FiftyOne Enterprise Helm Chart Documentation

Voxel51 Logo   Voxel51 FiftyOne

fiftyone-teams-app

Version: 2.14.0 Type: application AppVersion: v2.14.0

FiftyOne Enterprise is the enterprise version of the open source FiftyOne project. The FiftyOne Enterprise Helm chart is the recommended way to install and configure FiftyOne Enterprise on Kubernetes.

This page assumes general knowledge of FiftyOne Enterprise and how to use it. Please contact Voxel51 for more information regarding FiftyOne Enterprise.

Important

Version 2.14+

RBAC Changes

FiftyOne Enterprise 2.14+ introduces custom roles and role bindings to allow the teams-api deployment to create, update, and remove batch jobs and pods for kubernetes-based on-demand delegated operations. An additional service account is now created by the helm chart to utilize these roles and is attached to the teams-api deployment object.

The on-demand delegated operations. are currently in beta and can be used by early adopters.

Delegated Operator Changes

FiftyOne Enterprise 2.14+ pre-populates a teams-do-cpu-default delegated operator Deployment by default. Please see configuring delegated operations. for steps on advanced configuration and enabling it.

Version 2.11+ On-Demand Delegated Operator Executors

FiftyOne Enterprise v2.11 introduces support for on-demand delegated operator executors for Databricks and Anyscale. Please refer to the configuration documentation.

Version 2.9+ Startup Probe Changes

FiftyOne Enterprise v2.9 introduces some changes to startup probe configuration. Please refer to the upgrade documentation for steps on how to upgrade your startup probe configurations.

Version 2.9+ Delegated Operator Changes

FiftyOne Enterprise v2.9 introduces some changes to delegated operators. Please refer to the upgrade documentation for steps on how to upgrade your delegated operators.

Version 2.9+ Installation Changes

FiftyOne Enterprise v2.9 no longer requires that operators set the following FIFTYONE_DATABASE_ADMIN variable while doing an initial installation:

# Required prior to 2.8.0
appSettings:
  env:
    FIFTYONE_DATABASE_ADMIN: true

Version 2.7+ Delegated Operator Changes

FiftyOne Enterprise v2.7 introduces some changes to delegated operators. Please refer to the upgrade documentation for steps on how to upgrade your delegated operators.

Version 2.5+ Delegated Operator Changes

FiftyOne Enterprise v2.5 introduces some changes to delegated operators. Please refer to the upgrade documentation for steps on how to upgrade your delegated operators.

Version 2.2+ Delegated Operator Changes

FiftyOne Enterprise v2.2 introduces some changes to delegated operators. Please refer to the upgrade documentation for steps on how to upgrade your delegated operators.

Version 2.0+ License File Requirement

FiftyOne Enterprise v2.0 introduces a new requirement for a license file. This license file should be obtained from your Customer Success Team before upgrading to FiftyOne Enterprise 2.0 or beyond.

Please refer to the upgrade documentation for steps on how to add your license file.

Table of Contents

Prerequisites Skills and Knowledge

The following prerequisites skills & knowledge are required for a successful and properly secured deployment of FiftyOne Enterprise.

A knowledge of:

  1. Kubernetes.

  2. Installing helm charts to deploy kubernetes applications.

  3. MongoDB.

  4. DNS and the ability to generate, modify, and delete DNS records.

  5. TLS/SSL and the ability to generate TLS/SSL certificates.

  6. Network file systems (NFS) (optional).

Technical Requirements

The following technical requirements are required for a successful and properly secured deployment of FiftyOne Enterprise.

  1. Kubernetes Cluster And Kubectl

  2. Helm

  3. A MongoDB Database that meets FiftyOne’s version constraints.

  4. A DNS record or records for ingress.

  5. A TLS/SSL certificate or certificates for HTTPS ingress.

  6. (optional) An NFS server or ReadWriteMany compatible storage medium for delegated operators, plugins, and API high-availability

Kubernetes Cluster And Kubectl

A kubernetes cluster and kubectl installation are required. The following kubernetes/kubectl versions are required:

Kubernetes: >=1.31-0

However, it is recommended to use a supported kubernetes version. Please refer to the kubernetes installation documentation for steps on installing kubernetes and kubectl.

Helm

Helm version >= 3.14 is required.

Please refer to the helm installation documentation for steps on installing helm.

Estimated Completion Time

The estimated time to deploy FiftyOne Enterprise is approximately 2 hours.

Sizing

Voxel51 recommends the following resource sizing:

Voxel51 also recommends monitoring resource consumption across the applications. Resource usage varies dramatically with operations, use cases, and dataset sizes.

Usage

FiftyOne Enterprise v2.0 introduces a new requirement for a license file. This license file should be obtained from your Customer Success Team before upgrading to FiftyOne Enterprise 2.0 or beyond.

The license file now contains all of the Auth0 configuration that was previously provided through kubernetes secrets; you may remove those secrets from your values.yaml and from any secrets created outside of the Voxel51 install process.

Use the license file provided by the Voxel51 Customer Success Team to create a new license file secret:

kubectl create namespace your-namespace-here
kubectl --namespace your-namespace-here create secret generic fiftyone-license \
--from-file=license=./your-license-file

NOTE: To ensure that the new license values take effect immediately, you must to restart the teams-cas and teams-api services. You may delete the pods, or run

kubectl rollout restart deploy \
  -n your-namespace \
  teams-cas \
  teams-api

We publish the following FiftyOne Enterprise private images to Docker Hub:

For Docker Hub credentials, please contact your Voxel51 support team.

If you are using the Voxel51 DockerHub registry to install your container images, use these Voxel51-provided DockerHub credentials to create an Image Pull Secret, and uncomment the imagePullSecrets section of your values.yaml

kubectl --namespace your-namespace-here create secret generic \
  regcred --from-file=.dockerconfigjson=./voxel51-docker.json \
  --type kubernetes.io/dockerconfigjson

To use the Helm chart, add the FiftyOne helm repository and check that you have access to the chart:

helm repo add voxel51 https://helm.fiftyone.ai
helm repo update voxel51

Finally, edit your values.yaml file and install FiftyOne Enterprise:

helm install fiftyone-teams-app voxel51/fiftyone-teams-app \
  --namespace your-namespace-here \
  -f ./values.yaml

A minimal example values.yaml may be found in the repository.

Upgrades

When performing an upgrade, please review Upgrading From Previous Versions.

Advanced Configuration

Backup And Recovery

FiftyOne Enterprise data is stored in MongoDB. It is recommended to periodically backup the MongoDB instance according to MongoDB best practices.

If needed, it is recommended to restore the most-recent backup according to MongoDB best practices.

Builtin Delegated Operator Orchestrator

FiftyOne Enterprise v2.2 introduces a builtin orchestrator to run Delegated Operations, instead of (or in addition to) configuring your own orchestrator such as Airflow.

For configuring your delegated operators, see Configuring Delegated Operators.

Central Authentication Service

FiftyOne Enterprise v1.6 introduces the Central Authentication Service (CAS). CAS requires additional configurations and consumes additional resources. Please review these notes, and the Pluggable Authentication documentation before completing your upgrade.

Voxel51 recommends upgrading your deployment using legacy authentication mode and migrating to internal authentication mode after confirming your initial upgrade was successful.

Please contact your Voxel51 customer success representative for assistance in migrating to internal mode.

The CAS service requires changes to your values.yaml files. A brief summary of those changes include

When using path-based routing, update your values.yaml to include the rule (add it before the path: / rule)

- path: /cas
  pathType: Prefix
  serviceName: teams-cas
  servicePort: 80

FiftyOne Enterprise Authenticated API

FiftyOne Enterprise v1.3 introduced the capability to connect FiftyOne Enterprise SDKs through the FiftyOne Enterprise API (instead of direct MongoDB connection).

To enable the FiftyOne Enterprise Authenticated API, expose the FiftyOne Enterprise API endpoint and configure your SDK.

GPU Enabled Workloads

FiftyOne services can be scheduled on GPU-enabled hardware for more efficient computation.

To schedule pods on GPU-enabled hardware, see the configuring GPU workloads documentation.

Highly Available FiftyOne teams-api Deployments

FiftyOne Enterprise v2.7 introduced support for running multiple teams-api pods for high availability [HA].

Running multiple teams-api pods requires a read-write volume available to all of the pods in the teams-api deployment to synchronize the API cache.

