--- title: "Values Reference" description: "Complete reference for Bifrost Helm chart values — key parameters, how to supply them, and links to example files" icon: "sliders" --- This page covers every top-level parameter group in the Bifrost Helm chart's `values.yaml`, how to supply values via `--set` vs `-f`, and where to find ready-made example files. The full values schema is available at [https://getbifrost.ai/schema](https://getbifrost.ai/schema). All `values.yaml` fields map directly to `config.json` fields generated by the chart. ## Supplying Values ### One-liner with `--set` Good for a single field or quick experiments: ```bash helm install bifrost bifrost/bifrost \ --set image.tag=v1.4.11 \ --set replicaCount=3 \ --set bifrost.client.initialPoolSize=500 ``` ### Values file with `-f` Recommended for anything beyond a couple of fields: ```bash # Create your values file cat > my-values.yaml <<'EOF' image: tag: "v1.4.11" replicaCount: 2 bifrost: encryptionKey: "your-32-byte-encryption-key-here" client: initialPoolSize: 500 enableLogging: true EOF # Install helm install bifrost bifrost/bifrost -f my-values.yaml # Upgrade later helm upgrade bifrost bifrost/bifrost -f my-values.yaml # Upgrade and reuse all previously set values, overriding only one field helm upgrade bifrost bifrost/bifrost \ --reuse-values \ --set replicaCount=5 ``` ### Multiple values files Later files override earlier ones — useful for a base + environment-specific overlay: ```bash helm install bifrost bifrost/bifrost \ -f base-values.yaml \ -f production-overrides.yaml ``` --- ## Key Parameters Reference ### Image | Parameter | Description | Default | |-----------|-------------|---------| | `image.repository` | Container image repository | `docker.io/maximhq/bifrost` | | `image.tag` | **Required.** Image version (e.g. `v1.4.11`) | `""` | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | | `imagePullSecrets` | List of pull secret names for private registries | `[]` | ```bash # Always specify the tag — the chart will not start without it helm install bifrost bifrost/bifrost --set image.tag=v1.4.11 ``` ### Replicas & Autoscaling | Parameter | Description | Default | |-----------|-------------|---------| | `replicaCount` | Static replica count (ignored when HPA is enabled) | `1` | | `autoscaling.enabled` | Enable Horizontal Pod Autoscaler | `false` | | `autoscaling.minReplicas` | Minimum replicas | `1` | | `autoscaling.maxReplicas` | Maximum replicas | `10` | | `autoscaling.targetCPUUtilizationPercentage` | CPU target for scaling | `80` | | `autoscaling.targetMemoryUtilizationPercentage` | Memory target for scaling | `80` | | `autoscaling.behavior.scaleDown.stabilizationWindowSeconds` | Cooldown before scale-down (important for SSE streams) | `300` | | `autoscaling.behavior.scaleDown.policies[0].value` | Max pods removed per period | `1` | ### Resources | Parameter | Description | Default | |-----------|-------------|---------| | `resources.requests.cpu` | CPU request | `500m` | | `resources.requests.memory` | Memory request | `512Mi` | | `resources.limits.cpu` | CPU limit | `2000m` | | `resources.limits.memory` | Memory limit | `2Gi` | ### Service | Parameter | Description | Default | |-----------|-------------|---------| | `service.type` | `ClusterIP`, `LoadBalancer`, or `NodePort` | `ClusterIP` | | `service.port` | Service port | `8080` | ### Ingress | Parameter | Description | Default | |-----------|-------------|---------| | `ingress.enabled` | Enable ingress | `false` | | `ingress.className` | Ingress class (e.g. `nginx`, `traefik`) | `""` | | `ingress.annotations` | Ingress annotations | `{}` | | `ingress.hosts` | Host rules | see values.yaml | | `ingress.tls` | TLS configuration | `[]` | ```yaml ingress: enabled: true className: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/proxy-body-size: "100m" hosts: - host: bifrost.yourdomain.com paths: - path: / pathType: Prefix tls: - secretName: bifrost-tls hosts: - bifrost.yourdomain.com ``` ### Probes | Parameter | Description | Default | |-----------|-------------|---------| | `livenessProbe.initialDelaySeconds` | Seconds before first liveness