Configure the OpenLIT Operator deployment using Helm chart values
Parameter | Description | Default | Example |
---|---|---|---|
global.namespace | Operator namespace override | "" (uses release namespace) | openlit-system |
global.commonLabels | Labels added to all resources | {} | {team: "platform"} |
global.commonAnnotations | Annotations added to all resources | {} | {version: "v1.0.0"} |
Global Configuration Example
Parameter | Description | Default | Example |
---|---|---|---|
image.repository | Operator image repository | ghcr.io/openlit/openlit-operator | my-registry.com/openlit-operator |
image.tag | Operator image tag | "" (uses Chart.AppVersion) | v1.0.0 |
image.pullPolicy | Image pull policy | IfNotPresent | Always |
image.pullSecrets | Image pull secrets | [] | [{name: "regcred"}] |
Operator Image Example
Parameter | Description | Default | Example |
---|---|---|---|
providerImages.openlit.repository | OpenLIT provider image | ghcr.io/openlit/openlit-ai-instrumentation | my-registry.com/openlit-provider |
providerImages.openlit.tag | OpenLIT provider tag | "" (inherits operator tag) | v1.2.0 |
providerImages.openllmetry.repository | OpenLLMetry provider image | ghcr.io/openlit/openllmetry-ai-instrumentation | Custom registry |
providerImages.openllmetry.tag | OpenLLMetry provider tag | "" (inherits operator tag) | v1.1.0 |
providerImages.openinference.repository | OpenInference provider image | ghcr.io/openlit/openinference-ai-instrumentation | Custom registry |
providerImages.openinference.tag | OpenInference provider tag | "" (inherits operator tag) | v0.5.0 |
Provider Images Example
Parameter | Description | Default | Example |
---|---|---|---|
resources.requests.cpu | CPU request | 100m | 200m |
resources.requests.memory | Memory request | 128Mi | 256Mi |
resources.limits.cpu | CPU limit | 500m | 1000m |
resources.limits.memory | Memory limit | 512Mi | 1Gi |
Resource Management Example
Parameter | Description | Default | Example |
---|---|---|---|
deployment.replicas | Number of operator replicas | 1 | 3 |
deployment.strategy.type | Deployment strategy | RollingUpdate | Recreate |
deployment.podAnnotations | Pod annotations | {} | {version: "v1.0.0"} |
deployment.podLabels | Pod labels | {} | {component: "operator"} |
deployment.nodeSelector | Node selector | {} | {role: "system"} |
deployment.tolerations | Pod tolerations | Control plane tolerations | Custom tolerations |
deployment.affinity | Pod affinity rules | {} | Anti-affinity config |
deployment.priorityClassName | Priority class | "" | system-cluster-critical |
High Availability Deployment Example
Parameter | Description | Default | Example |
---|---|---|---|
webhook.service.name | Webhook service name | "" (auto-generated) | openlit-webhook |
webhook.service.type | Service type | ClusterIP | LoadBalancer |
webhook.service.port | Service port | 443 | 8443 |
webhook.service.targetPort | Target port | 9443 | 8443 |
webhook.service.annotations | Service annotations | {} | Load balancer config |
Parameter | Description | Default | Example |
---|---|---|---|
webhook.server.port | Webhook server port | 9443 | 8443 |
webhook.server.path | Webhook path | "/mutate" | "/webhook" |
webhook.server.certDir | Certificate directory | "/tmp/k8s-webhook-server/serving-certs" | "/certs" |
Parameter | Description | Default | Example |
---|---|---|---|
webhook.failurePolicy | Failure policy | Ignore | Fail |
webhook.reinvocationPolicy | Reinvocation policy | Never | IfNeeded |
webhook.configName | Webhook configuration name | "" (auto-generated) | openlit-webhook |
Webhook Configuration Example
Parameter | Description | Default | Example |
---|---|---|---|
serviceAccount.create | Create service account | true | false |