For configuring HA FiftyOne teams-api deployments see Configuring Highly Available FiftyOne teams-api Deployments

Plugins

FiftyOne Enterprise v1.3 introduced significant enhancements for Plugins to customize and enhance functionality.

There are three modes for plugins

  1. Builtin Plugins Only
    • This is the default mode
    • Users may only run the builtin plugins shipped with FiftyOne Enterprise
    • Cannot run custom plugins
  2. Shared Plugins
    • Users may run builtin and custom plugins
    • Plugins run in the existing fiftyone-app deployment
      • Plugins resource consumption may starve fiftyone-app, causing the app to be slow or crash
  3. Dedicated Plugins
    • Users may run builtin and custom plugins
    • Plugins run in a dedicated teams-plugins deployment
      • Plugins resource consumption does not affect fiftyone-app

To use plugins with custom dependencies, build and use Custom Plugins Images.

To use the FiftyOne Enterprise UI to deploy plugins, navigate to https://<DEPLOY_URL>/settings/plugins. Early-adopter plugins installed manually must be redeployed using the FiftyOne Enterprise UI.

For configuring your plugins, see Configuring Plugins.

Proxies

FiftyOne Enterprise supports routing traffic through proxy servers. Please refer to the proxy configuration documentation for information on how to configure proxies.

Secrets And Sensitive Data

By default, database credentials, cookie secrets, encryption keys, and authentication secrets are stored in a kubernetes secret. This is configured by the following settings in values.yaml:

secret:
  # -- Controls whether to create the secret named `secret.name`.
  create: true
  # -- Name of the secret (existing or to be created) in the namespace `namespace.name`.
  name: fiftyone-teams-secrets
  fiftyone:
    # -- MongoDB Database Name for FiftyOne Enterprise.
    fiftyoneDatabaseName: ""
    # -- MongoDB Connection String. [Reference][mongodb-connection-string].
    mongodbConnectionString: ""

    # -- A randomly generated string for cookie encryption.
    # To generate, run `openssl rand -hex 32`.
    cookieSecret: ""
    # -- Encryption key for storage credentials. [Reference][fiftyone-encryption-key].
    encryptionKey: ""
    # -- A randomly generated string for CAS Authentication.
    # This can be any string you care to use generated by any mechanism you
    #   prefer.
    # This is used for inter-service authentication and for the SuperUser to
    #  authenticate at the CAS UI to configure the Central Authentication Service.
    fiftyoneAuthSecret: ""
  # -- Additional labels for the generated secret. [Reference][labels-and-selectors].
  labels: {}

These secrets can be created, managed, and updated by an external secret manager such as external-secrets.

FiftyOne Enterprise supports configuring secrets for the deployment to use.

Please see Storage Credentials and FIFTYONE_ENCRYPTION_KEY and adding secrets for questions regarding storage and encryption.

Snapshot Archival

Since version v1.5, FiftyOne Enterprise supports archiving snapshots to cold storage locations to prevent filling up the MongoDB database. Supported locations are network mounted filesystems and cloud storage folders.

Please refer to the snapshot archival configuration documentation for configuring snapshot archival.

Storage Credentials and FIFTYONE_ENCRYPTION_KEY

Pods based on the fiftyone-teams-api and fiftyone-app images must include the FIFTYONE_ENCRYPTION_KEY variable. This key is used to encrypt storage credentials in the MongoDB database.

To generate a value for secret.fiftyone.encryptionKey, run this Python code and add the output to your values.yaml override file, or to your deployment’s secret

from cryptography.fernet import Fernet
print(Fernet.generate_key().decode())

Voxel51 does not have access to this encryption key and cannot reproduce it. Please store this key in a safe place. If the key is lost, you will need to

  1. Schedule an outage window
    1. Drop the storage credentials collection
    2. Replace the encryption key
    3. Add the storage credentials via the UI again.

Users with Admin permissions may use the FiftyOne Enterprise UI to manage storage credentials by navigating to https://<DEPOY_URL>/settings/cloud_storage_credentials.

If added via the UI, storage credentials no longer need to be mounted into pods or provided via environment variables.

FiftyOne Enterprise continues to support the use of environment variables to set storage credentials in the application context and is providing an alternate configuration path.

Static Banner Configuration

FiftyOne Enterprise v2.6 introduces the ability to add a static banner to the application.

Banner text is configured with casSettings.env.FIFTYONE_APP_BANNER_TEXT and teamsAppSettings.env.FIFTYONE_APP_BANNER_TEXT. Banner background color is configured with casSettings.env.FIFTYONE_APP_BANNER_COLOR and teamsAppSettings.env.FIFTYONE_APP_BANNER_COLOR. Banner text color is configured with casSettings.env.FIFTYONE_APP_BANNER_TEXT_COLOR and teamsAppSettings.env.FIFTYONE_APP_BANNER_TEXT_COLOR.

Configure the Static Banner by setting the following environment variables in your values.yaml like

casSettings:
  env:
    FIFTYONE_APP_BANNER_COLOR: "green" # or "rgb(34,139,34)" or "#f1f1f1"
    FIFTYONE_APP_BANNER_TEXT_COLOR: "green" # or "rgb(34,139,34)" or "#f1f1f1"
    FIFTYONE_APP_BANNER_TEXT: "Internal Deployment"
teamsAppSettings:
  env:
    FIFTYONE_APP_BANNER_COLOR: "green" # or "rgb(34,139,34)" or "#f1f1f1"
    FIFTYONE_APP_BANNER_TEXT_COLOR: "green" # or "rgb(34,139,34)" or "#f1f1f1"
    FIFTYONE_APP_BANNER_TEXT: "Internal Deployment"

Terms of Service, Privacy, and Imprint URLs

FiftyOne Enterprise v2.6 introduces the ability to override the Terms of Service, Privacy, and Imprint (optional) links if required in the App.

Configure the URLs by setting the following environment variables in your values.yaml.

Terms of Service URL is configured with teamsAppSettings.env.FIFTYONE_APP_TERMS_URL.

Privacy URL is configured with teamsAppSettings.env.FIFTYONE_APP_PRIVACY_URL.

Imprint/Impressum URL is configured with teamsAppSettings.env.FIFTYONE_APP_IMPRINT_URL

teamsAppSettings:
  env:
    FIFTYONE_APP_TERMS_URL: "https://abc.com/tos"
    FIFTYONE_APP_PRIVACY_URL: "https://abc.com/privacy"
    FIFTYONE_APP_IMPRINT_URL: "https://abc.com/imprint"

Text Similarity

Since version v1.2, FiftyOne Enterprise supports using text similarity searches for images that are indexed with a model that supports text queries. Use the Voxel51 provided image fiftyone-app-torch or build your own base image including torch (PyTorch).

To override the default image, add appSettings.image.repository to your values.yaml. For example,

appSettings:
  image:
    repository: voxel51/fiftyone-app-torch

Workload Identity Federation

Voxel51 FiftyOne Enterprise supports Workload Identity Federation when installing via Helm into various cloud providers. Workload Identity is achieved using service account annotations that can be defined in the values.yaml file when installing or upgrading the application.

See configuring workload identity federation for more information.

Validating

After deploying FiftyOne Enterprise and configuring authentication, please follow validating your deployment.

Health Checks And Monitoring

Liveness and readiness probes are used to monitor each service deployed with FiftyOne Enterprise.

Basic Health Assessment

Pods will report ready (1/1, 2/2, etc.) in the output of kubectl get pods:

kubectl get pods

Expected output for a healthy deployment:

NAME                              READY   STATUS                   RESTARTS   AGE
fiftyone-app-fbcf6666d-crt6z      1/1     Running                  0          5h3m
fiftyone-app-fbcf6666d-wt9w6      1/1     Running                  0          102m
teams-api-64fbf96c96-2tgm9        1/1     Running                  0          5h3m
teams-api-64fbf96c96-b7jz5        1/1     Running                  0          5h3m
teams-api-64fbf96c96-m2dnk        1/1     Running                  0          5h3m
teams-app-fbdd4849f-bwmvt         1/1     Running                  0          116m
teams-app-fbdd4849f-skgb7         1/1     Running                  0          5h3m
teams-cas-68f95d68f-9dglm         1/1     Running                  0          5h3m
teams-cas-68f95d68f-fmq5g         1/1     Running                  0          41m

Note that number of pods and pod names may vary per deployment.

