Private Cloud Configuration

The Qdrant Private Cloud helm chart has several configuration options. The following YAML shows all configuration options with their default values:

operator:
  # Amount of replicas for the Qdrant operator (v2)
  replicaCount: 1

  image:
    # Image repository for the qdrant operator
    repository: registry.cloud.qdrant.io/qdrant/operator
    # Image pullPolicy
    pullPolicy: IfNotPresent
    # Overrides the image tag whose default is the chart appVersion.
    tag: ""

  # Optional image pull secrets
  imagePullSecrets:
    - name: qdrant-registry-creds

  nameOverride: ""
  fullnameOverride: "operator"

  # Service account configuration
  serviceAccount:
    create: true
    annotations: {}

  # Additional pod annotations
  podAnnotations: {}

  # pod security context
  podSecurityContext:
    runAsNonRoot: true
    runAsUser: 10001
    runAsGroup: 20001
    fsGroup: 30001

  # container security context
  securityContext:
    capabilities:
      drop:
      - ALL
    readOnlyRootFilesystem: true
    runAsNonRoot: true
    runAsUser: 10001
    runAsGroup: 20001
    allowPrivilegeEscalation: false
    seccompProfile:
      type: RuntimeDefault

  # Configuration for the Qdrant operator service to expose metrics
  service:
    enabled: true
    type: ClusterIP
    metricsPort: 9290

  # Configuration for the Qdrant operator service monitor to scrape metrics
  serviceMonitor:
    enabled: false

  # Resource requests and limits for the Qdrant operator
  resources: {}

  # Node selector for the Qdrant operator
  nodeSelector: {}

  # Tolerations for the Qdrant operator
  tolerations: []

  # Affinity configuration for the Qdrant operator
  affinity: {}

  watch:
    # If true, watches only the namespace where the Qdrant operator is deployed, otherwise watches the namespaces in watch.namespaces
    onlyReleaseNamespace: true
    # an empty list watches all namespaces.
    namespaces: []

