Skip to content
Floe

Kubernetes (Helm)

This document covers Helm-based Kubernetes deployment for floe.

Note: For the latest chart documentation, see:

Quick Start

Section titled “Quick Start”
Terminal window
helm dependency update ./charts/floe-platform
helm upgrade --install floe ./charts/floe-platform \
  --namespace floe-dev \
  --create-namespace

For published chart validation, use the release artifact path documented in the release checklist for the version you are installing.

1. Chart Structure

Section titled “1. Chart Structure”

charts/floe-platform is the alpha platform chart. It uses direct Helm values and chart dependencies; this guide does not claim manifest-driven chart assembly.

charts/
+-- floe-platform/
|   +-- Chart.yaml
|   +-- values.yaml
|   +-- templates/
|       +-- _helpers.tpl
|       +-- deployment-polaris.yaml
|       +-- deployment-marquez.yaml
|       +-- service-polaris.yaml
|       +-- service-postgresql.yaml
|       +-- statefulset-postgresql.yaml
|       +-- ingress.yaml
|
+-- floe-jobs/
    +-- Chart.yaml
    +-- values.yaml
    +-- templates/

Chart.yaml declares the current subchart dependencies for Dagster, OpenTelemetry, Jaeger, MinIO, and a local Cube semantic-layer chart. The Cube dependency is present but starts disabled via cube.enabled: false. Floe-owned templates in templates/ render Polaris, Marquez, PostgreSQL, bootstrap jobs, RBAC, network policy, ingress, and tests.

2. Alpha Deployment Model

Section titled “2. Alpha Deployment Model”

The alpha chart deploys platform services into a Kubernetes namespace using Helm. Defaults are optimized for local/dev evaluation, not production hardening.

Service names come from two naming rules:

  • Parent-chart Floe services use fullnameOverride when set. The default is floe-platform, so Polaris renders as floe-platform-polaris and PostgreSQL renders as floe-platform-postgresql.
  • The upstream Dagster subchart prefixes the webserver service with the Helm release name. With helm upgrade --install floe ..., the webserver service is floe-dagster-webserver.

3. Current Values Excerpt

Section titled “3. Current Values Excerpt”

The excerpt below uses real keys from charts/floe-platform/values.yaml. Keep environment overrides small and verify them with helm template before applying.

global:
  environment: dev
  imagePullPolicy: IfNotPresent
  storageClass: ""
  commonLabels: {}
  commonAnnotations: {}


namespace:
  create: false
  name: ""


fullnameOverride: floe-platform


clusterMapping:
  nonProd:
    cluster: ""
    environments:
      - dev
      - qa
      - staging
    namespaceTemplate: "floe-{{ .environment }}"
    resources:
      preset: small
  prod:
    cluster: ""
    environments:
      - prod
    namespaceTemplate: "floe-prod"
    resources:
      preset: large


resourcePresets:
  small:
    requests:
      cpu: 100m
      memory: 256Mi
    limits:
      cpu: 500m
      memory: 512Mi


dagster:
  enabled: true
  dagsterWebserver:
    replicaCount: 1
    service:
      type: ClusterIP
      port: 80
  dagsterDaemon:
    enabled: true


polaris:
  enabled: true
  service:
    type: ClusterIP
    port: 8181
    managementPort: 8182


otel:
  enabled: true
  fullnameOverride: floe-platform-otel
  mode: deployment


postgresql:
  enabled: true
  auth:
    database: floe
    username: floe
    password: ""
    existingSecret: ""


minio:
  enabled: false


jaeger:
  enabled: true


marquez:
  enabled: true


cube:
  enabled: false


networkPolicy:
  enabled: false


ingress:
  enabled: false

otel.fullnameOverride controls the OTel subchart service/resource name. If you change it, also override the Dagster webserver and daemon OTEL_EXPORTER_OTLP_ENDPOINT env values to the matching http://<otel-service>:4317 endpoint. The Dagster subchart renders those env values as static YAML, not templates.

4. Secrets And Credentials

Section titled “4. Secrets And Credentials”

The alpha chart supports existing Kubernetes Secrets for sensitive values. Do not put long-lived credentials directly in committed values files.

Useful current keys include:

PurposeValues keys
PostgreSQL passwordpostgresql.auth.password, postgresql.auth.existingSecret, postgresql.auth.existingSecretKey
Polaris bootstrap credentialspolaris.auth.existingSecret, polaris.auth.bootstrapCredentials.clientId, polaris.auth.bootstrapCredentials.clientSecret
MinIO local/demo credentialsminio.auth.rootUser, minio.auth.rootPassword, minio.auth.existingSecret
External Secrets integrationexternalSecrets.enabled, externalSecrets.postgresql.enabled, externalSecrets.minio.enabled, externalSecrets.secrets

5. Default Resource Shape

Section titled “5. Default Resource Shape”

These are chart defaults for alpha evaluation. They are not production capacity recommendations.

ComponentDefault requestDefault limit
Dagster webserver100m CPU, 256Mi memory500m CPU, 512Mi memory
Dagster daemon100m CPU, 256Mi memory500m CPU, 512Mi memory
Dagster run pods100m CPU, 256Mi memory1000m CPU, 1Gi memory
Polaris200m CPU, 512Mi memory1000m CPU, 1Gi memory
PostgreSQL100m CPU, 256Mi memory500m CPU, 512Mi memory
Section titled “Related Documentation”