Troubleshooting Unhealthy Pods

If pods show unhealthy states (e.g., 0/1, CrashLoopBackOff, Pending):

  1. Get detailed pod information:

    kubectl describe pod <pod-name>

  2. Check application logs:

    kubectl logs <pod-name>
# For previous container instance logs
kubectl logs <pod-name> --previous

  3. Check events for issues:

    kubectl get events --sort-by='.lastTimestamp'

Values

Key Type Default Description
apiSettings.affinity object {} Affinity and anti-affinity for teams-api. Reference.
apiSettings.deploymentAnnotations object {} Annotations for the teams-api deployment. Reference.
apiSettings.dnsName string "" Controls whether teams-api is added to the chart’s ingress. When an empty string, a rule for teams-api is not added to the chart managed ingress. When not an empty string, becomes the value to the host in the ingress’ rule and set ingress.api too. Additionally, the apiSettings.dnsName is used by teams-api to generate the API_EXTERNAL_URL environment variable for configuring external orchestrators.
apiSettings.env.FIFTYONE_DO_EXPIRATION_DAYS int 1 The amount of time in days that a delegated operation can run before being automatically terminated. Overridden by “FIFTYONE_DO_EXPIRATION_MINUTES” if provided.
apiSettings.env.FIFTYONE_DO_EXPIRATION_MINUTES int nil The amount of time in minutes that a delegated operation can run before being automatically terminated. Overrides “FIFTYONE_DO_EXPIRATION_DAYS” if provided.
apiSettings.env.FIFTYONE_ENV string "production" Controls FiftyOne GraphQL verbosity. When “production”, debug mode is disabled and the default logging level is “INFO”. When “development”, debug mode is enabled and the default logging level is “DEBUG”. Can be overridden by setting apiSettings.env.LOGGING_LEVEL.
apiSettings.env.FIFTYONE_INTERNAL_SERVICE bool true Whether the SDK is running in an internal service context. When running in FiftyOne Enterprise, set to true.
apiSettings.env.FIFTYONE_LOGGING_FORMAT string "text" The format to use for log messages. Can be one of json or text.
apiSettings.env.GRAPHQL_DEFAULT_LIMIT int 10 Default number of returned items when listing in GraphQL queries. Can be overridden in the request.
apiSettings.env.LOGGING_LEVEL string "INFO" Logging level. Overrides the value of FIFTYONE_ENV. Can be one of “DEBUG”, “INFO”, “WARN”, “ERROR”, or “CRITICAL”.
apiSettings.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference.
apiSettings.image.repository string "voxel51/fiftyone-teams-api" Container image for the teams-api.
apiSettings.image.tag string "" Image tag for teams-api. Defaults to the chart version.
apiSettings.initContainers.containerSecurityContext object {"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"runAsUser":1000} Container security configuration for teams-api initContainers. Reference.
apiSettings.initContainers.enabled bool true Whether to enable init containers for teams-api. Reference.
apiSettings.initContainers.image.repository string "docker.io/busybox" Init container images repositories for teams-api. Reference.
apiSettings.initContainers.image.tag string "stable-glibc" Init container images tags for teams-api. Reference.
apiSettings.initContainers.resources object {"limits":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"},"requests":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"}} Container resource requests and limits for the teams-api initContainers. Reference.
apiSettings.labels object {} Additional labels for the teams-api related objects. Reference.
apiSettings.liveness.failureThreshold int 5 Number of times to retry the liveness probe for the teams-api. Reference.
apiSettings.liveness.periodSeconds int 15 How often (in seconds) to perform the liveness probe for teams-api. Reference.
apiSettings.liveness.timeoutSeconds int 5 Number of seconds after which the liveness probe times out for the teams-api. Reference.
apiSettings.nodeSelector object {} nodeSelector for teams-api. Reference.
apiSettings.podAnnotations object {} Annotations for pods for teams-api. Reference.
apiSettings.podDisruptionBudget object {"enabled":false,"minAvailable":null} Pod Disruption Budget for pods for teams-api. Reference.
apiSettings.podDisruptionBudget.enabled bool false Whether a pod disruption budget is enabled for teams-api.
apiSettings.podDisruptionBudget.minAvailable string nil Sets the minimum available or maximum unavailable replicas for the deployment object. Either integers or percentages supported. maxUnavailable is also supported, however, only one setting can be used at a time. If both are set, minAvailable will be preferred.
apiSettings.podSecurityContext object {} Pod-level security attributes and common container settings for teams-api. Reference.
apiSettings.rbac object {"create":true,"role":{"annotations":{},"labels":{},"name":""},"roleBinding":{"annotations":{},"create":true,"labels":{},"name":""},"serviceAccount":{"annotations":{},"create":true,"labels":{},"name":""}} RBAC roles, bindings, and service accounts which will be used to submit on-demand delegated operators to the kubernetes API. If apiSettings.rbac.create=true, these will be used by the teams-api pods.
apiSettings.rbac.create bool true Controls whether to create the Role, RoleBinding, and ServiceAccount for on-demand delegated-operator submission.
apiSettings.rbac.role.annotations object {} Role annotations. Reference.
apiSettings.rbac.role.labels object {} Additional labels for the generated Role. Reference.
apiSettings.rbac.role.name string "" Name of the Role (existing or to be created) in the namespace namespace.name used for DO management. Defaults to release-name-fiftyone-teams-app-do-management.
apiSettings.rbac.roleBinding.annotations object {} RoleBinding annotations. Reference.
apiSettings.rbac.roleBinding.create bool true Controls whether to create the RoleBinding named apiSettings.rbac.roleBinding.name.
apiSettings.rbac.roleBinding.labels object {} Additional labels for the generated RoleBinding. Reference.
apiSettings.rbac.roleBinding.name string "" Name of the RoleBinding (existing or to be created) in the namespace namespace.name used for DO management. Defaults to release-name-fiftyone-teams-app-do-management.
apiSettings.rbac.serviceAccount.annotations object {} ServiceAccount annotations. Reference.
apiSettings.rbac.serviceAccount.create bool true Controls whether to create the ServiceAccount named apiSettings.rbac.serviceAccount.name.
apiSettings.rbac.serviceAccount.labels object {} Additional labels for the generated ServiceAccount. Reference.
apiSettings.rbac.serviceAccount.name string "" Name of the ServiceAccount (existing or to be created) in the namespace namespace.name used for DO management. Defaults to release-name-fiftyone-teams-app-teams-api.
apiSettings.readiness.failureThreshold int 5 Number of times to retry the readiness probe for the teams-api. Reference.
apiSettings.readiness.periodSeconds int 15 How often (in seconds) to perform the readiness probe for teams-api. Reference.
apiSettings.readiness.timeoutSeconds int 5 Number of seconds after which the readiness probe times out for the teams-api. Reference.
apiSettings.replicaCount int 1 Number of pods in the teams-api deployment’s ReplicaSet. When > 1, you must also configure volumes, volumeMounts and set apiSettings.env.FIFTYONE_SHARED_ROOT_DIR. For more information see the documentation.
apiSettings.resources object {"limits":{},"requests":{}} Container resource requests and limits for teams-api. Reference.
apiSettings.secretEnv object {} Secret variables to be passed to the teams-api containers.
apiSettings.securityContext object {} Container security configuration for teams-api. Reference.
apiSettings.service.annotations object {} Service annotations for teams-api. Reference.
apiSettings.service.containerPort int 8000 Service container port for teams-api.
apiSettings.service.name string "teams-api" Service name.
apiSettings.service.nodePort int nil Service nodePort set only when apiSettings.service.type: NodePort for teams-api.
apiSettings.service.port int 80 Service port for teams-api.
apiSettings.service.shortname string "teams-api" Port name (maximum length is 15 characters) for teams-api. Reference.
apiSettings.service.type string "ClusterIP" Service type for teams-api. Reference.
apiSettings.startup.failureThreshold int 5 Number of times to retry the startup probe for the teams-api. Reference.
apiSettings.startup.periodSeconds int 30 How often (in seconds) to perform the startup probe for teams-api. Reference.
apiSettings.startup.timeoutSeconds int 5 Number of seconds after which the startup probe times out for the teams-api. Reference.
apiSettings.tolerations list [] Allow the k8s scheduler to schedule pods with matching taints for teams-api. Reference.
