Crater

Configuration Guide

Detailed explanation of Crater platform Helm Chart configuration parameters, covering core modules such as backend, frontend, storage, monitoring, and authentication.

Type: applicationv0.1.5

Crater is a comprehensive AI development platform designed for Kubernetes, providing GPU resource management, containerized development environments, and workflow orchestration. This document details all configurable items when deploying Crater via Helm.

Project Homepage: https://github.com/raids-lab/crater

Maintainers

NameEmailUrl
RAIDS Labhttps://github.com/raids-lab

Source Code

Global Values

ParameterTypeDefaultDescription
hoststring"crater.example.com"Domain name or IP address for platform access
protocolstring"http"Protocol type (http or https)
firstUser.usernamestring"crater-admin"Initial administrator username
firstUser.passwordstring"Masked@Password"Initial administrator password (Please change this)
imagePullPolicystring"Always"Container image pull policy
namespaces.createbooltrueWhether to automatically create namespaces
namespaces.jobstring"crater-workspace"Namespace for running job tasks
namespaces.imagestring"crater-images"Namespace for building images
storage.createbooltrueWhether to automatically create base persistent volume claim (PVC)
storage.requeststring"10Gi"Storage request capacity
storage.storageClassstring"nfs"Storage class name (must support ReadWriteMany)
storage.pvcNamestring"crater-rw-storage"Name of the shared PVC

Monitoring (Monitoring)

ParameterTypeDefaultDescription
prometheus.enablebooltrueWhether to enable integrated Prometheus monitoring
prometheus.addressstring"http://..."Internal Prometheus service address in cluster
grafana.enablebooltrueWhether to enable integrated Grafana dashboards
grafana.addressstring"http://..."Internal Grafana service address in cluster
monitoring.timezonestring"Asia/Shanghai"Timezone for monitoring dashboard display

Backend Service Configuration (backendConfig)

Base Service Items

ParameterTypeDefaultDescription
backendConfig.portstring":8088"Backend API service listening port
backendConfig.enableLeaderElectionboolfalseWhether to enable Leader election (for HA deployment)
backendConfig.modelDownload.imagestring"python:3.11-slim"Container image used for model download jobs
backendConfig.prometheusAPIstring"http://..."Prometheus API address for monitoring metrics
backendConfig.auth.token.accessTokenSecretstring"..."JWT Access Token signing secret
backendConfig.auth.token.refreshTokenSecretstring"..."JWT Refresh Token signing secret

Database Connection (backendConfig.postgres)

ParameterTypeDefaultDescription
backendConfig.postgres.hoststring"..."Database server address
backendConfig.postgres.portint5432Database port
backendConfig.postgres.dbnamestring"postgres"Database name
backendConfig.postgres.userstring"postgres"Database username
backendConfig.postgres.passwordstring"..."Database password
backendConfig.postgres.sslmodestring"disable"SSL mode configuration
backendConfig.postgres.TimeZonestring"Asia/Shanghai"Timezone used for database connection

Storage Path Binding (backendConfig.storage)

ParameterTypeDefaultDescription
backendConfig.storage.pvc.readWriteManystring"..."Bound shared storage PVC name
backendConfig.storage.pvc.readOnlyManystringnullOptional read-only storage PVC name (for datasets and models)
backendConfig.storage.prefix.userstring"users"Storage path prefix for user personal space
backendConfig.storage.prefix.accountstring"accounts"Storage path prefix for queue/account public space
backendConfig.storage.prefix.publicstring"public"Storage path prefix for global public datasets

Base Resources and Secrets (backendConfig.secrets)

ParameterTypeDefaultDescription
backendConfig.secrets.tlsSecretNamestring"crater-tls-secret"Name of the TLS certificate Secret for HTTPS
backendConfig.secrets.tlsForwardSecretNamestring"crater-tls-forward-secret"Name of the TLS certificate Secret for forwarding
backendConfig.secrets.imagePullSecretNamestring""Name of the Secret for pulling private images

Authentication Configuration (backendConfig.auth)

