Values Reference

This page covers every top-level parameter group in the Bifrost Helm chart’s values.yaml, how to supply values via --set vs -f, and where to find ready-made example files.

The full values schema is available at https://getbifrost.ai/schema. All values.yaml fields map directly to config.json fields generated by the chart.

Supplying Values

One-liner with `--set`

Good for a single field or quick experiments:

helm install bifrost bifrost/bifrost \
  --set image.tag=v1.4.11 \
  --set replicaCount=3 \
  --set bifrost.client.initialPoolSize=500

Values file with `-f`

Recommended for anything beyond a couple of fields:

# Create your values file
cat > my-values.yaml <<'EOF'
image:
  tag: "v1.4.11"

replicaCount: 2

bifrost:
  encryptionKey: "your-32-byte-encryption-key-here"
  client:
    initialPoolSize: 500
    enableLogging: true
EOF

# Install
helm install bifrost bifrost/bifrost -f my-values.yaml

# Upgrade later
helm upgrade bifrost bifrost/bifrost -f my-values.yaml

# Upgrade and reuse all previously set values, overriding only one field
helm upgrade bifrost bifrost/bifrost \
  --reuse-values \
  --set replicaCount=5

Multiple values files

Later files override earlier ones — useful for a base + environment-specific overlay:

helm install bifrost bifrost/bifrost \
  -f base-values.yaml \
  -f production-overrides.yaml

Key Parameters Reference

Image

Parameter	Description	Default
`image.repository`	Container image repository	`docker.io/maximhq/bifrost`
`image.tag`	Required. Image version (e.g. `v1.4.11`)	`""`
`image.pullPolicy`	Image pull policy	`IfNotPresent`
`imagePullSecrets`	List of pull secret names for private registries	`[]`

# Always specify the tag — the chart will not start without it
helm install bifrost bifrost/bifrost --set image.tag=v1.4.11

Replicas & Autoscaling

Parameter	Description	Default
`replicaCount`	Static replica count (ignored when HPA is enabled)	`1`
`autoscaling.enabled`	Enable Horizontal Pod Autoscaler	`false`
`autoscaling.minReplicas`	Minimum replicas	`1`
`autoscaling.maxReplicas`	Maximum replicas	`10`
`autoscaling.targetCPUUtilizationPercentage`	CPU target for scaling	`80`
`autoscaling.targetMemoryUtilizationPercentage`	Memory target for scaling	`80`
`autoscaling.behavior.scaleDown.stabilizationWindowSeconds`	Cooldown before scale-down (important for SSE streams)	`300`
`autoscaling.behavior.scaleDown.policies[0].value`	Max pods removed per period	`1`

Resources

Parameter	Description	Default
`resources.requests.cpu`	CPU request	`500m`
`resources.requests.memory`	Memory request	`512Mi`
`resources.limits.cpu`	CPU limit	`2000m`
`resources.limits.memory`	Memory limit	`2Gi`

Service

Parameter	Description	Default
`service.type`	`ClusterIP`, `LoadBalancer`, or `NodePort`	`ClusterIP`
`service.port`	Service port	`8080`

Ingress

Parameter	Description	Default
`ingress.enabled`	Enable ingress	`false`
`ingress.className`	Ingress class (e.g. `nginx`, `traefik`)	`""`
`ingress.annotations`	Ingress annotations	`{}`
`ingress.hosts`	Host rules	see values.yaml
`ingress.tls`	TLS configuration	`[]`

ingress:
  enabled: true
  className: nginx
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/proxy-body-size: "100m"
  hosts:
    - host: bifrost.yourdomain.com
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: bifrost-tls
      hosts:
        - bifrost.yourdomain.com

Probes

Parameter	Description	Default
`livenessProbe.initialDelaySeconds`	Seconds before first liveness check	`30`
`livenessProbe.periodSeconds`	Liveness check interval	`30`
`readinessProbe.initialDelaySeconds`	Seconds before first readiness check	`10`
`readinessProbe.periodSeconds`	Readiness check interval	`10`

Both probes hit GET /health.