apiSettings.topologySpreadConstraints list [] Control how pods are spread across your distributed footprint. Label selectors will be defaulted to those of the teams-api deployment. Reference.
apiSettings.updateStrategy object {"type":"RollingUpdate"} Control how teams-api pods are redeployed during an upgrade. Reference
apiSettings.volumeMounts list [] Volume mounts for teams-api. Reference.
apiSettings.volumes list [] Volumes for teams-api. Reference.
appSettings.affinity object {} Affinity and anti-affinity for fiftyone-app. Reference.
appSettings.autoscaling.enabled bool false Controls horizontal pod autoscaling for fiftyone-app. Reference.
appSettings.autoscaling.maxReplicas int 20 Maximum replicas for horizontal pod autoscaling for fiftyone-app.
appSettings.autoscaling.minReplicas int 2 Minimum Replicas for horizontal pod autoscaling for fiftyone-app.
appSettings.autoscaling.targetCPUUtilizationPercentage int 80 Percent CPU utilization for autoscaling for fiftyone-app.
appSettings.autoscaling.targetMemoryUtilizationPercentage int 80 Percent memory utilization for autoscaling for fiftyone-app.
appSettings.deploymentAnnotations object {} Annotations for the fiftyone-app deployment. Reference.
appSettings.env.FIFTYONE_APP_DEFAULT_QUERY_PERFORMANCE bool true Controls whether Query Performance mode is enabled by default for every dataset for the teams application. Set to false to set default mode to off.
appSettings.env.FIFTYONE_APP_ENABLE_QUERY_PERFORMANCE bool true Controls whether Query Performance mode is enabled for the application. Set to false to disable Query Performance mode for entire application.
appSettings.env.FIFTYONE_DATABASE_ADMIN bool false Controls whether the client is allowed to trigger database migrations. Reference.
appSettings.env.FIFTYONE_INTERNAL_SERVICE bool true Whether the SDK is running in an internal service context. When running in FiftyOne Enterprise, set to true.
appSettings.env.FIFTYONE_MEDIA_CACHE_APP_IMAGES bool false Controls whether cloud media images will be downloaded and added to the local cache upon viewing media in the app.
appSettings.env.FIFTYONE_MEDIA_CACHE_SIZE_BYTES int -1 Set the media cache size (in bytes) for the local FiftyOne App processes. When not set, the app’s default value is 32 GiB. -1 disables the media cache garbage collection (and cache size is unlimited).
appSettings.env.FIFTYONE_SIGNED_URL_EXPIRATION int 24 Set the time-to-live for signed URLs generated by the application in hours
appSettings.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference.
appSettings.image.repository string "voxel51/fiftyone-app" Container image for fiftyone-app.
appSettings.image.tag string "" Image tag for fiftyone-app. Defaults to the chart version.
appSettings.initContainers.containerSecurityContext object {"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"runAsUser":1000} Container security configuration for fiftyone-app initContainers. Reference.
appSettings.initContainers.enabled bool true Whether to enable init containers for fiftyone-app. Reference.
appSettings.initContainers.image.repository string "docker.io/busybox" Init container images repositories for fiftyone-app. Reference.
appSettings.initContainers.image.tag string "stable-glibc" Init container images tags for fiftyone-app. Reference.
appSettings.initContainers.resources object {"limits":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"},"requests":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"}} Container resource requests and limits for the fiftyone-app initContainers. Reference.
appSettings.labels object {} Additional labels for the fiftyone-app related objects. Reference.
appSettings.liveness.failureThreshold int 5 Number of times to retry the liveness probe for the fiftyone-app. Reference.
appSettings.liveness.periodSeconds int 15 How often (in seconds) to perform the liveness probe for fiftyone-app. Reference.
appSettings.liveness.timeoutSeconds int 5 Timeout for the liveness probe for the fiftyone-app. Reference.
appSettings.nodeSelector object {} nodeSelector for fiftyone-app. Reference.
appSettings.podAnnotations object {} Annotations for pods for fiftyone-app. Reference.
appSettings.podDisruptionBudget object {"enabled":false,"minAvailable":null} Pod Disruption Budget for pods for fiftyone-app. Reference.
appSettings.podDisruptionBudget.enabled bool false Whether a pod disruption budget is enabled for fiftyone-app.
appSettings.podDisruptionBudget.minAvailable string nil Sets the minimum available or maximum unavailable replicas for the deployment object. Either integers or percentages supported. maxUnavailable is also supported, however, only one setting can be used at a time. If both are set, minAvailable will be preferred.
appSettings.podSecurityContext object {} Pod-level security attributes and common container settings for fiftyone-app. Reference.
appSettings.readiness.failureThreshold int 5 Number of times to retry the readiness probe for the fiftyone-app. Reference.
appSettings.readiness.periodSeconds int 15 How often (in seconds) to perform the readiness probe for fiftyone-app. Reference.
appSettings.readiness.timeoutSeconds int 5 Timeout for the readiness probe for the fiftyone-app. Reference.
appSettings.replicaCount int 2 Number of pods in the fiftyone-app deployment’s ReplicaSet. Ignored when appSettings.autoscaling.enabled: true. Reference.
appSettings.resources object {"limits":{},"requests":{}} Container resource requests and limits for fiftyone-app. Reference.
appSettings.secretEnv object {} Secret variables to be passed to the fiftyone-app containers.
appSettings.securityContext object {} Container security configuration for fiftyone-app. Reference.
appSettings.service.annotations object {} Service annotations for fiftyone-app. Reference.
appSettings.service.containerPort int 5151 Service container port for fiftyone-app.
appSettings.service.name string "fiftyone-app" Service name.
appSettings.service.nodePort int nil Service nodePort set only when appSettings.service.type: NodePort for fiftyone-app.
appSettings.service.port int 80 Service port.
appSettings.service.shortname string "fiftyone-app" Port name (maximum length is 15 characters) for fiftyone-app. Reference.
appSettings.service.type string "ClusterIP" Service type for fiftyone-app. Reference.
appSettings.startup.failureThreshold int 5 Number of times to retry the startup probe for the fiftyone-app. Reference.
appSettings.startup.periodSeconds int 30 How often (in seconds) to perform the startup probe for fiftyone-app. Reference.
appSettings.startup.timeoutSeconds int 5 Timeout for the startup probe for the fiftyone-app. Reference.
appSettings.tolerations list [] Allow the k8s scheduler to schedule fiftyone-app pods with matching taints. Reference.
appSettings.topologySpreadConstraints list [] Control how Pods are spread across your distributed footprint. Label selectors will be defaulted to those of the fiftyone-app deployment. Reference.
appSettings.updateStrategy object {"type":"RollingUpdate"} Control how fiftyone-app pods are redeployed during an upgrade. Reference
appSettings.volumeMounts list [] Volume mounts for fiftyone-app. Reference.
appSettings.volumes list [] Volumes for fiftyone-app. Reference.
casSettings.affinity object {} Affinity and anti-affinity for teams-cas. Reference.
casSettings.deploymentAnnotations object {} Annotations for the teams-cas deployment. Reference.
casSettings.enable_invitations bool true Allow ADMINs to invite users by email NOTE: This is currently not supported when FIFTYONE_AUTH_MODE: internal
casSettings.env.CAS_DATABASE_NAME string "cas" Provide the name for the CAS database. When multiple deployments use the same database instance, set CAS_DATABASE_NAME to a unique value for each deployment.
casSettings.env.CAS_DEFAULT_USER_ROLE string "GUEST" Set the default user role for new users One of GUEST, COLLABORATOR, MEMBER, ADMIN
casSettings.env.CAS_MONGODB_URI_KEY string "mongodbConnectionString" The key from secret.fiftyone.name that contains the CAS MongoDB Connection String.
casSettings.env.DEBUG string "cas:*,-cas:*:debug" Set the log level for CAS examples: DEBUG: cas:* - shows all CAS logs DEBUG: cas:*:info - shows all CAS INFO logs DEBUG: cas:*,-cas:*:debug - shows all CAS logs except DEBUG logs
casSettings.env.FIFTYONE_AUTH_MODE string "legacy" Configure Authentication Mode. One of legacy or internal
casSettings.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference.
casSettings.image.repository string "voxel51/fiftyone-teams-cas" Container image for teams-cas.
casSettings.image.tag string "" Image tag for teams-cas. Defaults to the chart version.