ParameterTypeDefaultDescription
backendConfig.auth.ldap.enableboolfalseWhether to enable LDAP unified identity authentication
backendConfig.auth.ldap.aliasstring""Display name (alias) for LDAP login, recommended to be short (e.g., "ACT")
backendConfig.auth.ldap.helpstring""Help description shown when hovering over the LDAP login method
backendConfig.auth.ldap.server.addressstring"..."LDAP server address
backendConfig.auth.ldap.server.baseDNstring"..."Base DN for user search
backendConfig.auth.ldap.attributeMapping.usernamestring"uid"LDAP attribute name for username
backendConfig.auth.ldap.attributeMapping.displayNamestring"cn"LDAP attribute name for display name
backendConfig.auth.ldap.uid.sourcestring"default"UID/GID acquisition strategy: options default, ldap, rid, external (deprecated)
backendConfig.auth.ldap.uid.rid.offsetint10000UID/GID calculation offset when source is rid (UID/GID = RID + offset)
backendConfig.auth.ldap.uid.rid.sidAttributestring"objectSid"LDAP attribute storing the user's binary SID when source is rid (used to compute UID)
backendConfig.auth.ldap.uid.rid.pgidAttributestring"primaryGroupID"LDAP attribute storing the primary group RID when source is rid (used to compute GID)
backendConfig.auth.ldap.uid.ldapAttribute.uidstring""UID attribute name when source is ldap
backendConfig.auth.ldap.uid.ldapAttribute.gidstring""GID attribute name when source is ldap
backendConfig.auth.normal.allowRegisterbooltrueWhether to allow direct registration on the platform
backendConfig.auth.normal.allowLoginbooltrueWhether to allow login with local database accounts

Image Registry Integration (backendConfig.registry)

ParameterTypeDefaultDescription
backendConfig.registry.enableboolfalseWhether to enable image registry (Harbor) integration
backendConfig.registry.harbor.serverstring"..."Harbor service access address
backendConfig.registry.harbor.userstring"admin"Harbor admin account
backendConfig.registry.harbor.passwordstring"..."Harbor admin password
backendConfig.registry.buildTools.proxyConfig.httpProxystringnullHTTP proxy for image building
backendConfig.registry.buildTools.proxyConfig.httpsProxystringnullHTTPS proxy for image building
backendConfig.registry.buildTools.proxyConfig.noProxystringnullList of domains that should not be proxied (comma-separated)

Email Service Configuration (backendConfig.smtp)

ParameterTypeDefaultDescription
backendConfig.smtp.enableboolfalseWhether to enable email notification functionality
backendConfig.smtp.hoststring"mail.example.com"SMTP server address
backendConfig.smtp.portint25SMTP server port
backendConfig.smtp.userstring"example"SMTP authentication username
backendConfig.smtp.passwordstring"..."SMTP authentication password
backendConfig.smtp.notifystring"example@example.com"Email address of the system notification sender

Image Building Pipeline (buildkitConfig)

ParameterTypeDefaultDescription
buildkitConfig.amdConfig.enabledboolfalseWhether to enable AMD64 image build nodes
buildkitConfig.amdConfig.replicasint3Number of build node replicas
buildkitConfig.amdConfig.cache.storageSizestring"400Gi"Build node cache volume size
buildkitConfig.generalConfig.resources.limits.cpuint16Maximum CPU limit for build nodes
buildkitConfig.generalConfig.resources.limits.memorystring"48Gi"Maximum memory limit for build nodes

Automatic Task Strategy (cronjobConfig)

ParameterTypeDefaultDescription
cronjobConfig.jobs.lowGPUUtil.TIME_RANGEstring"90"Time range for low utilization detection (minutes)
cronjobConfig.jobs.lowGPUUtil.UTILstring"0"Utilization threshold for triggering alerts
cronjobConfig.jobs.longTime.BATCH_DAYSstring"4"Maximum runtime days for batch jobs
cronjobConfig.jobs.waitingJupyter.JUPYTER_WAIT_MINUTESstring"5"Cleanup threshold for Jupyter jobs in Waiting state

Database Backup (dbBackup)

ParameterTypeDefaultDescription
dbBackup.enabledbooltrueWhether to enable automatic database backup
dbBackup.schedulestring"0 2 * * *"Backup Cron expression
dbBackup.config.retentionCountint7Retention count/days for backup files

Monitoring Presentation (frontendConfig / grafanaProxy)

ParameterTypeDefaultDescription
frontendConfig.versionstring"1.0.0"Frontend application version
grafanaProxy.enableboolfalseWhether to enable Grafana password-less proxy (for Iframe embedding)
grafanaProxy.addressstring"..."Grafana service address in cluster
grafanaProxy.tokenstring"..."Grafana API Token with read-only permissions

TLS Certificate Configuration (tls)

ParameterTypeDefaultDescription
tls.base.createboolfalseWhether Helm creates the base certificate Secret
tls.base.certstring""Base certificate content (Base64)
tls.forward.createboolfalseWhether Helm creates the forward certificate Secret
tls.forward.certstring""Forward certificate content (Base64)

Component Image Versions (images)

ParameterTypeDefaultDescription
images.backend.repositorystring"..."Backend service image repository
images.frontend.repositorystring"..."Frontend service image repository
images.storage.repositorystring"..."Storage management service image repository
images.buildkit.tagstring"v0.23.1"Buildkit core image tag
Edit on GitHub

Volcano Integration Guide

How Crater uses Volcano batch scheduler for multi-lab GPU resource management and distributed workloads.

High Availability Database Configuration

Provides high availability database configuration