studio/meet
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🧱(backend) add Helm chart for LiveKit agent deployment

Browse Source 
Create basic Helm chart for LiveKit agent framework deployment on
Kubernetes, inspired by meet-summary FastAPI server configuration.

Integrate chart into local tilt development stack and properly handle
certificate issues that typically occur when calling LiveKit server
with nip.io domain names.
This commit is contained in:
lebaudantoine
2025-06-20 18:17:28 +02:00
committed by aleb_the_flash
parent ea2e5e8609
commit 49ee46438b
6 changed files with 296 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
bin/Tiltfile
View File

@@ -66,6 +66,18 @@ docker_build(
)
clean_old_images('localhost:5001/meet-summary')
docker_build(
'localhost:5001/meet-agents:latest',
context='../src/agents',
dockerfile='../src/agents/Dockerfile',
only=['.'],
target = 'production',
live_update=[
sync('../src/agents', '/app'),
]
)
clean_old_images('localhost:5001/meet-agents')
# Copy the mkcert root CA certificate to our Docker build context
# This is necessary because we need to inject the certificate into our LiveKit container
local_resource(

31
src/helm/env.d/dev-keycloak/values.meet.yaml.gotmpl
View File

@@ -208,6 +208,37 @@ celery:
- "--pool=solo"
- "--loglevel=info"
agents:
replicas: 1
envVars:
LIVEKIT_URL: https://livekit.127.0.0.1.nip.io/
{{- with .Values.livekit.keys }}
{{- range $key, $value := . }}
LIVEKIT_API_SECRET: {{ $value }}
LIVEKIT_API_KEY: {{ $key }}
{{- end }}
{{- end }}
image:
repository: localhost:5001/meet-agents
pullPolicy: Always
tag: "latest"
# Extra volume mounts to manage our local custom CA and avoid to disable ssl
extraVolumeMounts:
- name: certs
mountPath: /usr/lib/ssl/cert.pem
subPath: cert.pem
# Extra volumes to manage our local custom CA and avoid to disable ssl
extraVolumes:
- name: certs
configMap:
name: certifi
items:
- key: cacert.pem
path: cert.pem
ingressMedia:
enabled: true
host: meet.127.0.0.1.nip.io

33
src/helm/meet/README.md
View File

@@ -282,3 +282,36 @@
| `celery.extraVolumeMounts` | Additional volumes to mount on the celery. | `[]` |
| `celery.extraVolumes` | Additional volumes to mount on the celery. | `[]` |
| `celery.pdb.enabled` | Enable pdb on celery | `false` |
### agents
| Name | Description | Value |
| ---------------------------------------------------- | --------------------------------------------------------------------------------- | --------------------- |
| `agents.image.repository` | Repository to use to pull meet's agents container image | `lasuite/meet-agents` |
| `agents.image.tag` | meet's agents container tag | `latest` |
| `agents.image.pullPolicy` | agents container image pull policy | `IfNotPresent` |
| `agents.dpAnnotations` | Annotations to add to the agents Deployment | `{}` |
| `agents.command` | Override the agents container command | `[]` |
| `agents.args` | Override the agents container args | `[]` |
| `agents.replicas` | Amount of agents replicas | `1` |
| `agents.shareProcessNamespace` | Enable share process namespace between containers | `false` |
| `agents.sidecars` | Add sidecars containers to agents deployment | `[]` |
| `agents.securityContext` | Configure agents Pod security context | `nil` |
| `agents.envVars` | Configure agents container environment variables | `undefined` |
| `agents.envVars.BY_VALUE` | Example environment variable by setting value directly | |
| `agents.envVars.FROM_CONFIGMAP.configMapKeyRef.name` | Name of a ConfigMap when configuring env vars from a ConfigMap | |
| `agents.envVars.FROM_CONFIGMAP.configMapKeyRef.key` | Key within a ConfigMap when configuring env vars from a ConfigMap | |
| `agents.envVars.FROM_SECRET.secretKeyRef.name` | Name of a Secret when configuring env vars from a Secret | |
| `agents.envVars.FROM_SECRET.secretKeyRef.key` | Key within a Secret when configuring env vars from a Secret | |
| `agents.podAnnotations` | Annotations to add to the agents Pod | `{}` |
| `agents.resources` | Resource requirements for the agents container | `{}` |
| `agents.nodeSelector` | Node selector for the agents Pod | `{}` |
| `agents.tolerations` | Tolerations for the agents Pod | `[]` |
| `agents.affinity` | Affinity for the agents Pod | `{}` |
| `agents.persistence` | Additional volumes to create and mount on the agents. Used for debugging purposes | `{}` |
| `agents.persistence.volume-name.size` | Size of the additional volume | |
| `agents.persistence.volume-name.type` | Type of the additional volume, persistentVolumeClaim or emptyDir | |
| `agents.persistence.volume-name.mountPath` | Path where the volume should be mounted to | |
| `agents.extraVolumeMounts` | Additional volumes to mount on the agents. | `[]` |
| `agents.extraVolumes` | Additional volumes to mount on the agents. | `[]` |
| `agents.pdb.enabled` | Enable pdb on agents | `false` |