casSettings.initContainers.containerSecurityContext object {"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"runAsUser":1000} Container security configuration for teams-cas initContainers. Reference.
casSettings.initContainers.enabled bool true Whether to enable init containers for teams-cas. Reference.
casSettings.initContainers.image.repository string "docker.io/busybox" Init container images repositories for teams-cas. Reference.
casSettings.initContainers.image.tag string "stable-glibc" Init container images tags for teams-cas. Reference.
casSettings.initContainers.resources object {"limits":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"},"requests":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"}} Container resource requests and limits for the teams-cas initContainers. Reference.
casSettings.labels object {} Additional labels for the teams-cas related objects. Reference.
casSettings.liveness.failureThreshold int 5 Number of times to retry the liveness probe for the teams-cas. Reference.
casSettings.liveness.periodSeconds int 15 How often (in seconds) to perform the liveness probe for teams-cas. Reference.
casSettings.liveness.timeoutSeconds int 5 Timeout for the liveness probe for the teams-cas. Reference.
casSettings.nodeSelector object {} nodeSelector for teams-cas. Reference.
casSettings.podAnnotations object {} Annotations for pods for teams-cas. Reference.
casSettings.podDisruptionBudget object {"enabled":false,"minAvailable":null} Pod Disruption Budget for pods for teams-cas. Reference.
casSettings.podDisruptionBudget.enabled bool false Whether a pod disruption budget is enabled for teams-cas.
casSettings.podDisruptionBudget.minAvailable string nil Sets the minimum available or maximum unavailable replicas for the deployment object. Either integers or percentages supported. maxUnavailable is also supported, however, only one setting can be used at a time. If both are set, minAvailable will be preferred.
casSettings.podSecurityContext object {} Pod-level security attributes and common container settings for teams-cas. Reference.
casSettings.readiness.failureThreshold int 5 Number of times to retry the readiness probe for the teams-cas. Reference.
casSettings.readiness.periodSeconds int 15 How often (in seconds) to perform the readiness probe for teams-cas. Reference.
casSettings.readiness.timeoutSeconds int 5 Timeout for the readiness probe for the teams-cas. Reference.
casSettings.replicaCount int 2 Number of pods in the teams-cas deployment’s ReplicaSet. Reference.
casSettings.resources object {"limits":{},"requests":{}} Container resource requests and limits for teams-cas. Reference.
casSettings.secretEnv object {} Secret variables to be passed to the teams-cas containers.
casSettings.securityContext object {} Container security configuration for teams-cas. Reference.
casSettings.service.annotations object {} Service annotations for teams-cas. Reference.
casSettings.service.containerPort int 3000 Service container port for teams-cas.
casSettings.service.name string "teams-cas" Service name.
casSettings.service.nodePort int nil Service nodePort set only when casSettings.service.type: NodePort for teams-cas.
casSettings.service.port int 80 Service port.
casSettings.service.shortname string "teams-cas" Port name (maximum length is 15 characters) for teams-cas. Reference.
casSettings.service.type string "ClusterIP" Service type for teams-cas. Reference.
casSettings.startup.failureThreshold int 5 Number of times to retry the startup probe for the teams-cas. Reference.
casSettings.startup.periodSeconds int 30 How often (in seconds) to perform the startup probe for teams-cas. Reference.
casSettings.startup.timeoutSeconds int 5 Timeout for the startup probe for the teams-cas. Reference.
casSettings.tolerations list [] Allow the k8s scheduler to schedule teams-cas pods with matching taints. Reference.
casSettings.topologySpreadConstraints list [] Control how Pods are spread across your distributed footprint. Label selectors will be defaulted to those of the teams-cas deployment. Reference.
casSettings.updateStrategy object {"type":"RollingUpdate"} Control how teams-cas pods are redeployed during an upgrade. Reference
casSettings.volumeMounts list [] Volume mounts for teams-cas. Reference.
casSettings.volumes list [] Volumes for teams-cas. Reference.
delegatedOperatorDeployments.deployments object {"teamsDoCpuDefault":{"enabled":false,"env":{"FIFTYONE_MEDIA_CACHE_DIR":"/opt/media_cache","FIFTYONE_MEDIA_CACHE_SIZE_BYTES":"2147483648"},"replicaCount":1,"resources":{"limits":{"cpu":4,"ephemeral-storage":"1Gi","memory":"16Gi"},"requests":{"cpu":4,"ephemeral-storage":"1Gi","memory":"16Gi"}},"volumeMounts":[{"mountPath":"/dev/shm","name":"shm-vol"},{"mountPath":"/opt/media_cache","name":"memory-media-cache-vol"}],"volumes":[{"emptyDir":{"medium":"Memory","sizeLimit":"2Gi"},"name":"shm-vol"},{"emptyDir":{"medium":"Memory","sizeLimit":"2.5Gi"},"name":"memory-media-cache-vol"}]}} Additional deployments to configure. Each template will use .Values.delegatedOperatorDeployments.template as a base. Each template value may be overridden. Maps/dictionaries will be merged key-wise, with the deployment instance taking precedence. List values will not be merged, but be overridden completely by the deployment instance.
delegatedOperatorDeployments.deployments.teamsDoCpuDefault object {"enabled":false,"env":{"FIFTYONE_MEDIA_CACHE_DIR":"/opt/media_cache","FIFTYONE_MEDIA_CACHE_SIZE_BYTES":"2147483648"},"replicaCount":1,"resources":{"limits":{"cpu":4,"ephemeral-storage":"1Gi","memory":"16Gi"},"requests":{"cpu":4,"ephemeral-storage":"1Gi","memory":"16Gi"}},"volumeMounts":[{"mountPath":"/dev/shm","name":"shm-vol"},{"mountPath":"/opt/media_cache","name":"memory-media-cache-vol"}],"volumes":[{"emptyDir":{"medium":"Memory","sizeLimit":"2Gi"},"name":"shm-vol"},{"emptyDir":{"medium":"Memory","sizeLimit":"2.5Gi"},"name":"memory-media-cache-vol"}]} Default (CPU-only) delegated operator runner. Defaults to an 4vCPU, 16Gi RAM runner. The deployment is backed with a 2.5Gi in-memory volume for caching media and an extra 2Gi of shared memory.
delegatedOperatorDeployments.template object {"affinity":{},"deploymentAnnotations":{},"description":"","env":{"FIFTYONE_DELEGATED_OPERATION_LOG_PATH":"","FIFTYONE_INTERNAL_SERVICE":true,"FIFTYONE_MEDIA_CACHE_SIZE_BYTES":-1},"image":{"pullPolicy":"Always","repository":"voxel51/fiftyone-teams-cv-full","tag":""},"labels":{},"liveness":{"failureThreshold":5,"periodSeconds":30,"timeoutSeconds":30},"nodeSelector":{},"podAnnotations":{},"podDisruptionBudget":{"enabled":false,"minAvailable":null},"podSecurityContext":{},"readiness":{"failureThreshold":5,"periodSeconds":30,"timeoutSeconds":30},"replicaCount":3,"resources":{"limits":{},"requests":{}},"secretEnv":{},"securityContext":{},"startup":{"failureThreshold":5,"periodSeconds":30,"timeoutSeconds":30},"tolerations":[],"topologySpreadConstraints":[],"updateStrategy":{"type":"RollingUpdate"},"volumeMounts":[],"volumes":[]} A common template applied to all deployments. Each deployment can then override individual fields as needed by the operator.
delegatedOperatorDeployments.template.affinity object {} Affinity and anti-affinity for delegated-operator-executor. Reference.
delegatedOperatorDeployments.template.deploymentAnnotations object {} Annotations for the teams-do deployment. Reference.
delegatedOperatorDeployments.template.description string "" A description for the delegated operator instance. This is unused in the template context. Each operator should either set their own description or, optionally, use the default. If unset at the operator context, it will be defaulted to Long running operations delegated to $name where $name is the name of the Deployment object.
delegatedOperatorDeployments.template.env.FIFTYONE_DELEGATED_OPERATION_LOG_PATH string "" Full path to a network-mounted file system or a cloud storage path to use for storing logs generated by delegated operation runs, one file per job. The default "" means log upload is disabled.
delegatedOperatorDeployments.template.env.FIFTYONE_INTERNAL_SERVICE bool true Whether the SDK is running in an internal service context. When running in FiftyOne Enterprise, set to true.
delegatedOperatorDeployments.template.env.FIFTYONE_MEDIA_CACHE_SIZE_BYTES int -1 Set the media cache size (in bytes) for the local FiftyOne Delegated Operator Executor processes. When not set, the app’s default value is 32 GiB. -1 disables the media cache garbage collection (and cache size is unlimited).
delegatedOperatorDeployments.template.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference.
delegatedOperatorDeployments.template.image.repository string "voxel51/fiftyone-teams-cv-full" Container image for delegated-operator-executor.
