Helm Chart Overlay: c3aiops

As part of the C3 Agentic AI Platform installation and deployment process, C3 AI uses Helm to deploy Kubernetes resources for the platform. In a standard deployment, C3 AI Operations deploys the c3crds, c3aiops, and c3server Helm charts for your organization. However, if you are a cluster administrator who deploys the Helm charts for your organization or needs to modify its configurations, use this topic as guidance.

This topic provides the minimum configuration requirements, additional configuration options, and how to access granular configuration settings for the c3aiops Helm chart.

Deviatuions from the guidance in this topic might cause upgrade challenges during subsequent releases. Maintain proper change controls to ensure successful product upgrades. Carefully review the "Patch Notes" in Supported Platform Versions for any changes that might impact your specific configurations.

Requirements

See the following documentation before you configure the c3aiops overlay:

Non-Standard Deployment Requirements
Secret Creation for Installation and Deployment
C3 AI Helm Chart Overview and Installation. Configure the c3aiops overlay after you complete the "Add Helm charts" step.

Minimum configuration

The following code snippets come from an example overlay. They contain comments to describe each field and additional examples for other cloud providers. Use these examples as guidance on how to set the minimum configurations in your c3aiops overlay.

global

Set values in the global section. The Helm chart reuses these values as defaults in the rest of the file, unless you configure them otherwise.

Replace the values with your own secret names, storage location, and registry URL if you're using a custom registry.

YAML

global:
  # Image pull secret to use when pulling application images
  imageRegistry: registry.c3.ai # or custom registry
  imagePullSecrets:
    - registryc3ai
  helmPullSecrets:
    - helm-repo-c3aiops
  # Azure blob container name where to store blob objects
  mount: <azure_container_name> # S3 bucket for AWS, GCS bucket for GCP
  azure:
    resourceGroup: <cluster_id>-rsgp-c3-01
    storageAccount: c3<cluster_id>
  # For AWS: 
  # aws:
  #   region: <aws_region>
  #   accountId: <aws_account_id>
  # For GCP:
  # gcp:
  #   projectId: <gcp_project_id>
  #   region: <gcp_region>

k8ssandra-operator

Set values in the k8ssandra-operator section. The k8ssandra-operator deploys the K8ssandra operator that manages Cassandra clusters. See K8ssandra Operator to learn more about the K8ssandra operator.

Replace the values with your own secret names and registry URL if you use a custom registry.

YAML

k8ssandra-operator:
  image:
    registry: registry.c3.ai
  imagePullSecrets:
    - name: registryc3ai
  cass-operator:
    imagePullSecrets:
      - name: registryc3ai
    image:
      registry: registry.c3.ai
      registryOverride: registry.c3.ai # Set if applicable. Registry override for all k8ssandra images

c3ExternalSecrets, c3CD, and c3IncidentResponse

Thec3ExternalSecrets, c3CD, and c3IncidentResponse sections do the following:

c3ExternalSecrets: Deploys external secret operator to manage secrets.
c3CD: Allows C3 AI Operations to manage your deployment.
C3IncidentResponse: Alerts C3 AI of deployment issues.

For non-standard deployments, set the following values:

YAML

c3ExternalSecrets:
  enabled: true
c3CD:
  enabled: false
c3IncidentResponse:
  enabled: false

For standard deployments, set the following values:

YAML

c3ExternalSecrets:
  enabled: true
c3CD:
  enabled: true
c3IncidentResponse:
  enabled: true

Additional configurations

The following code is an example of an entire overlay file for an Azure deployment. Use this file as guidance on how to set additional configurations for your c3aiops overlay:

YAML

cloud: azure # Your cloud provider or on-prem for on-premises deployments
c3server:
  cpa:
    enabled: false
clusterId: <cluster_id> # Must match cluster name requirements listed in install guides at https://c3.ai/legal/
deploymentMode: production # Or development
c3Customer: c3 # Your organization's name
global:
  # Image pull secret to use when pulling application images
  imageRegistry: registry.c3.ai # or custom registry
  imagePullSecrets:
    - registryc3ai
  helmPullSecrets:
    - helm-repo-c3aiops
  # Azure blob container name where to store blob objects
  mount: <azure_container_name> # S3 bucket for AWS, GCS bucket for GCP
  azure:
    resourceGroup: <cluster_id>-rsgp-c3-01
    storageAccount: c3<cluster_id>
  # For AWS: 
  # aws:
  #   region: <aws_region>
  #   accountId: <aws_account_id>
  # For GCP:
  # gcp:
  #   projectId: <gcp_project_id>
  #   region: <gcp_region>
image:
  registry: registry.c3.ai # URL to your registry
resources: # Resources for the main c3aiops pod, which is the C3 AI operator that functions like a Kubernetes operator 
  limits:
    cpu: 500m
    memory: 1024Mi
  requests:
    cpu: 500m
    memory: 1024Mi
adm:
  imagePullSecret: # Provide secret name
    name: registryc3ai
  image:
    registry: registry.c3.ai # The registry where all C3 AI images are stored. If your organization uses its own registry with a dedicated repository for C3 AI images, input <registry_url>/<repository_name>
c3Cassandra: # Wrapper for the k8ssandra operator that maps to an open source k8ssandra chart.
  enabled: true # Set to true if you want to deploy Cassandra
  affinity: null # Remove line for on-premises deployments and replace with the following lines:

  # enabled: true
  # tolerations: []
  # affinity: {}

  serviceAccount:
    create: true
  registryOverride: registry.c3.ai # Set if applicable. Registry override for all Cassandra images 
  backup:
    enabled: true
    image:
      registry: registry.c3.ai
  stargate:
    image:
      registry: registry.c3.ai
k8ssandra-operator: # See https://docs.k8ssandra.io/components/k8ssandra-operator/
  enabled: true 
  cass-operator:
    enabled: true
    image:
      registry: registry.c3.ai
      registryOverride: registry.c3.ai # Set if applicable. Registry override for all k8ssandra images 
    imagePullSecrets:
      - name: registryc3ai
  image:
    registry: registry.c3.ai
  imagePullSecret:
    name: registryc3ai
  imagePullSecrets:
    - name: registryc3ai
c3LogSystem: # c3LogSystem makes use of OpenSearch to provide log aggregation analysis within the cluster. Contains components that handle c3service logging and provide OpenSearch UI to cluster users
  enabled: true
  tolerations: []
  affinity: {}
  logstash: # Configuration for storing logs. DaemonSet (runs on every node). Affects compute for all other workloads
    replicas: 1
    resources:
      limits:
        cpu: "4"
      requests:
        cpu: "4"
      memory: "8Gi"
  opensearch: # See https://docs.opensearch.org/latest/install-and-configure/install-opensearch/operator/
    replicas: 5
    resources:
      limits:
        cpu: "1"
      requests:
        cpu: "1"
      memory: "4Gi"
  coordinator: # Config for pod that runs OpenSearch UI. Not a DaemonSet
    replicas: 1
    persistence:
      size: 100Gi
    resources:
      limits:
        cpu: "1"
      requests:
        cpu: "1"
      memory: "8Gi"
  clusterManager: # Config for pod that runs OpenSearch UI. Not a DaemonSet
    resources:
      limits:
        cpu: "500m"
      requests:
        cpu: "500m"
      memory: "32Gi"
  search: # Config for pod that runs OpenSearch UI. Not a DaemonSet
    replicas: 1
    persistence:
      size: 100Gi
    resources:
      limits:
        cpu: "1"
      requests:
        cpu: "1"
      memory: "500Mi"
  filebeat: # DaemonSet (runs on every node) -- affects compute for all other workloads
    resources:
      limits:
        cpu: "500m"
      requests:
        cpu: "200m"
      memory: "500Mi"
  dashboard: # Config for pod that runs OpenSearch UI. Not a DaemonSet
    resources:
      limits:
        cpu: "500m"
      requests:
        cpu: "500m"
      memory: "3Gi"
c3IngressController: # Enable if using a Layer 7 load balancer. Refer to Layer 7 load balancer documentation in the "See also" section of this topic
  enabled: true
  cloudNativeIngress:
    enabled: true
    controllerConfig: # Configure according to your needs
      azure: # Or gcp or aws
        sslPolicy: "<ssl_policy_name>" # Obtain SSL policy from your cloud provider
        waf: # Enables Web Application Firewall (WAF)
          enabled: true
        wafv2: # Configures WAF version 2
          enabled: true
        shield: # Configures denial-of-service (DDoS) protection services
          enabled: true
    