9
src/helm/meet/templates/_helpers.tpl
View File

@@ -184,6 +184,15 @@ Requires top level scope
{{ include "meet.fullname" . }}-celery
{{- end }}
{{/*
Full name for the agents
Requires top level scope
*/}}
{{- define "meet.agents.fullname" -}}
{{ include "meet.fullname" . }}-agents
{{- end }}
{{/*
Usage : {{ include "meet.secret.dockerconfigjson.name" (dict "fullname" (include "meet.fullname" .) "imageCredentials" .Values.path.to.the.image1) }}
*/}}

137
src/helm/meet/templates/agents_deployment.yaml Normal file
View File

@@ -0,0 +1,137 @@
{{- $envVars := include "meet.common.env" (list . .Values.agents) -}}
{{- $fullName := include "meet.agents.fullname" . -}}
{{- $component := "agents" -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $fullName }}
annotations:
{{- with .Values.agents.dpAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "meet.common.labels" (list . $component) | nindent 4 }}
spec:
replicas: {{ .Values.agents.replicas }}
selector:
matchLabels:
{{- include "meet.common.selectorLabels" (list . $component) | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.agents.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "meet.common.selectorLabels" (list . $component) | nindent 8 }}
spec:
{{- if $.Values.image.credentials }}
imagePullSecrets:
- name: {{ include "meet.secret.dockerconfigjson.name" (dict "fullname" (include "meet.fullname" .) "imageCredentials" $.Values.image.credentials) }}
{{- end}}
shareProcessNamespace: {{ .Values.agents.shareProcessNamespace }}
containers:
{{- with .Values.agents.sidecars }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: {{ .Chart.Name }}
image: "{{ (.Values.agents.image | default dict).repository | default .Values.agents.image.repository }}:{{ (.Values.agents.image | default dict).tag | default .Values.agents.image.tag }}"
imagePullPolicy: {{ (.Values.agents.image | default dict).pullPolicy | default .Values.agents.image.pullPolicy }}
{{- with .Values.agents.command }}
command:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.agents.args }}
args:
{{- toYaml . | nindent 12 }}
{{- end }}
env:
{{- if $envVars}}
{{- $envVars | indent 12 }}
{{- end }}
{{- with .Values.agents.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.agents.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- range $index, $value := .Values.mountFiles }}
- name: "files-{{ $index }}"
mountPath: {{ $value.path }}
subPath: content
{{- end }}
{{- range $name, $volume := .Values.agents.persistence }}
- name: "{{ $name }}"
mountPath: "{{ $volume.mountPath }}"
{{- end }}
{{- range .Values.agents.extraVolumeMounts }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
subPath: {{ .subPath | default "" }}
readOnly: {{ .readOnly }}
{{- end }}
{{- with .Values.agents.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agents.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agents.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- range $index, $value := .Values.agents.mountFiles }}
- name: "files-{{ $index }}"
configMap:
name: "{{ include "meet.fullname" $ }}-files-{{ $index }}"
{{- end }}
{{- range $name, $volume := .Values.agents.persistence }}
- name: "{{ $name }}"
{{- if eq $volume.type "emptyDir" }}
emptyDir: {}
{{- else }}
persistentVolumeClaim:
claimName: "{{ $fullName }}-{{ $name }}"
{{- end }}
{{- end }}
{{- range .Values.agents.extraVolumes }}
- name: {{ .name }}
{{- if .existingClaim }}
persistentVolumeClaim:
claimName: {{ .existingClaim }}
{{- else if .hostPath }}
hostPath:
{{ toYaml .hostPath | nindent 12 }}
{{- else if .csi }}
csi:
{{- toYaml .csi | nindent 12 }}
{{- else if .configMap }}
configMap:
{{- toYaml .configMap | nindent 12 }}
{{- else if .emptyDir }}
emptyDir:
{{- toYaml .emptyDir | nindent 12 }}
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}
---
{{ if .Values.agents.pdb.enabled }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ $fullName }}
namespace: {{ .Release.Namespace | quote }}
spec:
maxUnavailable: 1
selector:
matchLabels:
{{- include "meet.common.selectorLabels" (list . $component) | nindent 6 }}
{{ end }}