delegatedOperatorDeployments.template.image.tag string "" Image tag for delegated-operator-executor. Defaults to the chart version.
delegatedOperatorDeployments.template.labels object {} Additional labels for the delegated-operator-executor related objects. Reference.
delegatedOperatorDeployments.template.liveness.failureThreshold int 5 Number of times to retry the liveness probe for the teams-do. Reference.
delegatedOperatorDeployments.template.liveness.periodSeconds int 30 How often (in seconds) to perform the liveness probe for teams-do. Reference.
delegatedOperatorDeployments.template.liveness.timeoutSeconds int 30 Timeout for the liveness probe for the teams-do. Reference.
delegatedOperatorDeployments.template.nodeSelector object {} nodeSelector for delegated-operator-executor. Reference.
delegatedOperatorDeployments.template.podAnnotations object {} Annotations for delegated-operator-executor pods. Reference.
delegatedOperatorDeployments.template.podDisruptionBudget.enabled bool false Whether a pod disruption budget is enabled for teams-plugins.
delegatedOperatorDeployments.template.podDisruptionBudget.minAvailable string nil Sets the minimum available or maximum unavailable replicas for the deployment object. Either integers or percentages supported. maxUnavailable is also supported, however, only one setting can be used at a time. If both are set, minAvailable will be preferred.
delegatedOperatorDeployments.template.podSecurityContext object {} Pod-level security attributes and common container settings for delegated-operator-executor. Reference.
delegatedOperatorDeployments.template.readiness.failureThreshold int 5 Number of times to retry the readiness probe for the teams-do. Reference.
delegatedOperatorDeployments.template.readiness.periodSeconds int 30 How often (in seconds) to perform the readiness probe for teams-do. Reference.
delegatedOperatorDeployments.template.readiness.timeoutSeconds int 30 Timeout for the readiness probe for the teams-do. Reference.
delegatedOperatorDeployments.template.replicaCount int 3 Number of pods in the delegated-operator-executor deployment’s ReplicaSet. This should not exceed the value set in the deployment’s license file for max concurrent delegated operators, which defaults to 3.
delegatedOperatorDeployments.template.resources object {"limits":{},"requests":{}} Container resource requests and limits for delegated-operator-executor. Reference.
delegatedOperatorDeployments.template.secretEnv object {} Secret variables to be passed to the delegated-operator-executor containers.
delegatedOperatorDeployments.template.securityContext object {} Container security configuration for delegated-operator-executor. Reference.
delegatedOperatorDeployments.template.startup.failureThreshold int 5 Number of times to retry the startup probe for the teams-do. Reference.
delegatedOperatorDeployments.template.startup.periodSeconds int 30 How often (in seconds) to perform the startup probe for teams-do. Reference.
delegatedOperatorDeployments.template.startup.timeoutSeconds int 30 Timeout for the startup probe for the teams-do. Reference.
delegatedOperatorDeployments.template.tolerations list [] Allow the k8s scheduler to schedule delegated-operator-executor pods with matching taints. Reference.
delegatedOperatorDeployments.template.topologySpreadConstraints list [] Control how Pods are spread across your distributed footprint. Label selectors will be defaulted to those of the teams-do deployment(s). Reference.
delegatedOperatorDeployments.template.updateStrategy object {"type":"RollingUpdate"} Control how teams-do pods are redeployed during an upgrade. Reference
delegatedOperatorDeployments.template.volumeMounts list [] Volume mounts for delegated-operator-executor pods. Reference.
delegatedOperatorDeployments.template.volumes list [] Volumes for delegated-operator-executor. Reference.
delegatedOperatorJobTemplates.configMap.annotations object {} ConfigMap annotations. Reference.
delegatedOperatorJobTemplates.configMap.create bool true Controls whether to create the ConfigMap named delegatedOperatorJobTemplates.configMap.name.
delegatedOperatorJobTemplates.configMap.labels object {} Additional labels for the generated ConfigMap. Reference.
delegatedOperatorJobTemplates.configMap.name string "" Name of the ConfigMap (existing or to be created) in the namespace namespace.name used for DO templates. Defaults to release-name-fiftyone-teams-app-do-templates.
delegatedOperatorJobTemplates.jobs object {} On-Demand Delegated Operator Jobs.
delegatedOperatorJobTemplates.template object {"activeDeadlineSeconds":null,"affinity":{},"backoffLimit":null,"completions":null,"containerSecurityContext":{},"env":{"FIFTYONE_DELEGATED_OPERATION_LOG_PATH":"","FIFTYONE_MEDIA_CACHE_SIZE_BYTES":-1},"image":{"pullPolicy":"Always","repository":"voxel51/fiftyone-teams-cv-full","tag":""},"jobAnnotations":{},"labels":{},"nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"resources":{"limits":{},"requests":{}},"secretEnv":{},"tolerations":[],"ttlSecondsAfterFinished":null,"volumeMounts":[],"volumes":[]} A common template applied to all deployments. Each deployment can then override individual fields as needed by the operator.
delegatedOperatorJobTemplates.template.activeDeadlineSeconds optional nil Maximum of seconds a job should be able to run. Reference.
delegatedOperatorJobTemplates.template.affinity object {} Affinity and anti-affinity for delegated-operator-executor. Reference.
delegatedOperatorJobTemplates.template.backoffLimit optional nil Amount of retries for the job to try before being marked as “Failed”. Reference.
delegatedOperatorJobTemplates.template.completions optional nil Number of completions to run before marking the job as “Completed”. Reference.
delegatedOperatorJobTemplates.template.containerSecurityContext object {} Container security configuration for generated delegated-operator containers. Reference.
delegatedOperatorJobTemplates.template.env.FIFTYONE_DELEGATED_OPERATION_LOG_PATH string "" Full path to a network-mounted file system or a cloud storage path to use for storing logs generated by delegated operation runs, one file per job. The default "" means log upload is disabled.
delegatedOperatorJobTemplates.template.env.FIFTYONE_MEDIA_CACHE_SIZE_BYTES int -1 Set the media cache size (in bytes) for the local FiftyOne Delegated Operator Executor processes. When not set, the app’s default value is 32 GiB. -1 disables the media cache garbage collection (and cache size is unlimited).
delegatedOperatorJobTemplates.template.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference.
delegatedOperatorJobTemplates.template.image.repository string "voxel51/fiftyone-teams-cv-full" Container image for delegated-operator-executor.
delegatedOperatorJobTemplates.template.image.tag string "" Image tag for delegated-operator-executor. Defaults to the chart version.
delegatedOperatorJobTemplates.template.jobAnnotations object {} Annotations for the teams-do deployment. Reference.
delegatedOperatorJobTemplates.template.labels object {} Additional labels for the delegated-operator-executor related objects. Reference.
delegatedOperatorJobTemplates.template.nodeSelector object {} nodeSelector for delegated-operator-executor. Reference.
delegatedOperatorJobTemplates.template.podAnnotations object {} Annotations for delegated-operator-executor pods. Reference.
delegatedOperatorJobTemplates.template.podSecurityContext object {} Pod-level security attributes and common container settings for delegated-operator-executor. Reference.
delegatedOperatorJobTemplates.template.resources object {"limits":{},"requests":{}} Container resource requests and limits for delegated-operator-executor. Reference.
delegatedOperatorJobTemplates.template.secretEnv object {} Secret variables to be passed to the delegated-operator-executor containers.
delegatedOperatorJobTemplates.template.tolerations list [] Allow the k8s scheduler to schedule delegated-operator-executor pods with matching taints. Reference.
delegatedOperatorJobTemplates.template.ttlSecondsAfterFinished optional nil Number of seconds for a job to sit idle before being automatically removed. Reference.
delegatedOperatorJobTemplates.template.volumeMounts list [] Volume mounts for delegated-operator-executor pods. Reference.
delegatedOperatorJobTemplates.template.volumes list [] Volumes for delegated-operator-executor. Reference.
fiftyoneLicenseSecrets list ["fiftyone-license"] List of secrets for FiftyOne Enterprise Licenses (one per org)
imagePullSecrets list [] Container image registry keys. Reference.
ingress.annotations object {} Ingress annotations. Reference.
ingress.api object {"path":"/*","pathType":"ImplementationSpecific"} The ingress rule values for teams-api, when apiSettings.dnsName is not empty. Reference.