  limitRBAC: true

  # Configuration for the Qdrant operator (v2)
  settings:
    # Does the operator run inside of a Kubernetes cluster (kubernetes) or outside (local)
    appEnvironment: kubernetes
    # The log level for the operator
    # Available options: DEBUG | INFO | WARN | ERROR
    logLevel: INFO 
    # Metrics contains the operator config related the metrics
    metrics:
      # The port used for metrics
      port: 9290
    # Health contains the operator config related the health probe
    healthz:
      # The port used for the health probe
      port: 8285
    # Controller related settings
    controller:
      # The period a forced recync is done by the controller (if watches are missed / nothing happened)
      forceResyncPeriod: 10h
      # QPS indicates the maximum QPS to the master from this client.
      # Default is 200
      qps: 200
      # Maximum burst for throttle.
      # Default is 500.
      burst: 500
      # If set to true, the operator reconciles all watched CRs,
      # fully ignoring operator.qdrant.com/version annotation on them
      disableOperatorVersionCheck: true
    # Features contains the settings for enabling / disabling the individual features of the operator
    features:
      # ClusterManagement contains the settings for qdrant (database) cluster management
      clusterManagement:
        # Whether or not the Qdrant cluster features are enabled.
        # If disabled, all other properties in this struct are disregarded. Otherwise, the individual features will be inspected.
        # Default is true.
        enable: true
        # The StorageClass used to make database and snapshot PVCs.
        # Default is nil, meaning the default storage class of Kubernetes.
        storageClass:
          # The StorageClass used to make database PVCs.
          # Default is nil, meaning the default storage class of Kubernetes.
          #database:
          # The StorageClass used to make snapshot PVCs.
          # Default is nil, meaning the default storage class of Kubernetes.
          #snapshot:
        # Qdrant config contains settings specific for the database
        qdrant:
          # The config where to find the image for qdrant
          image: 
            # The repository where to find the image for qdrant
            # Default is "qdrant/qdrant"
            repository: registry.cloud.qdrant.io/qdrant/qdrant
            # Docker image pull policy
            # Default "IfNotPresent", unless the tag is dev, master or latest. Then "Always"
            #pullPolicy:
            # Docker image pull secret name
            # This secret should be available in the namespace where the cluster is running
            # Default not set
            pullSecretName: qdrant-registry-creds
          # storage contains the settings for the storage of the Qdrant cluster
          storage:
            performance:
              # CPU budget, how many CPUs (threads) to allocate for an optimization job.
              # If 0 - auto selection, keep 1 or more CPUs unallocated depending on CPU size
              # If negative - subtract this number of CPUs from the available CPUs.
              # If positive - use this exact number of CPUs.
              optimizerCpuBudget: 0
              # Enable async scorer which uses io_uring when rescoring.
              # Only supported on Linux, must be enabled in your kernel.
              # See: <https://qdrant.tech/articles/io_uring/#and-what-about-qdrant>
              asyncScorer: false
          # Qdrant DB log level
          # Available options: DEBUG | INFO | WARN | ERROR 
          # Default is "INFO"
          logLevel: INFO
          # Default Qdrant security context configuration
          securityContext:
            # Enable default security context
            # Default is false
            enabled: false
            # Default user for qdrant container
            # Default not set
            #user: 1000
            # Default fsGroup for qdrant container
            # Default not set
            #fsUser: 2000
            # Default group for qdrant container
            # Default not set
            #group: 3000
          # Network policies configuration for the Qdrant databases
          networkPolicies:
            ingress:
              - ports:
                  - protocol: TCP
                    port: 6333
                  - protocol: TCP
                    port: 6334
            # Allow DNS resolution from qdrant pods at Kubernetes internal DNS server
            egress:
              - ports:
                  - protocol: UDP
                    port: 53
        # Scheduling config contains the settings specific for scheduling
        scheduling:
          # Default topology spread constraints (list from type corev1.TopologySpreadConstraint)
          # Default is an empty list
          topologySpreadConstraints: []
          # Default pod disruption budget (object from type policyv1.PodDisruptionBudgetSpec)
          # Default is not set
          podDisruptionBudget:  {}
        # ClusterManager config contains the settings specific for cluster manager
        clusterManager:
          # Whether or not the cluster manager (on operator level).
          # If disabled, all other properties in this struct are disregarded. Otherwise, the individual features will be inspected.
          # Default is false.
          enable: true
          # The endpoint address the cluster manager could be reached
          # If set, this should be a full URL like: http://cluster-manager.qdrant-cloud-ns.svc.cluster.local:7333
          endpointAddress: http://cluster-manager
          # InvocationInterval is the interval between calls (started after the previous call is retured)
          # Default is 10 seconds
          invocationInterval: 10s
          # Timeout is the duration a single call to the cluster manager is allowed to take.
          # Default is 30 seconds
          timeout: 30s
          # Specifies overrides for the manage rules
          manageRulesOverrides:
            #dry_run: 
            #max_transfers:
            #max_transfers_per_collection:
            #rebalance:
            #replicate:
        # Ingress config contains the settings specific for ingress
        ingress:
          # Whether or not the Ingress feature is enabled.
          # Default is true.
          enable: false
          # Which specific ingress provider should be used
          # Default is KubernetesIngress
          provider: KubernetesIngress
          # The specific settings when the Provider is QdrantCloudTraefik
          qdrantCloudTraefik:
            # Enable tls
            # Default is false
            tls: false
            # Secret with TLS certificate
            # Default is None
            secretName: ""
            # List of Traefik middlewares to apply
            # Default is an empty list
            middlewares: []
            # IP Allowlist Strategy for Traefik
            # Default is None
            ipAllowlistStrategy:
            # Enable body validator plugin and matching ingressroute rules
            # Default is false
            enableBodyValidatorPlugin: false
          # The specific settings when the Provider is KubernetesIngress
          kubernetesIngress:
            # Name of the ingress class
            # Default is None
            #ingressClassName:
        # TelemetryTimeout is the duration a single call to the cluster telemetry endpoint is allowed to take.
        # Default is 3 seconds
        telemetryTimeout: 3s
        # MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 20.
        maxConcurrentReconciles: 20  
        # VolumeExpansionMode specifies the expansion mode, which can be online or offline (e.g. in case of Azure).
        # Available options: Online, Offline
        # Default is Online
        volumeExpansionMode: Online
      # BackupManagementConfig contains the settings for backup management
      backupManagement:
        # Whether or not the backup features are enabled.
        # If disabled, all other properties in this struct are disregarded. Otherwise, the individual features will be inspected.
        # Default is true.
        enable: true
        # Snapshots contains the settings for snapshots as part of backup management.
        snapshots:
          # Whether or not the Snapshot feature is enabled.
          # Default is true.
          enable: true
          # The VolumeSnapshotClass used to make VolumeSnapshots.
          # Default is "csi-snapclass".
          volumeSnapshotClass: "csi-snapclass"
          # The duration a snapshot is retained when the phase becomes Failed or Skipped
          # Default is 72h (3d).
          retainUnsuccessful: 72h
          # MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
          maxConcurrentReconciles: 1
        # ScheduledSnapshots contains the settings for scheduled snapshot as part of backup management.
        scheduledSnapshots:
          # Whether or not the ScheduledSnapshot feature is enabled.
          # Default is true.
          enable: true
          # RemoveCronJobs can be enabled when the previous [Python] operator (qdrant-operator) has been run and this
          # operator should remove the cron jobs it created (not used by this operator anymore).
          # Default is true.
          removeCronJobs: true
          # MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
          maxConcurrentReconciles: 1
        # Restores contains the settings for restoring (a snapshot) as part of backup management.
        restores:
          # Whether or not the Restore feature is enabled.
          # Default is true.
          enable: true
          # MaxConcurrentReconciles is the maximum number of concurrent Reconciles which can be run. Defaults to 1.
          maxConcurrentReconciles: 1

