1. Choose the chart source
CHART_REF=oci://registry-1.docker.io/hellocobi/cobi-dashboard
CHART_VERSION=0.1.0
The Helm chart is published as a public OCI artifact. If you are installing from a local checkout of the chart instead, skip these variables and use the local path in the helm install commands below.
2. Create the namespace
kubectl create namespace cobi
3. Create required Secrets
Docker Hub pull secret
Required if global.imagePullSecrets is set (needed for hellocobi/* private images).
kubectl create secret docker-registry dockerhub-secret \
--docker-server=https://index.docker.io/v1/ \
--docker-username=<username> \
--docker-password=<token> \
--docker-email=<email> \
--namespace cobi
Backend environment secret
The backend reads its configuration from a Kubernetes Secret. Create it with your environment-specific values:
kubectl create secret generic cobi-backend-secrets \
--namespace cobi \
--from-literal=DATABASE_URL="postgres://postgres:<password>@cobi-dashboard-postgresql:5432/dashboard_auth?schema=public" \
--from-literal=CORE_DATABASE_URL="postgres://postgres:<password>@cobi-dashboard-postgresql:5432/cobi_core?schema=public" \
--from-literal=BETTER_AUTH_SECRET="<random-string>" \
--from-literal=BETTER_AUTH_URL="https://api.example.com" \
--from-literal=FRONTEND_URL="https://app.example.com" \
--from-literal=CONNECT_SERVICE_URL="http://cobi-dashboard-connect:8000" \
--from-literal=QDRANT_URL="http://cobi-dashboard-qdrant:6333" \
--from-literal=S3_BUCKET="documents" \
--from-literal=S3_REGION="us-east-1" \
--from-literal=S3_ENDPOINT="http://cobi-dashboard-minio:9000" \
--from-literal=S3_ACCESS_KEY_ID="admin" \
--from-literal=S3_SECRET_ACCESS_KEY="<minio-root-password>" \
--from-literal=CONNECT_SERVICE_TOKEN="<shared-token>" \
--from-literal=CONNECT_BUCKET_PREFIX="ingestion"
Frontend environment secret
kubectl create secret generic cobi-frontend-secrets \
--namespace cobi \
--from-literal=NODE_ENV="production" \
--from-literal=VITE_API_BASE_URL="https://api.example.com" \
--from-literal=VITE_API_SANDBOX_URL="https://api.example.com"
VITE_API_BASE_URL must match the backend Gateway route, Ingress, or Route hostname.
Connect service secret
kubectl create secret generic cobi-connect-secrets \
--namespace cobi \
--from-literal=HOST="0.0.0.0" \
--from-literal=PORT="8000" \
--from-literal=CONNECT_SERVICE_TOKEN="<shared-token>" \
--from-literal=S3_ENDPOINT="http://cobi-dashboard-minio:9000"
CONNECT_SERVICE_TOKEN value in both the backend and connect secrets.
4. Build chart dependencies
If installing from a local chart directory:
cd charts/cobi-dashboard
helm dependency build
charts/.
5. Install
Choose a values file that matches your environment, then install:
helm install cobi-dashboard "$CHART_REF" \
--namespace cobi \
--version "$CHART_VERSION" \
--values my-values.yaml \
--wait
helm install cobi-dashboard ./charts/cobi-dashboard \
--namespace cobi \
--values my-values.yaml \
--wait
6. Verify the rollout
kubectl get pods -n cobi
kubectl get gateway,httproute -n cobi # Gateway API
kubectl get ingress -n cobi # Kubernetes
kubectl get routes -n cobi # OpenShift
Running / 1/1 Ready. The vLLM pod takes longer (~5 min) while it downloads model weights.
Upgrade
helm upgrade cobi-dashboard "$CHART_REF" \
--namespace cobi \
--version "$CHART_VERSION" \
--values my-values.yaml \
--wait
Uninstall
helm uninstall cobi-dashboard --namespace cobi
kubectl delete pvc -n cobi --all
Minimal values file
The following enables all application components with sensible defaults. Substitute your image tags and domain names:
global:
imagePullSecrets:
- dockerhub-secret
backend:
enabled: true
image:
repository: docker.io/hellocobi/dashboard-backend
tag: "0.2.6"
pullPolicy: IfNotPresent
envFrom:
- secretRef:
name: cobi-backend-secrets
s3:
existingSecret: cobi-backend-secrets
frontend:
enabled: true
image:
repository: docker.io/hellocobi/dashboard-frontend
tag: "0.1.9"
pullPolicy: IfNotPresent
envFrom:
- secretRef:
name: cobi-frontend-secrets
connect:
enabled: true
image:
repository: docker.io/hellocobi/dashboard-connect
tag: "823edd6d96f97aae01425d8c3ddfc9ef8839c65b"
pullPolicy: IfNotPresent
envFrom:
- secretRef:
name: cobi-connect-secrets
ingress:
enabled: true
className: nginx
tls:
- secretName: cobi-dashboard-tls
hosts:
- app.example.com
- api.example.com
- connect.example.com
app:
enabled: true
host: app.example.com
api:
enabled: true
host: api.example.com
connect:
enabled: true
host: connect.example.com
minio:
enabled: false
grafana:
enabled: false
gateway:
enabled: false
postgresql:
enabled: true
auth:
username: postgres
password: "<strong-password>"
database: dashboard_auth
primary:
initdb:
scripts:
create-core-db.sql: |
CREATE DATABASE cobi_core;
persistence:
enabled: true
size: 10Gi
qdrant:
enabled: true
persistence:
enabled: true
size: 10Gi
minio:
enabled: true
auth:
rootUser: admin
rootPassword: "<strong-password>"
defaultBuckets: "documents"
persistence:
enabled: true
size: 100Gi
otelLgtm:
enabled: true
# vLLM disabled by default — see vLLM Setup guide
vllmstack:
enabled: false
OpenShift values override
For OpenShift, disable Kubernetes Ingress and Gateway, then enable the chart’s frontend and backend API Routes:
ingress:
enabled: false
gateway:
enabled: false
# Enable OpenShift Routes
openshift:
route:
enabled: true
host: dashboard.apps.cluster.example.com
api:
enabled: true
host: api.apps.cluster.example.com
# Frontend secret
--from-literal=VITE_API_BASE_URL="https://api.apps.cluster.example.com"
--from-literal=VITE_API_SANDBOX_URL="https://api.apps.cluster.example.com"
# Backend secret
--from-literal=BETTER_AUTH_URL="https://api.apps.cluster.example.com"
--from-literal=FRONTEND_URL="https://dashboard.apps.cluster.example.com"