check | `30` | | `livenessProbe.periodSeconds` | Liveness check interval | `30` | | `readinessProbe.initialDelaySeconds` | Seconds before first readiness check | `10` | | `readinessProbe.periodSeconds` | Readiness check interval | `10` | Both probes hit `GET /health`. ### Graceful Shutdown Bifrost supports long-lived SSE streaming connections. The default `preStop` hook and termination grace period let in-flight streams finish before the pod is killed: | Parameter | Description | Default | |-----------|-------------|---------| | `terminationGracePeriodSeconds` | Total grace period | `60` | | `lifecycle.preStop.exec.command` | Sleep before SIGTERM so load balancer drains | `["sh", "-c", "sleep 15"]` | Increase `terminationGracePeriodSeconds` if your typical stream responses take longer than 45 seconds. ### Service Account | Parameter | Description | Default | |-----------|-------------|---------| | `serviceAccount.create` | Create a dedicated service account | `true` | | `serviceAccount.annotations` | Annotations (e.g. for IRSA, Workload Identity) | `{}` | | `serviceAccount.name` | Override the generated name | `""` | ### Pod Scheduling ```yaml # Spread replicas across nodes affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/name: bifrost topologyKey: kubernetes.io/hostname # Pin to specific node pool nodeSelector: node-type: ai-workload # Tolerate GPU taints tolerations: - key: "gpu" operator: "Equal" value: "true" effect: "NoSchedule" ``` ### Extra Environment Variables Three ways to inject env vars: ```yaml # Inline key/value pairs env: - name: HTTP_PROXY value: "http://proxy.corp.example.com:3128" # Map syntax (appended after env) extraEnv: NO_PROXY: "169.254.169.254,10.0.0.0/8" # Bulk-load from existing Secrets or ConfigMaps envFrom: - secretRef: name: my-corp-secrets - configMapRef: name: my-app-config ``` ### Init Containers ```yaml initContainers: - name: wait-for-db image: busybox:1.35 command: ["sh", "-c", "until nc -z postgres-svc 5432; do sleep 2; done"] ``` --- ## Values Examples The chart ships ready-made example files under [`helm-charts/bifrost/values-examples/`](https://github.com/maximhq/bifrost/tree/main/helm-charts/bifrost/values-examples): | File | Use case | |------|----------| | `sqlite-only.yaml` | Minimal local/dev setup | | `postgres-only.yaml` | Single-store Postgres | | `production-ha.yaml` | HA: 3 replicas, Postgres, Weaviate, HPA, Ingress | | `providers-and-virtual-keys.yaml` | All 23 providers + 7 virtual key patterns | | `secrets-from-k8s.yaml` | All sensitive values from Kubernetes Secrets | | `external-postgres.yaml` | Point at an existing Postgres instance | | `postgres-redis.yaml` | Postgres + Redis vector store | | `postgres-weaviate.yaml` | Postgres + Weaviate vector store | | `postgres-qdrant.yaml` | Postgres + Qdrant vector store | | `semantic-cache-secret-example.yaml` | Semantic cache with secret injection | | `mixed-backend.yaml` | Config store = postgres, logs store = sqlite | Install from an example file directly: ```bash helm install bifrost bifrost/bifrost \ -f https://raw.githubusercontent.com/maximhq/bifrost/main/helm-charts/bifrost/values-examples/production-ha.yaml \ --set image.tag=v1.4.11 ``` --- ## Helm Operations ### View current values ```bash helm get values bifrost ``` ### Diff before upgrading (requires helm-diff plugin) ```bash helm diff upgrade bifrost bifrost/bifrost -f my-values.yaml ``` ### Rollback ```bash helm history bifrost helm rollback bifrost # to previous revision helm rollback bifrost 2 # to revision 2 ``` ### Uninstall ```bash helm uninstall bifrost # Also remove PVCs (deletes all data) kubectl delete pvc -l app.kubernetes.io/instance=bifrost ``` --- ## All Key Parameters A quick-reference table of the most commonly used top-level parameters: | Parameter | Description | Default | |-----------|-------------|---------| | `image.tag` | **Required.