & Observability +# ============================================================================= +monitoring: + # Metrics + metrics: + enabled: true + port: 9090 + path: "/metrics" + + # Health checks + health: + enabled: true + path: "/health" + interval: 30 + + # Tracing + tracing: + enabled: false + provider: "jaeger" # jaeger, zipkin, otlp + endpoint: "http://jaeger:14268/api/traces" + + # Logging exporters + logging: + exporters: + - type: "stdout" + # - type: "elasticsearch" + # endpoint: "http://elasticsearch:9200" + # - type: "loki" + # endpoint: "http://loki:3100" + +# ============================================================================= +# Security Settings +# ============================================================================= +security: + # Authentication + authentication: + enabled: true + method: "jwt" # jwt, oauth2, ldap + tokenExpiration: 3600 + + # Authorization + authorization: + enabled: true + rbacEnabled: true + + # Encryption + encryption: + enabled: true + algorithm: "AES-256-GCM" + + # Rate limiting + rateLimit: + enabled: true + requestsPerMinute: 100 + requestsPerHour: 1000 + +# ============================================================================= +# Backup & Recovery +# ============================================================================= +backup: + # Enable backup + enabled: true + + # Backup schedule (cron format) + schedule: "0 2 * * *" # Daily at 2 AM + + # Retention policy + retention: + daily: 7 + weekly: 4 + monthly: 12 + + # Backup destination + destination: + type: "s3" # s3, gcs, azure, local + # s3: + # bucket: "datacenter-docs-backups" + # region: "us-east-1" + # accessKeyId: "your-access-key" + # secretAccessKey: "your-secret-key" + +# ============================================================================= +# Feature Flags +# ============================================================================= +features: + # Enable/disable specific features + autoRemediation: true + aiDocGeneration: true + vectorSearch: true + chatInterface: true + ticketManagement: true + multiTenancy: false + auditLogging: true + realTimeUpdates: true + +# ============================================================================= +# Resource Limits (for Kubernetes deployments) +# ============================================================================= +resources: + # API service + api: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + + # Worker service + worker: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "2Gi" + cpu: "1000m" + + # Chat service + chat: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "1Gi" + cpu: "500m" +# ============================================================================= +# Notes +# ============================================================================= +# - Copy this file to customize your deployment +# - For Helm deployments, use: helm install -f values.yaml +# - For environment variables, use the .env file +# - Sensitive values should be stored in Kubernetes Secrets or external secret managers +# - See documentation at: https://git.commandware.com/it-ops/llm-automation-docs-and-remediation-engine