serviceAccount.name | Service account name | "" (auto-generated) | custom-sa |
serviceAccount.annotations | SA annotations | {} | OIDC annotations |
Service Account Example
Parameter | Description | Default | Example |
---|---|---|---|
rbac.create | Create RBAC resources | true | false |
rbac.clusterRoleName | Cluster role name | "" (auto-generated) | openlit-operator |
rbac.clusterRoleBindingName | Cluster role binding name | "" (auto-generated) | openlit-operator |
RBAC Example
Parameter | Description | Default | Example |
---|---|---|---|
deployment.podSecurityContext.runAsNonRoot | Run as non-root | false | true |
deployment.podSecurityContext.runAsUser | User ID | 0 | 65534 |
deployment.podSecurityContext.fsGroup | Filesystem group | 0 | 65534 |
deployment.securityContext.allowPrivilegeEscalation | Allow privilege escalation | false | true |
deployment.securityContext.readOnlyRootFilesystem | Read-only root filesystem | false | true |
deployment.securityContext.runAsNonRoot | Container runs as non-root | false | true |
Security Context Example
Parameter | Description | Default | Example |
---|---|---|---|
tls.validityDays | Certificate validity in days | 365 | 730 |
tls.refreshDays | Certificate refresh threshold in days | 30 | 60 |
tls.secretName | TLS secret name | "" (auto-generated) | webhook-tls |
TLS Configuration Example
Parameter | Description | Default | Example |
---|---|---|---|
observability.logLevel | Log level | info | debug |
observability.selfMonitoringEnabled | Enable self-monitoring with OpenTelemetry | false | true |
observability.otel.endpoint | OTLP endpoint for operator telemetry | "" | http://openlit:4318 |
observability.otel.headers | OTLP headers | "" | Authorization=Bearer token |
observability.otel.logsEndpoint | OTLP logs endpoint | "" | http://openlit:4318/v1/logs |
observability.otel.metricsEndpoint | OTLP metrics endpoint | "" | http://openlit:4318/v1/metrics |
Observability Configuration Example
Parameter | Description | Default | Example |
---|---|---|---|
healthcheck.port | Health check port | 8081 | 9090 |
healthcheck.livenessProbe.initialDelaySeconds | Liveness probe initial delay | 15 | 30 |
healthcheck.livenessProbe.periodSeconds | Liveness probe period | 20 | 30 |
healthcheck.readinessProbe.initialDelaySeconds | Readiness probe initial delay | 5 | 10 |
healthcheck.readinessProbe.periodSeconds | Readiness probe period | 10 | 15 |
Health Checks Example
Parameter | Description | Default | Example |
---|---|---|---|
instrumentation.defaultProvider | Default instrumentation provider | openlit | openinference |
instrumentation.defaultVersion | Default provider version | latest | v1.0.0 |
instrumentation.defaultImagePullPolicy | Default image pull policy for init containers | IfNotPresent | Always |
operator.defaultInitImage | Override default init image | "" | my-registry.com/custom:v1.0 |
Instrumentation Defaults Example
Parameter | Description | Default | Example |
---|---|---|---|
multiOperator.watchNamespace | Watch specific namespace only | "" (all namespaces) | production |
Multi-Operator Support Example
Parameter | Description | Default | Example |
---|---|---|---|
crd.install | Install CRDs | true | false |
crd.annotations | CRD annotations | {} | {version: "v1.0.0"} |
schema.validation | Enable schema validation | true | false |
CRD Configuration Example
Parameter | Description | Default | Example |
---|---|---|---|
env.extra | Additional environment variables | [] | Custom env vars |
Environment Variables Example
Parameter | Description | Default | Example |
---|---|---|---|
volumes.extra | Additional volumes | [] | ConfigMap volumes |
volumeMounts.extra | Additional volume mounts | [] | Custom mount paths |
Additional Volumes Example