ingress.className string "" Name of the ingress class. When empty, a default Ingress class should be defined. When not empty, this value will be the Ingress class name. Reference
ingress.enabled bool true Controls whether to create the ingress. When false, uses a pre-existing ingress. Reference.
ingress.labels object {} Additional labels for the ingress. Reference.
ingress.paths list [{"path":"/cas","pathType":"Prefix","serviceName":"teams-cas","servicePort":80},{"path":"/*","pathType":"ImplementationSpecific","serviceName":"teams-app","servicePort":80}] Additional ingress rules for the host teamsAppSettings.dnsName for the chart managed ingress (when ingress.enabled: true). Reference.
ingress.paths[0] object {"path":"/cas","pathType":"Prefix","serviceName":"teams-cas","servicePort":80} Ingress path for teams-cas
ingress.paths[0].pathType string "Prefix" Ingress path type
ingress.paths[0].serviceName string "teams-cas" Ingress path service name
ingress.paths[0].servicePort int 80 Ingress path service port
ingress.paths[1] object {"path":"/*","pathType":"ImplementationSpecific","serviceName":"teams-app","servicePort":80} Ingress path for teams-app
ingress.paths[1].pathType string "ImplementationSpecific" Ingress path type
ingress.paths[1].serviceName string "teams-app" Ingress path service name
ingress.paths[1].servicePort int 80 Ingress path service port
ingress.tlsEnabled bool true Controls whether the chart managed ingress contains a spec.tls stanza.
ingress.tlsSecretName string "fiftyone-teams-tls-secret" Name of secret containing TLS certificate for teams-app. Certificate should contain the host names apiSettings.dnsName and teamsAppSettings.dnsName. When ingress.tlsEnabled=True, sets’s the value of ingress’ spec.tls[0].secretName.
namespace.create bool false Controls whether to create the namespace. When false, the namespace must already exists.
namespace.name string "fiftyone-teams" The namespace name used for chart resources.
pluginsSettings.affinity object {} Affinity and anti-affinity for teams-plugins. Reference.
pluginsSettings.autoscaling.enabled bool false Controls horizontal pod autoscaling for teams-plugins. Reference.
pluginsSettings.autoscaling.maxReplicas int 20 Maximum replicas for horizontal pod autoscaling for teams-plugins.
pluginsSettings.autoscaling.minReplicas int 2 Minimum Replicas for horizontal pod autoscaling for teams-plugins.
pluginsSettings.autoscaling.targetCPUUtilizationPercentage int 80 Percent CPU utilization for autoscaling for teams-plugins.
pluginsSettings.autoscaling.targetMemoryUtilizationPercentage int 80 Percent memory utilization for autoscaling for teams-plugins.
pluginsSettings.deploymentAnnotations object {} Annotations for the teams-plugins deployment. Reference.
pluginsSettings.enabled bool false Controls whether to create a dedicated teams-plugins deployment.
pluginsSettings.env.FIFTYONE_INTERNAL_SERVICE bool true Whether the SDK is running in an internal service context. When running in FiftyOne Enterprise, set to true.
pluginsSettings.env.FIFTYONE_MEDIA_CACHE_APP_IMAGES bool false Controls whether cloud media images will be downloaded and added to the local cache upon viewing media in the app.
pluginsSettings.env.FIFTYONE_MEDIA_CACHE_SIZE_BYTES int -1 Set the media cache size (in bytes) for the local FiftyOne Plugins processes. When not set, the app’s default value is 32 GiB. -1 disables the media cache garbage collection (and cache size is unlimited).
pluginsSettings.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference.
pluginsSettings.image.repository string "voxel51/fiftyone-app" Container image for teams-plugins.
pluginsSettings.image.tag string "" Image tag for teams-plugins. Defaults to the chart version.
pluginsSettings.initContainers.containerSecurityContext object {"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"runAsUser":1000} Container security configuration for teams-plugins initContainers. Reference.
pluginsSettings.initContainers.enabled bool true Whether to enable init containers for teams-plugins. Reference.
pluginsSettings.initContainers.image.repository string "docker.io/busybox" Init container images repositories for teams-plugins. Reference.
pluginsSettings.initContainers.image.tag string "stable-glibc" Init container images tags for teams-plugins. Reference.
pluginsSettings.initContainers.resources object {"limits":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"},"requests":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"}} Container resource requests and limits for the teams-plugins initContainers. Reference.
pluginsSettings.labels object {} Additional labels for the teams-plugins related objects. Reference.
pluginsSettings.liveness.failureThreshold int 5 Number of times to retry the liveness probe for the teams-plugins. Reference.
pluginsSettings.liveness.periodSeconds int 15 How often (in seconds) to perform the liveness probe for teams-plugins. Reference.
pluginsSettings.liveness.timeoutSeconds int 5 Timeout for the liveness probe for the teams-plugins. Reference.
pluginsSettings.nodeSelector object {} nodeSelector for teams-plugins. Reference.
pluginsSettings.podAnnotations object {} Annotations for teams-plugins pods. Reference.
pluginsSettings.podDisruptionBudget object {"enabled":false,"minAvailable":null} Pod Disruption Budget for pods for teams-plugins. Reference.
pluginsSettings.podDisruptionBudget.enabled bool false Whether a pod disruption budget is enabled for teams-plugins.
pluginsSettings.podDisruptionBudget.minAvailable string nil Sets the minimum available or maximum unavailable replicas for the deployment object. Either integers or percentages supported. maxUnavailable is also supported, however, only one setting can be used at a time. If both are set, minAvailable will be preferred.
pluginsSettings.podSecurityContext object {} Pod-level security attributes and common container settings for teams-plugins. Reference.
pluginsSettings.readiness.failureThreshold int 5 Number of times to retry the readiness probe for the teams-plugins. Reference.
pluginsSettings.readiness.periodSeconds int 15 How often (in seconds) to perform the readiness probe for teams-plugins. Reference.
pluginsSettings.readiness.timeoutSeconds int 5 Timeout for the readiness probe for the teams-plugins. Reference.
pluginsSettings.replicaCount int 2 Number of pods in the teams-plugins deployment’s ReplicaSet. Ignored when pluginsSettings.autoscaling.enabled: true. Reference.
pluginsSettings.resources object {"limits":{},"requests":{}} Container resource requests and limits for teams-plugins. Reference.
pluginsSettings.secretEnv object {} Secret variables to be passed to the teams-plugins containers.
pluginsSettings.securityContext object {} Container security configuration for teams-plugins. Reference.
pluginsSettings.service.annotations object {} Service annotations for teams-plugins. Reference.
pluginsSettings.service.containerPort int 5151 Service container port for teams-plugins.
pluginsSettings.service.name string "teams-plugins" Service name.
pluginsSettings.service.nodePort int nil Service nodePort set only when pluginsSettings.service.type: NodePort for teams-plugins.
pluginsSettings.service.port int 80 Service port.
pluginsSettings.service.shortname string "teams-plugins" Port name (maximum length is 15 characters) for teams-plugins. Reference.
pluginsSettings.service.type string "ClusterIP" Service type for teams-plugins. Reference.
pluginsSettings.startup.failureThreshold int 5 Number of times to retry the startup probe for the teams-plugins. Reference.
pluginsSettings.startup.periodSeconds int 30 How often (in seconds) to perform the startup probe for teams-plugins. Reference.
pluginsSettings.startup.timeoutSeconds int 5 Timeout for the startup probe for the teams-plugins. Reference.
pluginsSettings.tolerations list [] Allow the k8s scheduler to schedule teams-plugins pods with matching taints. Reference.
pluginsSettings.topologySpreadConstraints list [] Control how Pods are spread across your distributed footprint. Label selectors will be defaulted to those of the teams-plugins deployment. Reference.
pluginsSettings.updateStrategy object {"type":"RollingUpdate"} Control how teams-plugins pods are redeployed during an upgrade. Reference
pluginsSettings.volumeMounts list [] Volume mounts for teams-plugins pods. Reference.
pluginsSettings.volumes list [] Volumes for teams-plugins. Reference.
secret.create bool true Controls whether to create the secret named secret.name.
secret.fiftyone.cookieSecret string "" A randomly generated string for cookie encryption. To generate, run openssl rand -hex 32.
secret.fiftyone.encryptionKey string "" Encryption key for storage credentials. Reference.
