Pramiti Docs

Kubernetes

Helm chart deployment with production, development, and air-gapped profiles

Production deployment uses the Helm chart at helm/epistom/.

Installation

helm install epistom ./helm/epistom \
  --namespace epistom \
  --create-namespace \
  -f helm/epistom/values.yaml

Values Files

Three values files support different environments:

Production (values.yaml)

Default production configuration with recommended resource requests, replica counts, and security settings.

Development (values-dev.yaml)

Lower resource requests, debug logging, and relaxed security for development clusters:

helm install epistom ./helm/epistom \
  --namespace epistom-dev \
  --create-namespace \
  -f helm/epistom/values-dev.yaml

Air-Gapped (values-airgapped.yaml)

For deployments without internet access:

  • Private container registry references
  • No external network dependencies
  • Local LLM (Ollama) configuration
helm install epistom ./helm/epistom \
  --namespace epistom \
  --create-namespace \
  -f helm/epistom/values-airgapped.yaml

Key Configuration

Database

database:
  url: postgresql://user:pass@postgres:5432/epistom
  # Or use individual connection parameters
  host: postgres
  port: 5432
  user: epistom
  password: epistom
  name: epistom

LLM Provider

llm:
  provider: anthropic       # anthropic, openai, bedrock, ollama
  modelId: claude-sonnet-4-5
  apiKey: <from-secret>

Oxigraph

oxigraph:
  enabled: true              # Set false for Aegis-only
  persistence:
    enabled: true
    size: 10Gi

Rate Limiting

rateLimiting:
  enabled: true
  requestsPerMinute: 100
  redis:
    url: redis://redis:6379/0  # Required for multi-pod

Production Checklist

  • Set EPISTOM_AUTH_DISABLED=false
  • Configure EPISTOM_JWT_SECRET (256-bit hex)
  • Configure EPISTOM_ENCRYPTION_KEY (Fernet key)
  • Configure EPISTOM_AEGIS_SIGNING_KEY (Ed25519 private key)
  • Enable Redis for rate limiting across pods
  • Set up PostgreSQL with replication for high availability
  • Configure HTTPS via ingress controller
  • Set EPISTOM_ENV=production

On this page