Graceful Shutdown

Bifrost supports long-lived SSE streaming connections. The default preStop hook and termination grace period let in-flight streams finish before the pod is killed:

Parameter	Description	Default
`terminationGracePeriodSeconds`	Total grace period	`60`
`lifecycle.preStop.exec.command`	Sleep before SIGTERM so load balancer drains	`["sh", "-c", "sleep 15"]`

Increase terminationGracePeriodSeconds if your typical stream responses take longer than 45 seconds.

Service Account

Parameter	Description	Default
`serviceAccount.create`	Create a dedicated service account	`true`
`serviceAccount.annotations`	Annotations (e.g. for IRSA, Workload Identity)	`{}`
`serviceAccount.name`	Override the generated name	`""`

Pod Scheduling

# Spread replicas across nodes
affinity:
  podAntiAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      - labelSelector:
          matchLabels:
            app.kubernetes.io/name: bifrost
        topologyKey: kubernetes.io/hostname

# Pin to specific node pool
nodeSelector:
  node-type: ai-workload

# Tolerate GPU taints
tolerations:
  - key: "gpu"
    operator: "Equal"
    value: "true"
    effect: "NoSchedule"

Extra Environment Variables

Three ways to inject env vars:

# Inline key/value pairs
env:
  - name: HTTP_PROXY
    value: "http://proxy.corp.example.com:3128"

# Map syntax (appended after env)
extraEnv:
  NO_PROXY: "169.254.169.254,10.0.0.0/8"

# Bulk-load from existing Secrets or ConfigMaps
envFrom:
  - secretRef:
      name: my-corp-secrets
  - configMapRef:
      name: my-app-config

Init Containers

initContainers:
  - name: wait-for-db
    image: busybox:1.35
    command: ["sh", "-c", "until nc -z postgres-svc 5432; do sleep 2; done"]

Values Examples

The chart ships ready-made example files under helm-charts/bifrost/values-examples/:

File	Use case
`sqlite-only.yaml`	Minimal local/dev setup
`postgres-only.yaml`	Single-store Postgres
`production-ha.yaml`	HA: 3 replicas, Postgres, Weaviate, HPA, Ingress
`providers-and-virtual-keys.yaml`	All 23 providers + 7 virtual key patterns
`secrets-from-k8s.yaml`	All sensitive values from Kubernetes Secrets
`external-postgres.yaml`	Point at an existing Postgres instance
`postgres-redis.yaml`	Postgres + Redis vector store
`postgres-weaviate.yaml`	Postgres + Weaviate vector store
`postgres-qdrant.yaml`	Postgres + Qdrant vector store
`semantic-cache-secret-example.yaml`	Semantic cache with secret injection
`mixed-backend.yaml`	Config store = postgres, logs store = sqlite

Install from an example file directly:

helm install bifrost bifrost/bifrost \
  -f https://raw.githubusercontent.com/maximhq/bifrost/main/helm-charts/bifrost/values-examples/production-ha.yaml \
  --set image.tag=v1.4.11

Helm Operations

View current values

helm get values bifrost

Diff before upgrading (requires helm-diff plugin)

helm diff upgrade bifrost bifrost/bifrost -f my-values.yaml

Rollback

helm history bifrost
helm rollback bifrost       # to previous revision
helm rollback bifrost 2     # to revision 2

Uninstall

helm uninstall bifrost

# Also remove PVCs (deletes all data)
kubectl delete pvc -l app.kubernetes.io/instance=bifrost

All Key Parameters

A quick-reference table of the most commonly used top-level parameters:

Parameter	Description	Default
`image.tag`	Required. Bifrost image version (e.g., `v1.4.11`)	`""`
`replicaCount`	Number of replicas	`1`
`storage.mode`	Storage backend (`sqlite` or `postgres`)	`sqlite`
`storage.persistence.size`	PVC size for SQLite	`10Gi`
`postgresql.enabled`	Deploy embedded PostgreSQL	`false`
`vectorStore.enabled`	Enable vector store	`false`
`vectorStore.type`	Vector store type (`weaviate`, `redis`, `qdrant`)	`none`
`bifrost.encryptionKey`	Encryption key (use `encryptionKeySecret` in production)	`""`
`ingress.enabled`	Enable ingress	`false`
`autoscaling.enabled`	Enable HPA	`false`

Secret Reference Parameters

Use existing Kubernetes Secrets instead of plain-text values. Every sensitive field in the chart has a corresponding existingSecret / secretRef alternative:

Parameter	Description	Default
`bifrost.encryptionKeySecret.name`	Secret name for encryption key	`""`
`bifrost.encryptionKeySecret.key`	Key within the secret	`"encryption-key"`
`postgresql.external.existingSecret`	Secret name for PostgreSQL password	`""`
`postgresql.external.passwordKey`	Key within the secret	`"password"`
`vectorStore.redis.external.existingSecret`	Secret name for Redis password	`""`
`vectorStore.redis.external.passwordKey`	Key within the secret	`"password"`
`vectorStore.weaviate.external.existingSecret`	Secret name for Weaviate API key	`""`
`vectorStore.weaviate.external.apiKeyKey`	Key within the secret	`"api-key"`
`vectorStore.qdrant.external.existingSecret`	Secret name for Qdrant API key	`""`
`vectorStore.qdrant.external.apiKeyKey`	Key within the secret	`"api-key"`
`bifrost.plugins.maxim.secretRef.name`	Secret name for Maxim API key	`""`
`bifrost.plugins.maxim.secretRef.key`	Key within the secret	`"api-key"`
`bifrost.providerSecrets.<provider>.existingSecret`	Secret name for provider API key	`""`
`bifrost.providerSecrets.<provider>.key`	Key within the secret	`"api-key"`
`bifrost.providerSecrets.<provider>.envVar`	Environment variable name to inject	`""`

Advanced Configuration

Comprehensive Example

A production-ready values file combining the most common settings:

# my-values.yaml
image:
  tag: "v1.4.11"

replicaCount: 3

storage:
  mode: postgres

postgresql:
  enabled: true
  auth:
    password: "secure-password"   # use existingSecret in production

autoscaling:
  enabled: true
  minReplicas: 3
  maxReplicas: 10

ingress:
  enabled: true
  className: nginx
  hosts:
    - host: bifrost.example.com
      paths:
        - path: /
          pathType: Prefix

bifrost:
  encryptionKeySecret:
    name: "bifrost-encryption"
    key: "key"
  providers:
    openai:
      keys:
        - name: "primary"
          value: "env.OPENAI_API_KEY"
          weight: 1
  providerSecrets:
    openai:
      existingSecret: "provider-api-keys"
      key: "openai-api-key"
      envVar: "OPENAI_API_KEY"

helm install bifrost bifrost/bifrost -f my-values.yaml

Node Affinity & Scheduling

Deploy to specific nodes and spread replicas across hosts:

nodeSelector:
  node-type: ai-workload

affinity:
  podAntiAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
      - labelSelector:
          matchLabels:
            app.kubernetes.io/name: bifrost
        topologyKey: kubernetes.io/hostname

tolerations:
  - key: "gpu"
    operator: "Equal"
    value: "true"
    effect: "NoSchedule"

Deployment & Pod Annotations

Useful for tooling like Keel for automatic image updates or Datadog APM injection:

deploymentAnnotations:
  keel.sh/policy: force
  keel.sh/trigger: poll

podAnnotations:
  ad.datadoghq.com/bifrost.logs: '[{"source":"bifrost","service":"bifrost"}]'

Common Patterns

Ready-made values files for the most common deployment scenarios. Each pattern builds on the quickstart.