c3Observability: # Deploys Grafana and Prometheus for monitoring C3 AI services
  enabled: true
  prometheusOperator: # C3 AI Studio and Grafana both use the Prometheus operator, which collects and stores metrics 
    resources:
      limits:
        cpu: "300m"
        memory: "1Gi"
  tolerations: []
  affinity: {}
c3Boot:
  enabled: true
c3Postgres:
  adminSecret: c3postgres-admin-secret
  enabled: true
c3ExternalSecrets: # Deploys an external secrets operator to manage secrets
  enabled: true
  resources:
    limits:
      cpu: 20m
      memory: 300Mi
    requests:
      cpu: 20m
      memory: 300Mi
c3CD: # Allows C3 AI Operations to manage your deployment. Disable or remove fields for non-standard deployments 
  enabled: true
  source:
    cdc:
      centralEndpoint: https://telemetry.c3.ai
      vault:
        address: https://telemetry.c3.ai
c3Logger:
  enabled: true
c3Telemetry: # Set consumer mount
  consumer:
    mount: <cluster_id> 
    # AWS example: mount: <aws_account_id>--<cluster_id>
    # GCP example: mount: c3--<cluster_id>
  enabled: true
  azure:
    managedIdentityClientId: <azure_client_id> # c3-mi-01 output from Terraform module. Required if setting consumer mount for Azure
    storageAccount: c3<cluster_id> # Required if setting consumer mount for Azure
labels:
  azure.workload.identity/use: "true"
podLabels:
  azure.workload.identity/use: "true"
serviceAccount: # Set to allow Kubernetes pods to access cloud resource. If using managed identity for authentication, set annotations and labels.
  annotations:
    azure: <azure_client_id> # Service account maps to this cloud identity. See previous "Minimum configurations" section for other cloud provider examples.
  labels:
    azure.workload.identity/use: "true"
c3IncidentResponse: # Set to false to disable alerting C3 AI of issues.
  enabled: true
  alertRules:
    enabled: false # Only used for internal C3 AI alerting
  cdc: # Remove field if you install and deploy the platform yourself. 
    mount: <cluster_id>
cert-manager: # Sets registry for cert-manager. Leave as is if you set the global section. See https://artifacthub.io/packages/helm/cert-manager/cert-manager
  cainjector:
    image:
      registry: registry.c3.ai
  image:
    registry: registry.c3.ai
  webhook:
    image:
      registry: registry.c3.ai

Granular configuration

To set the c3aiops Helm chart configurations at the most granular level, download and configure the values.yaml file.

If you have not already, run the following command to add the charts to your local machine:

Command Line

helm repo add c3 https://jfrog.c3.ai/artifactory/charts/ --username "<username>" --password "<password>"

Run the following command to download the values:

Command Line

helm pull c3/c3aiops --version $C3AIOPS_VERSION -d $CHARTS_DIR

Copy link to this sectionRequirements

Copy link to this sectionMinimum configuration

Copy link to this sectionglobal

Copy link to this sectionk8ssandra-operator

Copy link to this sectionc3ExternalSecrets, c3CD, and c3IncidentResponse

Copy link to this sectionAdditional configurations

Copy link to this sectionGranular configuration

Copy link to this sectionSee also

Requirements

Minimum configuration

global

k8ssandra-operator

c3ExternalSecrets, c3CD, and c3IncidentResponse

Additional configurations

Granular configuration

See also