Skip to main content

Kubernetes

LICENSEย Weaviate on Stackoverflow badgeย Weaviate issues on GitHub badgeย Weaviate version badgeย Weaviate total Docker pulls badgeย Go Report Card

Important Set the correct Weaviate version

Make sure to set your desired Weaviate version.

This can be done through either explicitly setting it as part of the values.yaml or through overwriting the default as outlined in the deployment step below.

Requirementsโ€‹

  • A Kuberentes Cluster with a recent version (e.g. >=1.23).
  • The cluster needs to be able to provision PersistentVolumes through PersistentVolumeClaims. No special file systems are required. Any default file system capable of ReadWriteOnce access mode is sufficient.
  • Helm (only v3 is compatible from Helm version "v16.3.0")

Weaviate Helm chartโ€‹

To obtain and install the Weaviate chart on your Kubernetes cluster, take the following steps:

Verify tool setup and cluster accessโ€‹

# Check if helm is installed
$ helm version
# Make sure `kubectl` is configured correctly and you can access the cluster.
# For example, try listing the pods in the currently configured namespace.
$ kubectl get pods

Obtain the Helm Chartโ€‹

Add the Weaviate helm repo that contains the Weaviate helm chart

helm repo add weaviate https://weaviate.github.io/weaviate-helm

Get the default values.yaml configuration file from the Weaviate helm chart:

helm show values weaviate/weaviate > values.yaml

Modify values.yaml (as necessary)โ€‹

You do not need to modify values.yaml

You can skip this step and run with all default values.

But, if you do not modify the defaults in values.yaml, make sure to set the appropriate Weaviate version at the deployment step.

In the values.yaml file you can tweak the configuration to align it with your setup. The yaml file is extensively documented to help you align the configuration with your setup.

Out of the box, the configuration file is setup for:

  • 1 Weaviate replica. (This cannot be changed at the moment, see below)
  • The text2vec-contextionary module is enabled and running with 1 replica. (This can be adjusted based on the expected load).
  • Other modules, such as text2vec-transformers, qna-transformers or img2vec-neural are disabled by default. They can be enabled by setting the respective enabled flag to true.

See the resource requests and limits in the example values.yaml. You can adjust them based on your expected load and the resources available on the cluster.

Authentication and authorizationโ€‹

An example configuration for authentication is shown below.

authentication:
  apikey:
    enabled: true
    allowed_keys:
      - readonly-key
      - secr3tk3y
    users:
      - readonly@example.com
      - admin@example.com
  anonymous_access:
    enabled: false
  oidc:
    enabled: true
    issuer: https://auth.wcs.api.weaviate.io/auth/realms/SeMI
    username_claim: email
    groups_claim: groups
    client_id: wcs
authorization:
  admin_list:
    enabled: true
    users:
      - someuser@weaviate.io
      - admin@example.com
    readonly_users:
      - readonly@example.com

In this example, the key readonly-key will authenticate a user as the readonly@example.com identity, and secr3tk3y will authenticate a user as admin@example.com.

OIDC authentication is also enabled, with WCS as the token issuer/identity provider. Thus, users with WCS accounts could be authenticated. This configuration sets someuser@weaviate.io as an admin user, so if someuser@weaviate.io were to authenticate, they will be given full (read and write) privileges.

For further, general documentation on authentication and authorization configuration, see:

Deploy (install the Helm chart)โ€‹

You can deploy the helm charts as follows:

# Create a Weaviate namespace
$ kubectl create namespace weaviate

# Deploy
$ helm install \
  "weaviate" \
  weaviate/weaviate \
  --install \
  --namespace "weaviate" \
  --values ./values.yaml

The above assumes that you have permissions to create a new namespace. If you have only namespace-level permissions, you can skip creating a new namespace and adjust the namespace argument on helm upgrade according to the name of your pre-configured namespace.

Updating the installation after the initial deploymentโ€‹

The above command (helm upgrade...) is idempotent, you can run it again, for example after adjusting your desired configuration.

Additional Configuration Helpโ€‹

Troubleshootingโ€‹

  • If you see No private IP address found, and explicit IP not provided, set the pod subnet to be in an valid ip address range of the following:

    10.0.0.0/8
    100.64.0.0/10
    172.16.0.0/12
    192.168.0.0/16
    198.19.0.0/16

More Resourcesโ€‹

If you can't find the answer to your question here, please look at the:

  1. Frequently Asked Questions. Or,
  2. Knowledge base of old issues. Or,
  3. For questions: Stackoverflow. Or,
  4. For more involved discussion: Weaviate Community Forum. Or,
  5. We also have a Slack channel.