Development
Multi-Provider
External Database
AI Workloads
Kubernetes Secrets Only

Simple setup for local testing. SQLite, single replica, no autoscaling.

helm install bifrost bifrost/bifrost \
  --set image.tag=v1.4.11 \
  --set 'bifrost.providers.openai.keys[0].name=dev-key' \
  --set 'bifrost.providers.openai.keys[0].value=sk-your-key' \
  --set 'bifrost.providers.openai.keys[0].weight=1'

# Access
kubectl port-forward svc/bifrost 8080:8080

Multiple LLM providers with weighted load balancing.

kubectl create secret generic provider-keys \
  --from-literal=openai-api-key='sk-...' \
  --from-literal=anthropic-api-key='sk-ant-...' \
  --from-literal=gemini-api-key='your-gemini-key'

# multi-provider.yaml
image:
  tag: "v1.4.11"

bifrost:
  encryptionKey: "your-encryption-key"

  client:
    enableLogging: true
    allowDirectKeys: false

  providers:
    openai:
      keys:
        - name: "openai-primary"
          value: "env.OPENAI_API_KEY"
          weight: 2    # 50% of traffic
    anthropic:
      keys:
        - name: "anthropic-primary"
          value: "env.ANTHROPIC_API_KEY"
          weight: 1    # 25%
    gemini:
      keys:
        - name: "gemini-primary"
          value: "env.GEMINI_API_KEY"
          weight: 1    # 25%

  providerSecrets:
    openai:
      existingSecret: "provider-keys"
      key: "openai-api-key"
      envVar: "OPENAI_API_KEY"
    anthropic:
      existingSecret: "provider-keys"
      key: "anthropic-api-key"
      envVar: "ANTHROPIC_API_KEY"
    gemini:
      existingSecret: "provider-keys"
      key: "gemini-api-key"
      envVar: "GEMINI_API_KEY"

  plugins:
    telemetry:
      enabled: true
    logging:
      enabled: true

helm install bifrost bifrost/bifrost -f multi-provider.yaml

Use an existing PostgreSQL instance — RDS, Cloud SQL, Azure Database, or self-managed.

kubectl create secret generic postgres-credentials \
  --from-literal=password='your-external-postgres-password'

# external-db.yaml
image:
  tag: "v1.4.11"

storage:
  mode: postgres

postgresql:
  enabled: false
  external:
    enabled: true
    host: "your-rds-endpoint.us-east-1.rds.amazonaws.com"
    port: 5432
    user: "bifrost"
    database: "bifrost"
    sslMode: "require"
    existingSecret: "postgres-credentials"
    passwordKey: "password"

bifrost:
  encryptionKey: "your-encryption-key"

  providers:
    openai:
      keys:
        - name: "openai-primary"
          value: "sk-..."
          weight: 1

helm install bifrost bifrost/bifrost -f external-db.yaml

Semantic response caching for high-volume AI inference.

kubectl create secret generic bifrost-encryption \
  --from-literal=key='your-32-byte-encryption-key'

kubectl create secret generic provider-keys \
  --from-literal=openai-api-key='sk-your-key'

# ai-workload.yaml
image:
  tag: "v1.4.11"

storage:
  mode: postgres

postgresql:
  enabled: true
  auth:
    password: "secure-password"
  primary:
    persistence:
      size: 50Gi

vectorStore:
  enabled: true
  type: weaviate
  weaviate:
    enabled: true
    persistence:
      size: 50Gi

bifrost:
  encryptionKeySecret:
    name: "bifrost-encryption"
    key: "key"

  providers:
    openai:
      keys:
        - name: "openai-primary"
          value: "env.OPENAI_API_KEY"
          weight: 1

  providerSecrets:
    openai:
      existingSecret: "provider-keys"
      key: "openai-api-key"
      envVar: "OPENAI_API_KEY"

  plugins:
    semanticCache:
      enabled: true
      config:
        provider: "openai"
        keys:
          - value: "env.OPENAI_API_KEY"
            weight: 1
        embedding_model: "text-embedding-3-small"
        dimension: 1536
        threshold: 0.85
        ttl: "1h"
        cache_by_model: true
        cache_by_provider: true

helm install bifrost bifrost/bifrost -f ai-workload.yaml

Zero credentials in values files — all sensitive data in Kubernetes Secrets.

