LibreChat/helm/librechat/templates/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "librechat.fullname" $ }}
  labels:
    {{- include "librechat.labels" . | nindent 4 }}
    {{- with .Values.deploymentLabels }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
  annotations:
    {{- with .Values.deploymentAnnotations }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
spec:
  replicas: {{ .Values.replicaCount }}
  {{- if .Values.updateStrategy }}
  strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
  {{- end }}
  selector:
    matchLabels:
      {{- include "librechat.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      annotations:
        {{ if .Values.librechat.configYamlContent }}checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}{{ end }}
        checksum/configEnv: {{ include (print $.Template.BasePath "/configmap-env.yaml") . | sha256sum }}
        {{- with .Values.podAnnotations }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      labels:
        {{- include "librechat.labels" . | nindent 8 }}
        {{- with .Values.podLabels }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
    spec:
      {{- with .Values.hostAliases }}
      hostAliases:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- if .Values.dnsPolicy }}
      dnsPolicy: {{ .Values.dnsPolicy }}
      {{- end }}
      {{- with .Values.dnsConfig }}
      dnsConfig:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "librechat.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
        - name: {{ include "librechat.fullname" $ }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          ports:
            - name: http
              containerPort: {{ .Values.service.containerPort | default .Values.service.port }}
              protocol: TCP
          lifecycle:
            {{- toYaml .Values.lifecycle | nindent 12 }}
          livenessProbe:
            {{- toYaml .Values.livenessProbe | nindent 12 }}
          readinessProbe:
            {{- toYaml .Values.readinessProbe | nindent 12 }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
          {{- if or .Values.librechat.configYamlContent .Values.librechat.existingConfigYaml }}
          - name: config-yaml
            mountPath: "/app/librechat.yaml"
            subPath: "librechat.yaml"
            readOnly: true
          {{- end }}
          {{- if .Values.librechat.imageVolume.enabled }}
          - name: image-volume
            mountPath: "/app/client/public/images"
          {{- end }}
          {{- if .Values.volumeMounts }}
          {{- toYaml .Values.volumeMounts | nindent 10 }}
          {{- end }}
          envFrom:
          - configMapRef:
              name: {{ include "librechat.fullname" $ }}-configenv
          {{- if .Values.global.librechat.existingSecretName }}
          - secretRef:
              name: {{ .Values.global.librechat.existingSecretName }}
              optional: true
          {{- end }}
          {{- with .Values.global.librechat.env }}
          env:
          {{- toYaml . | nindent 12 }}
          {{- end }}
      volumes:
      {{- if or .Values.librechat.configYamlContent .Values.librechat.existingConfigYaml }}
      - name: config-yaml
        configMap:
        {{- if .Values.librechat.existingConfigYaml }}
          name: {{ .Values.librechat.existingConfigYaml }}
        {{- else if .Values.librechat.configYamlContent }}
          name: {{ include "librechat.fullname" $ }}-config
        {{- end }}
      {{- end }}
      {{- if .Values.librechat.imageVolume.enabled }}
      - name: image-volume
        persistentVolumeClaim:
          claimName: {{ include "librechat.fullname" $ }}-images
      {{- end }}
      {{- if .Values.volumes }}
      {{- toYaml .Values.volumes | nindent 6 }}
      {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
📊 feat: Improve Helm Chart (#3638) * Replaced Helm Charts with Blue Atlas Charts * Fix Workflow * improve docs * update gitignore * Update docs * change values order, add hpa * change tls example domain * Default: Enable liveness and readiness * chore: bump base chart * apply requested changes * add Release fix * add: error handling * chore: cleanup and testing * fix: adjust Chart.yaml --------- Co-authored-by: hofq <gregorspalme@protonmail.com> Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com> 2025-05-17 21:52:16 +02:00			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: {{ include "librechat.fullname" $ }}`
			`labels:`
			`{{- include "librechat.labels" . \| nindent 4 }}`
🏷️ feat: Add Custom Deployment Labels and Annotations for Helm (#10076) 2025-10-11 17:15:35 +02:00			`{{- with .Values.deploymentLabels }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- end }}`
			`annotations:`
			`{{- with .Values.deploymentAnnotations }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- end }}`
