diff --git a/docs/getting-started/try-it-out/on-your-environment.mdx b/docs/getting-started/try-it-out/on-your-environment.mdx index fc4018af..dc37236b 100644 --- a/docs/getting-started/try-it-out/on-your-environment.mdx +++ b/docs/getting-started/try-it-out/on-your-environment.mdx @@ -945,6 +945,7 @@ OpenChoreo uses a modular observability plane. In this step you will: observer: openSearchSecretName: opensearch-admin-credentials secretName: observer-secret + controlPlaneApiUrl: "https://api.\${CP_BASE_DOMAIN}" gateway: tls: enabled: false @@ -1041,6 +1042,7 @@ observer: openSearchSecretName: opensearch-admin-credentials secretName: observer-secret controlPlaneApiUrl: "https://api.\${CP_BASE_DOMAIN}" + publicUrl: "https://observer.\${OBS_BASE_DOMAIN}" http: hostnames: - "observer.\${OBS_BASE_DOMAIN}" diff --git a/docs/reference/helm/observability-plane.mdx b/docs/reference/helm/observability-plane.mdx index 46de6393..7fcb5a13 100644 --- a/docs/reference/helm/observability-plane.mdx +++ b/docs/reference/helm/observability-plane.mdx @@ -143,7 +143,8 @@ OpenChoreo Observer service configuration - REST API that abstracts OpenSearch f | `observer.alertStoreBackend` | Alert entry storage backend for fired alerts | `string` | `sqlite` | | `observer.alertStoreSqliteSize` | PVC size for SQLite alert entry storage | `string` | `128Mi` | | `observer.authzTlsInsecureSkipVerify` | Skip TLS certificate verification when calling the control plane authz service (use for self-signed certs) | `boolean` | `false` | -| `observer.controlPlaneApiUrl` | Control plane API base URL used by observer | `string` | `http://api.openchoreo.localhost:8080` | +| `observer.controlPlaneApiUrl` | Control plane API base URL used by observer | `string` | `http://api.openchoreo.invalid:8080` | +| `observer.publicUrl` | Observer's own external URL (sets OBSERVER_BASE_URL). Empty falls back to a localhost default. | `string` | | | `observer.cors.allowedOrigins` | List of allowed origins for CORS requests. Empty list disables CORS. | `array` | | | `observer.extraEnvs` | Extra environment variables for the Observer container | `array` | | | `observer.http.enabled` | Enable HTTPRoute | `boolean` | `true` | @@ -178,34 +179,34 @@ When using an external identity provider, refer to [Observer External IDP Config AI-powered Root Cause Analysis agent configuration -| Parameter | Description | Type | Default | -| :------------------------------ | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :-------- | :------------------------------------- | -| `rca.authz.timeoutSeconds` | Authorization request timeout in seconds | `integer` | `30` | -| `rca.cors.allowedOrigins` | List of allowed origins for CORS requests. Empty list disables CORS. | `array` | | -| `rca.enabled` | Enable SRE Agent deployment | `boolean` | `false` | -| `rca.extraEnvs` | Extra environment variables for the SRE Agent container | `array` | | -| `rca.http.enabled` | Enable HTTPRoute | `boolean` | `true` | -| `rca.http.hostnames` | HTTPRoute hostnames | `array` | | -| `rca.image.pullPolicy` | Image pull policy | `string` | `IfNotPresent` | -| `rca.image.repository` | Container image repository | `string` | `ghcr.io/openchoreo/ai-rca-agent` | -| `rca.image.tag` | Container image tag (defaults to Chart.AppVersion if empty) | `string` | | -| `rca.llm.modelName` | LLM model name (e.g., gpt-5.2) | `string` | | -| `rca.logLevel` | Log level for the SRE Agent | `string` | `INFO` | -| `rca.name` | Name of the SRE Agent deployment | `string` | `ai-rca-agent` | -| `rca.oauth.clientId` | OAuth2 client ID registered with the IDP | `string` | `openchoreo-rca-agent` | -| `rca.observerApiUrl` | Observer