** Bifrost image version (e.g., `v1.4.11`) | `""` | | `replicaCount` | Number of replicas | `1` | | `storage.mode` | Storage backend (`sqlite` or `postgres`) | `sqlite` | | `storage.persistence.size` | PVC size for SQLite | `10Gi` | | `postgresql.enabled` | Deploy embedded PostgreSQL | `false` | | `vectorStore.enabled` | Enable vector store | `false` | | `vectorStore.type` | Vector store type (`weaviate`, `redis`, `qdrant`) | `none` | | `bifrost.encryptionKey` | Optional encryption key (use `encryptionKeySecret` in production). If omitted, data is stored in plaintext. | `""` | | `ingress.enabled` | Enable ingress | `false` | | `autoscaling.enabled` | Enable HPA | `false` | ### Secret Reference Parameters Use existing Kubernetes Secrets instead of plain-text values. Every sensitive field in the chart has a corresponding `existingSecret` / `secretRef` alternative: | Parameter | Description | Default | |-----------|-------------|---------| | `bifrost.encryptionKeySecret.name` | Secret name for encryption key | `""` | | `bifrost.encryptionKeySecret.key` | Key within the secret | `"encryption-key"` | | `postgresql.external.existingSecret` | Secret name for PostgreSQL password | `""` | | `postgresql.external.passwordKey` | Key within the secret | `"password"` | | `vectorStore.redis.external.existingSecret` | Secret name for Redis password | `""` | | `vectorStore.redis.external.passwordKey` | Key within the secret | `"password"` | | `vectorStore.weaviate.external.existingSecret` | Secret name for Weaviate API key | `""` | | `vectorStore.weaviate.external.apiKeyKey` | Key within the secret | `"api-key"` | | `vectorStore.qdrant.external.existingSecret` | Secret name for Qdrant API key | `""` | | `vectorStore.qdrant.external.apiKeyKey` | Key within the secret | `"api-key"` | | `bifrost.plugins.maxim.secretRef.name` | Secret name for Maxim API key | `""` | | `bifrost.plugins.maxim.secretRef.key` | Key within the secret | `"api-key"` | | `bifrost.providerSecrets..existingSecret` | Secret name for provider API key | `""` | | `bifrost.providerSecrets..key` | Key within the secret | `"api-key"` | | `bifrost.providerSecrets..envVar` | Environment variable name to inject | `""` | --- ## Advanced Configuration ### Comprehensive Example A production-ready values file combining the most common settings: ```yaml # my-values.yaml image: tag: "v1.4.11" replicaCount: 3 storage: mode: postgres postgresql: enabled: true auth: password: "secure-password" # use existingSecret in production autoscaling: enabled: true minReplicas: 3 maxReplicas: 10 ingress: enabled: true className: nginx hosts: - host: bifrost.example.com paths: - path: / pathType: Prefix bifrost: encryptionKeySecret: name: "bifrost-encryption" key: "key" providers: openai: keys: - name: "primary" value: "env.OPENAI_API_KEY" weight: 1 providerSecrets: openai: existingSecret: "provider-api-keys" key: "openai-api-key" envVar: "OPENAI_API_KEY" ``` ```bash helm install bifrost bifrost/bifrost -f my-values.yaml ``` ### Node Affinity & Scheduling Deploy to specific nodes and spread replicas across hosts: ```yaml nodeSelector: node-type: ai-workload affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/name: bifrost topologyKey: kubernetes.io/hostname tolerations: - key: "gpu" operator: "Equal" value: "true" effect: "NoSchedule" ``` ### Deployment & Pod Annotations Useful for tooling like [Keel](https://keel.sh) for automatic image updates or Datadog APM injection: ```yaml deploymentAnnotations: keel.sh/policy: force keel.sh/trigger: poll podAnnotations: ad.datadoghq.com/bifrost.logs: '[{"source":"bifrost","service":"bifrost"}]' ``` --- ## Common Patterns Ready-made values files for the most common deployment scenarios. Each pattern builds on the [quickstart](/deployment-guides/helm). Simple setup for local testing. SQLite, single replica, no autoscaling. ```bash helm install bifrost bifrost/bifrost \ --set image.tag=v1.4.11 \ --set 'bifrost.providers.openai.keys[0].name=dev-key' \ --set 'bifrost.providers.openai.keys[0].value=sk-your-key' \ --set 'bifrost.providers.openai.keys[0].weight=1' ``` ```bash # Access kubectl port-forward svc/bifrost 8080:8080 ``` Multiple LLM providers with weighted load balancing. ```bash kubectl create secret generic provider-keys \ --from-literal=openai-api-key='sk-...' \ --from-literal=anthropic-api-key='sk-ant-...' \ --from-literal=gemini-api-key='your-gemini-key' ``` ```yaml # multi-provider.yaml image: tag: "v1.4.11" bifrost: encryptionKey: "your-encryption-key" client: enableLogging: true allowDirectKeys: false providers: openai: keys: - name: "openai-primary" value: "env.OPENAI_API_KEY" weight: 2 # 50% of traffic anthropic: keys: - name: "anthropic-primary" value: "env.ANTHROPIC_API_KEY" weight: 1 # 25% gemini: keys: - name: "gemini-primary" value: "env.GEMINI_API_KEY" weight: 1 # 25% providerSecrets: openai: existingSecret: "provider-keys" key: "openai-api-key" envVar: "OPENAI_API_KEY" anthropic: existingSecret: "provider-keys" key: "anthropic-api-key" envVar: "ANTHROPIC_API_KEY" gemini: existingSecret: "provider-keys" key: "gemini-api-key" envVar: "GEMINI_API_KEY" plugins: telemetry: enabled: true logging: enabled: true ``` ```bash helm install bifrost bifrost/bifrost -f multi-provider.yaml ``` Use an existing PostgreSQL instance — RDS, Cloud SQL, Azure Database, or self-managed. ```bash kubectl create secret generic postgres-credentials \ --from-literal=password='your-external-postgres-password' ``` ```yaml # external-db.yaml image: tag: "v1.4.11" storage: mode: postgres postgresql: enabled: false external: enabled: true host: "your-rds-endpoint.us-east-1.rds.amazonaws.com" port: 5432 user: "bifrost" database: "bifrost" sslMode: "require" existingSecret: "postgres-credentials" passwordKey: "password" bifrost: encryptionKey: "your-encryption-key" providers: openai: keys: - name: "openai-primary" value: "sk-..." weight: 1 ``` ```bash helm install bifrost bifrost/bifrost -f external-db.yaml ``` Semantic response caching for high-volume AI inference. ```bash kubectl create secret generic bifrost-encryption \ --from-literal=key='your-32-byte-encryption-key' kubectl create secret generic provider-keys \ --from-literal=openai-api-key='sk-your-key' ``` ```yaml # ai-workload.yaml image: tag: "v1.4.11" storage: mode: postgres postgresql: enabled: true auth: password: "secure-password" primary: persistence: size: 50Gi vectorStore: enabled: true type: weaviate weaviate: enabled: true persistence: size: 50Gi bifrost: encryptionKeySecret: name: "bifrost-encryption" key: "key" providers: openai: keys: - name: "openai-primary" value: "env.OPENAI_API_KEY" weight: 1 providerSecrets: openai: existingSecret: "provider-keys" key: "openai-api-key" envVar: "OPENAI_API_KEY" plugins: semanticCache: enabled: true config: provider: "openai" keys: - value: "env.OPENAI_API_KEY" weight: 1 embedding_model: "text-embedding-3-small" dimension: 1536 threshold: 0.85 ttl: "1h" cache_by_model: true cache_by_provider: true ``` ```bash helm install bifrost bifrost/bifrost -f ai-workload.yaml ``` Zero credentials in values files — all sensitive data in Kubernetes Secrets. ```bash kubectl create secret generic postgres-credentials \ --from-literal=password='your-postgres-password' kubectl create secret generic bifrost-encryption \ --from-literal=key='your-encryption-key' kubectl create secret generic provider-keys \ --from-literal=openai-api-key='sk-...' \ --from-literal=anthropic-api-key='sk-ant-...' kubectl create secret generic qdrant-credentials \ --from-literal=api-key='your-qdrant-api-key' ``` ```yaml # secrets-only.yaml image: tag: "v1.4.11" storage: mode: postgres postgresql: enabled: false external: enabled: true host: "postgres.example.com" port: 5432 user: "bifrost" database: "bifrost" sslMode: "require" existingSecret: "postgres-credentials" passwordKey: "password" vectorStore: enabled: true type: qdrant qdrant: enabled: false external: enabled: true host: "qdrant.example.com" port: 6334 existingSecret: "qdrant-credentials" apiKeyKey: "api-key" bifrost: encryptionKeySecret: name: "bifrost-encryption" key: "key" providers: openai: keys: - name: "openai-primary" value: "env.OPENAI_API_KEY" weight: 1 anthropic: keys: - name: "anthropic-primary" value: "env.ANTHROPIC_API_KEY" weight: 1 providerSecrets: openai: existingSecret: "provider-keys" key: "openai-api-key" envVar: "OPENAI_API_KEY" anthropic: existingSecret: "provider-keys" key: "anthropic-api-key" envVar: "ANTHROPIC_API_KEY" ``` ```bash helm install bifrost bifrost/bifrost -f secrets-only.yaml ```