qdrant-cluster-manager:
  replicaCount: 1

  image:
    repository: registry.cloud.qdrant.io/qdrant/cluster-manager
    pullPolicy: IfNotPresent
    # Overrides the image tag whose default is the chart appVersion.
    tag: ""

  imagePullSecrets:
    - name: qdrant-registry-creds
  nameOverride: ""
  fullnameOverride: "qdrant-cluster-manager"

  serviceAccount:
    # Specifies whether a service account should be created
    create: true
    # Automatically mount a ServiceAccount's API credentials?
    automount: true
    # Annotations to add to the service account
    annotations: {}
    # The name of the service account to use.
    # If not set and create is true, a name is generated using the fullname template
    name: ""

  podAnnotations: {}
  podLabels: {}

  podSecurityContext:
    runAsNonRoot: true
    runAsUser: 10001
    runAsGroup: 20001
    fsGroup: 30001

  securityContext:
    capabilities:
      drop:
        - ALL
    readOnlyRootFilesystem: true
    runAsNonRoot: true
    runAsUser: 10001
    runAsGroup: 20001
    allowPrivilegeEscalation: false
    seccompProfile:
      type: RuntimeDefault

  service:
    type: ClusterIP

  networkPolicy:
    create: true

  resources: {}
    # We usually recommend not to specify default resources and to leave this as a conscious
    # choice for the user. This also increases chances charts run on environments with little
    # resources, such as Minikube. If you do want to specify resources, uncomment the following
    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
    # limits:
    #   cpu: 100m
    #   memory: 128Mi
    # requests:
    #   cpu: 100m
    #   memory: 128Mi

  nodeSelector: {}

  tolerations: []

  affinity: {}
Was this page useful?

Thank you for your feedback! 🙏

We are sorry to hear that. 😔 You can edit this page on GitHub, or create a GitHub issue.