📊 feat: Improve Helm Chart (#3638) * Replaced Helm Charts with Blue Atlas Charts * Fix Workflow * improve docs * update gitignore * Update docs * change values order, add hpa * change tls example domain * Default: Enable liveness and readiness * chore: bump base chart * apply requested changes * add Release fix * add: error handling * chore: cleanup and testing * fix: adjust Chart.yaml --------- Co-authored-by: hofq <gregorspalme@protonmail.com> Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com> 2025-05-17 21:52:16 +02:00			`spec:`
			`replicas: {{ .Values.replicaCount }}`
			`{{- if .Values.updateStrategy }}`
			`strategy: {{- toYaml .Values.updateStrategy \| nindent 4 }}`
			`{{- end }}`
			`selector:`
			`matchLabels:`
			`{{- include "librechat.selectorLabels" . \| nindent 6 }}`
			`template:`
			`metadata:`
			`annotations:`
			`{{ if .Values.librechat.configYamlContent }}checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . \| sha256sum }}{{ end }}`
			`checksum/configEnv: {{ include (print $.Template.BasePath "/configmap-env.yaml") . \| sha256sum }}`
			`{{- with .Values.podAnnotations }}`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`labels:`
			`{{- include "librechat.labels" . \| nindent 8 }}`
			`{{- with .Values.podLabels }}`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`spec:`
☸️ feat: Helm `hostAliases` Support For Custom DNS Mappings (#9857) Add ability to configure hostAliases in Helm chart to redirect traffic to proxy servers or custom endpoints via /etc/hosts entries. Co-authored-by: Feng Lu <feng.lu@kindredgroup.com> 2025-09-27 16:49:36 +02:00			`{{- with .Values.hostAliases }}`
			`hostAliases:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
🌐 feat: Helm DNS Configuration Support for Traffic Redirection (#9785) This PR adds DNS configuration support to the LibreChat Helm chart, enabling users to redirect traffic to proxy servers or use custom DNS settings. ## What's Changed - Added dnsPolicy and dnsConfig fields to deployment.yaml template - Added DNS configuration options to values.yaml with comprehensive examples - Created documentation and example configurations ## Use Cases - Redirect AI service traffic (AWS Bedrock, OpenAI, etc.) to proxy servers - Use corporate DNS servers for name resolution - Control traffic routing through custom DNS configurations - Enforce traffic through security gateways ## Configuration Example ```yaml dnsPolicy: "None" dnsConfig: nameservers: - "10.0.0.10" # Custom DNS server for redirections searches: - "svc.cluster.local" options: - name: ndots value: "2" ``` ## Testing Results ✅ Successfully tested with Docker Compose environment ✅ DNS resolution correctly redirects to configured IPs ✅ HTTP requests properly routed to proxy servers ✅ Tested with multiple domains (AWS Bedrock, OpenAI, SageMaker) Test output: - bedrock-runtime.us-east-1.amazonaws.com -> 172.25.0.10 ✓ - api.openai.com -> 172.25.0.10 ✓ - sagemaker-runtime.us-east-1.amazonaws.com -> 172.25.0.10 ✓ All DNS redirects working correctly with proxy server receiving traffic. ## Documentation - Added comprehensive DNS_CONFIGURATION.md guide - Included examples for common use cases - Provided troubleshooting steps ## Backward Compatibility This change is fully backward compatible. If dnsPolicy and dnsConfig are not specified, the default Kubernetes DNS behavior is maintained. Fixes #[issue_number] Co-authored-by: LibreChat User <user@example.com> 2025-09-23 16:41:58 +02:00			`{{- if .Values.dnsPolicy }}`
			`dnsPolicy: {{ .Values.dnsPolicy }}`
			`{{- end }}`
			`{{- with .Values.dnsConfig }}`
			`dnsConfig:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
📊 feat: Improve Helm Chart (#3638) * Replaced Helm Charts with Blue Atlas Charts * Fix Workflow * improve docs * update gitignore * Update docs * change values order, add hpa * change tls example domain * Default: Enable liveness and readiness * chore: bump base chart * apply requested changes * add Release fix * add: error handling * chore: cleanup and testing * fix: adjust Chart.yaml --------- Co-authored-by: hofq <gregorspalme@protonmail.com> Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com> 2025-05-17 21:52:16 +02:00			`{{- with .Values.imagePullSecrets }}`
			`imagePullSecrets:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
⛑️ feat: Helm `serviceAccount` Config (#9606) 2025-09-12 14:37:29 -07:00			`serviceAccountName: {{ include "librechat.serviceAccountName" . }}`
📊 feat: Improve Helm Chart (#3638) * Replaced Helm Charts with Blue Atlas Charts * Fix Workflow * improve docs * update gitignore * Update docs * change values order, add hpa * change tls example domain * Default: Enable liveness and readiness * chore: bump base chart * apply requested changes * add Release fix * add: error handling * chore: cleanup and testing * fix: adjust Chart.yaml --------- Co-authored-by: hofq <gregorspalme@protonmail.com> Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com> 2025-05-17 21:52:16 +02:00			`securityContext:`