kubectl create secret generic postgres-credentials \
  --from-literal=password='your-postgres-password'

kubectl create secret generic bifrost-encryption \
  --from-literal=key='your-encryption-key'

kubectl create secret generic provider-keys \
  --from-literal=openai-api-key='sk-...' \
  --from-literal=anthropic-api-key='sk-ant-...'

kubectl create secret generic qdrant-credentials \
  --from-literal=api-key='your-qdrant-api-key'

# secrets-only.yaml
image:
  tag: "v1.4.11"

storage:
  mode: postgres

postgresql:
  enabled: false
  external:
    enabled: true
    host: "postgres.example.com"
    port: 5432
    user: "bifrost"
    database: "bifrost"
    sslMode: "require"
    existingSecret: "postgres-credentials"
    passwordKey: "password"

vectorStore:
  enabled: true
  type: qdrant
  qdrant:
    enabled: false
    external:
      enabled: true
      host: "qdrant.example.com"
      port: 6334
      existingSecret: "qdrant-credentials"
      apiKeyKey: "api-key"

bifrost:
  encryptionKeySecret:
    name: "bifrost-encryption"
    key: "key"

  providers:
    openai:
      keys:
        - name: "openai-primary"
          value: "env.OPENAI_API_KEY"
          weight: 1
    anthropic:
      keys:
        - name: "anthropic-primary"
          value: "env.ANTHROPIC_API_KEY"
          weight: 1

  providerSecrets:
    openai:
      existingSecret: "provider-keys"
      key: "openai-api-key"
      envVar: "OPENAI_API_KEY"
    anthropic:
      existingSecret: "provider-keys"
      key: "anthropic-api-key"
      envVar: "ANTHROPIC_API_KEY"

helm install bifrost bifrost/bifrost -f secrets-only.yaml

Platform specific guides

Config as Code

Enterprise Deployment

Common setup instructions

Values Reference

Supplying Values

One-liner with `--set`

Values file with `-f`

Multiple values files

Key Parameters Reference

Image

Replicas & Autoscaling

Resources

Service

Ingress

Probes

Graceful Shutdown

Service Account

Pod Scheduling

Extra Environment Variables

Init Containers

Values Examples

Helm Operations

View current values

Diff before upgrading (requires helm-diff plugin)

Rollback

Uninstall

All Key Parameters

Secret Reference Parameters

Advanced Configuration

Comprehensive Example

Node Affinity & Scheduling

Deployment & Pod Annotations

Common Patterns

Platform specific guides

Config as Code

Enterprise Deployment

Common setup instructions

​Supplying Values

​One-liner with --set

​Values file with -f

​Multiple values files

​Key Parameters Reference

​Image

​Replicas & Autoscaling

​Resources

​Service

​Ingress

​Probes

​Graceful Shutdown

​Service Account

​Pod Scheduling

​Extra Environment Variables

​Init Containers

​Values Examples

​Helm Operations

​View current values

​Diff before upgrading (requires helm-diff plugin)

​Rollback

​Uninstall

​All Key Parameters

​Secret Reference Parameters

​Advanced Configuration

​Comprehensive Example

​Node Affinity & Scheduling

​Deployment & Pod Annotations

​Common Patterns

Supplying Values

One-liner with `--set`

Values file with `-f`

Multiple values files

Key Parameters Reference

Image

Replicas & Autoscaling

Resources

Service

Ingress

Probes

Graceful Shutdown

Service Account

Pod Scheduling

Extra Environment Variables

Init Containers

Values Examples

Helm Operations

View current values

Diff before upgrading (requires helm-diff plugin)

Rollback

Uninstall

All Key Parameters

Secret Reference Parameters

Advanced Configuration

Comprehensive Example

Node Affinity & Scheduling

Deployment & Pod Annotations

Common Patterns