secret.fiftyone.fiftyoneAuthSecret string "" A randomly generated string for CAS Authentication. This can be any string you care to use generated by any mechanism you prefer. This is used for inter-service authentication and for the SuperUser to authenticate at the CAS UI to configure the Central Authentication Service.
secret.fiftyone.fiftyoneDatabaseName string "" MongoDB Database Name for FiftyOne Enterprise.
secret.fiftyone.mongodbConnectionString string "" MongoDB Connection String. Reference.
secret.labels object {} Additional labels for the generated secret. Reference.
secret.name string "fiftyone-teams-secrets" Name of the secret (existing or to be created) in the namespace namespace.name.
serviceAccount.annotations object {} Service Account annotations. Reference.
serviceAccount.create bool true Controls whether to create the service account named serviceAccount.name.
serviceAccount.labels object {} Additional labels for the generated service account. Reference.
serviceAccount.name string "fiftyone-teams" Name of the service account (existing or to be created) in the namespace namespace.name used for deployments. Reference.
teamsAppSettings.affinity object {} Affinity and anti-affinity for teams-app. Reference.
teamsAppSettings.autoscaling.enabled bool false Controls horizontal pod autoscaling for teams-app. Reference.
teamsAppSettings.autoscaling.maxReplicas int 5 Maximum Replicas for horizontal autoscaling for teams-app.
teamsAppSettings.autoscaling.minReplicas int 2 Minimum Replicas for horizontal autoscaling for teams-app.
teamsAppSettings.autoscaling.targetCPUUtilizationPercentage int 80 Percent CPU utilization for autoscaling for teams-app.
teamsAppSettings.autoscaling.targetMemoryUtilizationPercentage int 80 Percent memory utilization for autoscaling for teams-app.
teamsAppSettings.deploymentAnnotations object {} Annotations for the teams-app Deployment. Reference.
teamsAppSettings.dnsName string "" DNS Name for the teams-app service. Used in the chart managed ingress (spec.tls.hosts and spec.rules[0].host)
teamsAppSettings.env.APP_USE_HTTPS bool true Controls the protocol of the teams-app. Configure your ingress to match. When true, uses the https protocol. When false, uses the http protocol.
teamsAppSettings.env.FIFTYONE_APP_ALLOW_MEDIA_EXPORT bool true When false, disables media export options
teamsAppSettings.env.FIFTYONE_APP_ANONYMOUS_ANALYTICS_ENABLED bool true Controls whether anonymous analytics are captured for the application. Set to false to opt-out of anonymous analytics.
teamsAppSettings.env.FIFTYONE_APP_TEAMS_SDK_RECOMMENDED_VERSION string "2.14.0" The recommended fiftyone SDK version that will be displayed in the install modal (i.e. pip install ... fiftyone==0.11.0).
teamsAppSettings.env.FIFTYONE_APP_THEME string "dark" The default theme configuration. dark: Theme will be dark when user visits for the first time. light: Theme will be light theme when user visits for the first time. always-dark: Sets dark theme on each refresh (overrides user theme changes in the app). always-light: Sets light theme on each refresh (overrides user theme changes in the app).
teamsAppSettings.env.RECOIL_DUPLICATE_ATOM_KEY_CHECKING_ENABLED bool false Disable duplicate atom/selector key checking that generated false-positive errors. Reference.
teamsAppSettings.fiftyoneApiOverride string "" Overrides the FIFTYONE_API_URI environment variable. When set FIFTYONE_API_URI controls the value shown in the API Key Modal providing guidance for connecting to the FiftyOne Enterprise API. FIFTYONE_API_URI uses the value from apiSettings.dnsName if it is set, or uses the teamsAppSettings.dnsName
teamsAppSettings.image.pullPolicy string "Always" Instruct when the kubelet should pull (download) the specified image. One of IfNotPresent, Always or Never. Reference]image-pull-policy.
teamsAppSettings.image.repository string "voxel51/fiftyone-teams-app" Container image for teams-app.
teamsAppSettings.image.tag string "" Image tag for teams-app. Defaults to the chart version.
teamsAppSettings.initContainers.containerSecurityContext object {"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"runAsNonRoot":true,"runAsUser":1000} Container security configuration for teams-app initContainers. Reference.
teamsAppSettings.initContainers.enabled bool true Whether to enable init containers for teams-app. Reference.
teamsAppSettings.initContainers.image.repository string "docker.io/busybox" Init container images repositories for teams-app. Reference.
teamsAppSettings.initContainers.image.tag string "stable-glibc" Init container images tags for teams-app. Reference.
teamsAppSettings.initContainers.resources object {"limits":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"},"requests":{"cpu":"10m","ephemeral-storage":"64Mi","memory":"128Mi"}} Container resource requests and limits for the teams-app initContainers. Reference.
teamsAppSettings.labels object {} Additional labels for the teams-app related objects. Reference.
teamsAppSettings.liveness.failureThreshold int 5 Number of times to retry the liveness probe for the teams-app. Reference.
teamsAppSettings.liveness.periodSeconds int 15 How often (in seconds) to perform the liveness probe for teams-app. Reference.
teamsAppSettings.liveness.timeoutSeconds int 5 Timeout for the liveness probe for the fiftyone-app. Reference.
teamsAppSettings.nodeSelector object {} nodeSelector for teams-app. Reference.
teamsAppSettings.podAnnotations object {} Annotations for teams-app pods. Reference.
teamsAppSettings.podDisruptionBudget object {"enabled":false,"minAvailable":null} Pod Disruption Budget for pods for teams-app. Reference.
teamsAppSettings.podDisruptionBudget.enabled bool false Whether a pod disruption budget is enabled for teams-app.
teamsAppSettings.podDisruptionBudget.minAvailable string nil Sets the minimum available or maximum unavailable replicas for the deployment object. Either integers or percentages supported. maxUnavailable is also supported, however, only one setting can be used at a time. If both are set, minAvailable will be preferred.
teamsAppSettings.podSecurityContext object {} Pod-level security attributes and common container settings for teams-app. Reference.
teamsAppSettings.readiness.failureThreshold int 5 Number of times to retry the readiness probe for the teams-app. Reference.
teamsAppSettings.readiness.periodSeconds int 15 How often (in seconds) to perform the readiness probe for teams-app. Reference.
teamsAppSettings.readiness.timeoutSeconds int 5 Timeout for the readiness probe for the fiftyone-app. Reference.
teamsAppSettings.replicaCount int 2 Number of pods in the teams-app deployment’s ReplicaSet. Ignored when teamsAppSettings.autoscaling.enabled: true. Reference.
teamsAppSettings.resources object {"limits":{},"requests":{}} Container resource requests and limits for teams-app. Reference.
teamsAppSettings.secretEnv object {} Secret variables to be passed to the teams-app containers.
teamsAppSettings.securityContext object {} Container security configuration for teams-app. Reference.
teamsAppSettings.service.annotations object {} Service annotations for teams-app. Reference.
teamsAppSettings.service.containerPort int 3000 Service container port for teams-app.
teamsAppSettings.service.name string "teams-app" Service name.
teamsAppSettings.service.nodePort int nil Service nodePort set only when teamsAppSettings.service.type: NodePort for teams-app.
teamsAppSettings.service.port int 80 Service port.
teamsAppSettings.service.shortname string "teams-app" Port name (maximum length is 15 characters) for teams-app. Reference.
teamsAppSettings.service.type string "ClusterIP" Service type for teams-app. Reference.
teamsAppSettings.startup.failureThreshold int 5 Number of times to retry the startup probe for the teams-app. Reference.
teamsAppSettings.startup.periodSeconds int 30 How often (in seconds) to perform the startup probe for teams-app. Reference.
teamsAppSettings.startup.timeoutSeconds int 5 Timeout for the startup probe for the fiftyone-app. Reference.
teamsAppSettings.tolerations list [] Allow the k8s scheduler to schedule teams-app pods with matching taints. Reference.
teamsAppSettings.topologySpreadConstraints list [] Control how Pods are spread across your distributed footprint. Label selectors will be defaulted to those of the teams-app deployment. Reference.
teamsAppSettings.updateStrategy object {"type":"RollingUpdate"} Control how teams-app pods are redeployed during an upgrade. Reference
teamsAppSettings.volumeMounts list [] Volume mounts for teams-app pods. Reference.
teamsAppSettings.volumes list [] Volumes for teams-app pods. Reference.
This site is open source. Improve this page.