Skip to main content

Documentation Index

Fetch the complete documentation index at: https://www.truefoundry.com/llms.txt

Use this file to discover all available pages before exploring further.

Deploy the TrueFoundry control plane and AI Gateway. See the overview for compute requirements and prerequisites.

Installation Instructions

1

Get S3 compatible storage

You can use Minio or any other S3 compatible storage.
If you’re using Minio or another S3-compatible storage solution, you’ll need to provide the following configuration:
  1. Bucket Name: Name of the S3-compatible bucket
  2. Region: Region identifier (can be any string for Minio)
  3. Access Key ID: Access key for authentication
  4. Secret Access Key: Secret key for authentication
  5. Endpoint URL: Full URL to your S3-compatible storage endpoint
These values will be used in the configuration steps below.
2

Create Postgres database

If you have a managed postgres database, we highly recommend you to use it. If you don’t have one, you can create a PostgreSQL database of size equivalent to db.t3.medium with storage size of 30GB.
Important Configuration Notes:
  • For PostgreSQL 17+: Disable SSL by setting force_ssl parameter to 0 in the parameter group
  • Security Group: Ensure your database security group/firewall rules allow traffic from Kubernetes node groups
For production environments, we strongly recommend using a managed PostgreSQL service:
  1. Create a PostgreSQL instance with the specifications from the Compute Requirements section
  2. Create a database named truefoundry (or your preferred name)
  3. Create a user with full permissions on this database
  4. Note down the following details:
    • DB_HOST: Database hostname or IP address
    • DB_PORT: Database port (usually 5432)
    • DB_NAME: Database name
    • DB_USERNAME: Database username
    • DB_PASSWORD: Database password
For development or testing purposes only, you can deploy PostgreSQL on Kubernetes:
  1. Set devMode.enabled: true in the values file (shown in a later step)
  2. The PostgreSQL will be automatically deployed with the control plane
This setup is NOT highly-available and should NOT be used for production environments.
3

Create Kubernetes Secrets

We will create two secrets in this step:
  1. Store the License Key and DB Credentials
  2. Store the Image Pull Secret
We need to create a Kubernetes secret containing the licence key and db credentials.
If you are using PostgreSQL on Kubernetes in the dev mode, the values will be as follows:DB_HOST: <HELM_RELEASE_NAME>-postgresql.<NAMESPACE>.svc.cluster.local // eg. truefoundry-postgresql.truefoundry.svc.cluster.localDB_NAME: truefoundryDB_USERNAME: postgres # In order to use custom username, please update the same at postgresql.auth.usernameDB_PASSWORD: randompassword # You can change this to any value here.
truefoundry-creds.yaml
apiVersion: v1
kind: Secret
metadata:
  name: truefoundry-creds
type: Opaque
stringData:
  TFY_API_KEY: <TFY_API_KEY> # Provided by TrueFoundry team
  DB_HOST: <DB_HOST>
  DB_NAME: <DB_NAME>
  DB_USERNAME: <DB_USERNAME>
  DB_PASSWORD: <DB_PASSWORD>
Apply the secret to the Kubernetes cluster (Assuming you are installing the control plane in the truefoundry namespace)
kubectl apply -f truefoundry-creds.yaml -n truefoundry
We need to create a Image Pull Secret to enable pulling the truefoundry images from the private registry.
truefoundry-image-pull-secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: truefoundry-image-pull-secret
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: <IMAGE_PULL_SECRET> # Provided by TrueFoundry team
Apply the secret to the Kubernetes cluster (Assuming you are installing the control plane in the truefoundry namespace)
kubectl apply -f truefoundry-image-pull-secret.yaml -n truefoundry
4

Create HelmChart Values file

Create a values file as given below and replace the following values:
  • Control Plane URL: URL that you will map to the control plane dashboard.
  • Tenant Name: Tenant name provided by TrueFoundry team.
  • AWS S3 Bucket Name: AWS S3 Bucket Name
  • AWS Region: AWS Region
  • AWS Access Key ID: AWS Access Key ID
  • AWS Secret Access Key: AWS Secret Access Key
  • AWS Endpoint URL: URL for your S3 compatible Blob storage
truefoundry-values.yaml
global:
  # Domain to map the control plane dashboard
  controlPlaneURL: https://example.com

  # Ask TrueFoundry team to provide these
  tenantName: <TENANT_NAME>

  # This is the reference to the secrets we created in the previous step
  existingTruefoundryCredsSecret: "truefoundry-creds"
  imagePullSecrets:
    - name: "truefoundry-image-pull-secret"
  ## Add if you have restricted public registry access
  # image:
  #   pullSecretNames:
  #   - "truefoundry-image-pull-secret"

  # Choose the resource tier as per your needs
  resourceTier: medium # or small or large

  config:
    defaultCloudProvider: "aws"
    storageConfiguration:
      # In case of S3 compatible storage, provide the details here
      awsS3BucketName: "<AWS_S3_BUCKET_NAME_EQUIVALENT>"
      awsRegion: "<AWS_REGION_EQUIVALENT>"
  ingress:
    hosts:
      - example.com
    enabled: true
    annotations: {}
    ingressClassName: nginx # Replace with your ingress class name
# In case, you want to spin up PostgreSQL on kubernetes, enable this
# Please add creds and host details in the secret `truefoundry-creds`
devMode:
  enabled: false
tags:
  llmGateway: true
  llmGatewayRequestLogging: true

servicefoundryServer:
  env:
    AWS_ACCESS_KEY_ID: <AWS_ACCESS_KEY_ID_EQUIVALENT>
    AWS_SECRET_ACCESS_KEY: <AWS_SECRET_ACCESS_KEY_EQUIVALENT>
    AWS_ENDPOINT_URL: <AWS_ENDPOINT_URL_EQUIVALENT>
    # AWS_ALLOW_HTTP: <AWS_ALLOW_HTTP_EQUIVALENT> (optional)

deltaFusionIngestor:
  env:
    AWS_ACCESS_KEY_ID: <AWS_ACCESS_KEY_ID_EQUIVALENT>
    AWS_SECRET_ACCESS_KEY: <AWS_SECRET_ACCESS_KEY_EQUIVALENT>
    AWS_ENDPOINT_URL: <AWS_ENDPOINT_URL_EQUIVALENT>
    # AWS_ALLOW_HTTP: <AWS_ALLOW_HTTP_EQUIVALENT> (optional)

deltaFusionQueryServer:
  env:
    AWS_ACCESS_KEY_ID: <AWS_ACCESS_KEY_ID_EQUIVALENT>
    AWS_SECRET_ACCESS_KEY: <AWS_SECRET_ACCESS_KEY_EQUIVALENT>
    AWS_ENDPOINT_URL: <AWS_ENDPOINT_URL_EQUIVALENT>
    # AWS_ALLOW_HTTP: <AWS_ALLOW_HTTP_EQUIVALENT> (optional)

# Disable few dependencies for only LLM Gateway setup
tfyBuild:
  enabled: false
sfyManifestService:
  enabled: false
tfyController:
  enabled: false
tfyConfigs:
  enabled: false
5

Install Helm chart

helm upgrade --install truefoundry oci://tfy.jfrog.io/tfy-helm/truefoundry -n truefoundry --create-namespace -f truefoundry-values.yaml