74
src/helm/meet/values.yaml
View File

@@ -616,3 +616,77 @@ celery:
## @param celery.pdb.enabled Enable pdb on celery
pdb:
enabled: false
## @section agents
agents:
## @param agents.image.repository Repository to use to pull meet's agents container image
## @param agents.image.tag meet's agents container tag
## @param agents.image.pullPolicy agents container image pull policy
image:
repository: lasuite/meet-agents
pullPolicy: IfNotPresent
tag: "latest"
## @param agents.dpAnnotations Annotations to add to the agents Deployment
dpAnnotations: {}
## @param agents.command Override the agents container command
command: []
## @param agents.args Override the agents container args
args: []
## @param agents.replicas Amount of agents replicas
replicas: 1
## @param agents.shareProcessNamespace Enable share process namespace between containers
shareProcessNamespace: false
## @param agents.sidecars Add sidecars containers to agents deployment
sidecars: []
## @param agents.securityContext Configure agents Pod security context
securityContext: null
## @param agents.envVars Configure agents container environment variables
## @extra agents.envVars.BY_VALUE Example environment variable by setting value directly
## @extra agents.envVars.FROM_CONFIGMAP.configMapKeyRef.name Name of a ConfigMap when configuring env vars from a ConfigMap
## @extra agents.envVars.FROM_CONFIGMAP.configMapKeyRef.key Key within a ConfigMap when configuring env vars from a ConfigMap
## @extra agents.envVars.FROM_SECRET.secretKeyRef.name Name of a Secret when configuring env vars from a Secret
## @extra agents.envVars.FROM_SECRET.secretKeyRef.key Key within a Secret when configuring env vars from a Secret
## @skip agents.envVars
envVars:
<<: *commonEnvVars
## @param agents.podAnnotations Annotations to add to the agents Pod
podAnnotations: {}
## @param agents.resources Resource requirements for the agents container
resources: {}
## @param agents.nodeSelector Node selector for the agents Pod
nodeSelector: {}
## @param agents.tolerations Tolerations for the agents Pod
tolerations: []
## @param agents.affinity Affinity for the agents Pod
affinity: {}
## @param agents.persistence Additional volumes to create and mount on the agents. Used for debugging purposes
## @extra agents.persistence.volume-name.size Size of the additional volume
## @extra agents.persistence.volume-name.type Type of the additional volume, persistentVolumeClaim or emptyDir
## @extra agents.persistence.volume-name.mountPath Path where the volume should be mounted to
persistence: {}
## @param agents.extraVolumeMounts Additional volumes to mount on the agents.
extraVolumeMounts: []
## @param agents.extraVolumes Additional volumes to mount on the agents.
extraVolumes: []
## @param agents.pdb.enabled Enable pdb on agents
pdb:
enabled: false