			`{{- toYaml .Values.podSecurityContext \| nindent 8 }}`
			`containers:`
			`- name: {{ include "librechat.fullname" $ }}`
			`securityContext:`
			`{{- toYaml .Values.securityContext \| nindent 12 }}`
			`image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag \| default .Chart.AppVersion }}"`
			`imagePullPolicy: {{ .Values.image.pullPolicy }}`
			`ports:`
			`- name: http`
📊 feat: Helm Chart Port Flexibility and MongoDB Update (#9750) - Update MongoDB chart dependency from v16.3.0 to v16.5.45 - Add explicit containerPort configuration with fallback to service.port - Standardize port references in health probes to use explicit port numbers - Add targetPort and containerPort fields to service configuration - Include service type options as inline comment for better clarity These changes improve the Helm chart's port management flexibility and bring the MongoDB dependency up to date with the latest stable version. Co-authored-by: Jerum Hubbert <jerum.hubbert@scientificgames.com> 2025-09-23 09:48:07 -04:00			`containerPort: {{ .Values.service.containerPort \| default .Values.service.port }}`
📊 feat: Improve Helm Chart (#3638) * Replaced Helm Charts with Blue Atlas Charts * Fix Workflow * improve docs * update gitignore * Update docs * change values order, add hpa * change tls example domain * Default: Enable liveness and readiness * chore: bump base chart * apply requested changes * add Release fix * add: error handling * chore: cleanup and testing * fix: adjust Chart.yaml --------- Co-authored-by: hofq <gregorspalme@protonmail.com> Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com> 2025-05-17 21:52:16 +02:00			`protocol: TCP`
			`lifecycle:`
			`{{- toYaml .Values.lifecycle \| nindent 12 }}`
			`livenessProbe:`
			`{{- toYaml .Values.livenessProbe \| nindent 12 }}`
			`readinessProbe:`
			`{{- toYaml .Values.readinessProbe \| nindent 12 }}`
			`resources:`
			`{{- toYaml .Values.resources \| nindent 12 }}`
			`volumeMounts:`
			`{{- if or .Values.librechat.configYamlContent .Values.librechat.existingConfigYaml }}`
			`- name: config-yaml`
			`mountPath: "/app/librechat.yaml"`
			`subPath: "librechat.yaml"`
			`readOnly: true`
			`{{- end }}`
			`{{- if .Values.librechat.imageVolume.enabled }}`
			`- name: image-volume`
			`mountPath: "/app/client/public/images"`
			`{{- end }}`
			`{{- if .Values.volumeMounts }}`
			`{{- toYaml .Values.volumeMounts \| nindent 10 }}`
			`{{- end }}`
			`envFrom:`
			`- configMapRef:`
			`name: {{ include "librechat.fullname" $ }}-configenv`
			`{{- if .Values.global.librechat.existingSecretName }}`
			`- secretRef:`
			`name: {{ .Values.global.librechat.existingSecretName }}`
			`optional: true`
			`{{- end }}`
🔓 feat: Expose Env Field in Helm Deployment Template (#9890) * Add support for extra secrets and config maps in helm deployment template * expose single env field in values field instead of extra secret and config map fields * a small fix 2025-10-01 15:32:19 +02:00			`{{- with .Values.global.librechat.env }}`
			`env:`
			`{{- toYaml . \| nindent 12 }}`
			`{{- end }}`
📊 feat: Improve Helm Chart (#3638) * Replaced Helm Charts with Blue Atlas Charts * Fix Workflow * improve docs * update gitignore * Update docs * change values order, add hpa * change tls example domain * Default: Enable liveness and readiness * chore: bump base chart * apply requested changes * add Release fix * add: error handling * chore: cleanup and testing * fix: adjust Chart.yaml --------- Co-authored-by: hofq <gregorspalme@protonmail.com> Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com> 2025-05-17 21:52:16 +02:00			`volumes:`
			`{{- if or .Values.librechat.configYamlContent .Values.librechat.existingConfigYaml }}`
			`- name: config-yaml`
			`configMap:`
			`{{- if .Values.librechat.existingConfigYaml }}`
			`name: {{ .Values.librechat.existingConfigYaml }}`
			`{{- else if .Values.librechat.configYamlContent }}`
			`name: {{ include "librechat.fullname" $ }}-config`
			`{{- end }}`
			`{{- end }}`
			`{{- if .Values.librechat.imageVolume.enabled }}`
			`- name: image-volume`
			`persistentVolumeClaim:`
			`claimName: {{ include "librechat.fullname" $ }}-images`
			`{{- end }}`
			`{{- if .Values.volumes }}`
			`{{- toYaml .Values.volumes \| nindent 6 }}`
			`{{- end }}`
			`{{- with .Values.nodeSelector }}`
			`nodeSelector:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`{{- with .Values.affinity }}`
			`affinity:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`{{- with .Values.tolerations }}`
			`tolerations:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`