# Helm Chart

The Helm chart option separates the infrastructure and permission provisioning process from the DBNL platform deployment process, allowing you to manage the infrastructure, permissions and Helm chart using their existing processes.

For access to the Helm chart and to get registry credentials, [please reach out to our team](https://distributional.com/sign-up/).

## Prerequisites

The following prerequisite steps are required before starting the Helm chart installation.

### Infrastructure

To successfully deploy the DBNL Helm chart, you will need the following infrastructure:

* A Kubernetes cluster (e.g. [EKS](https://aws.amazon.com/eks/), [GKE](https://cloud.google.com/kubernetes-engine)).
  * An [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) or [Gateway](https://kubernetes.io/docs/concepts/services-networking/gateway/) controller (e.g. [aws-load-balancer-controller](https://github.com/kubernetes-sigs/aws-load-balancer-controller), [ingress-gce](https://github.com/kubernetes/ingress-gce))
* A PostgreSQL database (e.g. [RDS](https://aws.amazon.com/rds/), [CloudSQL](https://cloud.google.com/sql)).
* An object store bucket (e.g. [S3](https://aws.amazon.com/s3/), [GCS](https://cloud.google.com/storage)) to store raw data.
* A Redis database (e.g. [ElasticCache](https://aws.amazon.com/elasticache/), [Memorystore](https://cloud.google.com/memorystore)) to act as a messaging queue.

### Configuration

To configure the DBNL Helm chart, you will need:

* A hostname to host the DBNL platform (e.g. dbnl.example.com). 
* A set of DBNL registry credentials to pull the DBNL artifacts (e.g. Docker images, Helm chart).
* An RSA key pair to sign the [personal access tokens](https://docs.dbnl.com/v0.23.x/using-distributional/access-controls/tokens). 

An RSA key pair can be generated with:

```bash
openssl genrsa -out dbnl_dev_token_key.pem 2048
```

### Requirements

To install the DBNL Helm chart, you will need:

* Install [kubectl](https://kubernetes.io/docs/tasks/tools/) and set the Kubernetes cluster context.
* Install [helm](https://helm.sh/docs/intro/install/).

### Permissions

For the services deployed by the Helm chart to work as expected, they will need the following permissions and network accesses:

* api-srv
  * Network access to the database.
  * Network access to the Redis database.
  * Permission to read, write and generate pre-signed URLs on the object store bucket.
* worker-srv
  * Network access to the database.
  * Network access to the Redis database.
  * Permission to read and write to the object store bucket.

## Installation

The Helm chart can be installed directly using [helm install](https://helm.sh/docs/helm/helm_install/) or using your chart release management tool of choice such as [ArgoCD](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/) or [FluxCD](https://fluxcd.io/flux/guides/helmreleases/).

### Steps

The steps to install the Helm chart using the Helm CLI are as follows:

1. Create an image pull secret with the your DBNL registry credentials.

```bash
kubectl create secret docker-registry dbnl-docker-cfg \
    --docker-server="us-docker.pkg.dev/dbnlai/images" \
    --docker-username="${DBNL_REGISTRY_USERNAME}" \
    --docker-password="${DBNL_REGISTRY_PASSWORD}"
```

2. Create a minimal `values.yaml` file.

<pre class="language-yaml"><code class="lang-yaml">imagePullSecrets:
  - name: dbnl-docker-cfg
  
<strong>auth:
</strong><strong>  # For more details on OIDC options, see OIDC Authentication section.
</strong>  oidc:
    enabled:   true
    issuer:    oidc.example.com
    audience:  xxxxxxxx
    clientId:  xxxxxxxx
    scopes:    "openid email profile"

db:
  host: db.example.com
  port: 5432
  username: user
  password: password
  database: database

redis:
  host: redis.example.com
  port: 6379
  username: user
  password: password

ingress:
  enabled: true
  api:
    host: dbnl.example.com
  ui:
    host: dbnl.example.com

storage:
  s3:
    enabled: true
    region: us-east-1
    bucket: example-bucket
</code></pre>

3. Log into the DBNL Helm registry.

```bash
helm login \
    --username ${DBNL_REGISTRY_USERNAME} \
    --password ${DBNL_REGISTRY_PASSWORD} \
    us-docker.pkg.dev/dbnlai/charts
```

4. Install the Helm chart.

```bash
helm upgrade \
    --install \
    -f values.yaml \
    dbnl oci://us-docker.pkg.dev/dbnlai/charts/dbnl
```

### Options

For more details on all the installation options, see the Helm chart README and values.yaml files. The chart can be inspected with:

```bash
helm show all oci://us-docker.pkg.dev/dbnlai/charts
```