API base URL | `string` | `http://observer:8080` | -| `rca.openchoreoApiUrl` | OpenChoreo API base URL used by the SRE Agent | `string` | `http://api.openchoreo.localhost:8080` | -| `rca.remedAgent` | Enable remediation agent | `boolean` | `true` | -| `rca.replicas` | Number of SRE Agent replicas | `integer` | `1` | -| `rca.reportBackend` | Report storage backend type | `string` | `sqlite` | -| `rca.resources.limits.cpu` | CPU limit | `string` | `250m` | -| `rca.resources.limits.memory` | Memory limit | `string` | `1536Mi` | -| `rca.resources.requests.cpu` | CPU request | `string` | `100m` | -| `rca.resources.requests.memory` | Memory request | `string` | `1024Mi` | -| `rca.secretName` | Name of an existing Secret injected via envFrom into the SRE Agent container. Required keys - RCA_LLM_API_KEY, OAUTH_CLIENT_SECRET. Optional keys - SQL_BACKEND_URI (when reportBackend is postgresql). | `string` | `rca-agent-secret` | -| `rca.service.port` | Service port | `integer` | `8080` | -| `rca.service.type` | Service type | `string` | `ClusterIP` | -| `rca.sqliteStorageSize` | PVC storage size for SQLite (only used when reportBackend is sqlite) | `string` | `128Mi` | +| Parameter | Description | Type | Default | +| :------------------------------ | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :-------- | :----------------------------------- | +| `rca.authz.timeoutSeconds` | Authorization request timeout in seconds | `integer` | `30` | +| `rca.cors.allowedOrigins` | List of allowed origins for CORS requests. Empty list disables CORS. | `array` | | +| `rca.enabled` | Enable SRE Agent deployment | `boolean` | `false` | +| `rca.extraEnvs` | Extra environment variables for the SRE Agent container | `array` | | +| `rca.http.enabled` | Enable HTTPRoute | `boolean` | `true` | +| `rca.http.hostnames` | HTTPRoute hostnames | `array` | | +| `rca.image.pullPolicy` | Image pull policy | `string` | `IfNotPresent` | +| `rca.image.repository` | Container image repository | `string` | `ghcr.io/openchoreo/ai-rca-agent` | +| `rca.image.tag` | Container image tag (defaults to Chart.AppVersion if empty) | `string` | | +| `rca.llm.modelName` | LLM model name (e.g., gpt-5.2) | `string` | | +| `rca.logLevel` | Log level for the SRE Agent | `string` | `INFO` | +| `rca.name` | Name of the SRE Agent deployment | `string` | `ai-rca-agent` | +| `rca.oauth.clientId` | OAuth2 client ID registered with the IDP | `string` | `openchoreo-rca-agent` | +| `rca.observerApiUrl` | Observer API base URL | `string` | `http://observer:8080` | +| `rca.openchoreoApiUrl` | OpenChoreo API base URL used by the SRE Agent | `string` | `http://api.openchoreo.invalid:8080` | +| `rca.remedAgent` | Enable remediation agent | `boolean` | `true` | +| `rca.replicas` | Number of SRE Agent replicas | `integer` | `1` | +| `rca.reportBackend` | Report storage backend type | `string` | `sqlite` | +| `rca.resources.limits.cpu` | CPU limit | `string` | `250m` | +| `rca.resources.limits.memory` | Memory limit | `string` | `1536Mi` | +| `rca.resources.requests.cpu` | CPU request | `string` | `100m` | +| `rca.resources.requests.memory` | Memory request | `string` | `1024Mi` | +| `rca.secretName` | Name of an existing Secret injected via envFrom into the SRE Agent container. Required keys - RCA_LLM_API_KEY, OAUTH_CLIENT_SECRET. Optional keys - SQL_BACKEND_URI (when reportBackend is postgresql). | `string` | `rca-agent-secret` | +| `rca.service.port` | Service port | `integer` | `8080` | +| `rca.service.type` | Service type | `string` | `ClusterIP` | +| `rca.sqliteStorageSize` | PVC storage size for SQLite (only used when reportBackend is sqlite) | `string` | `128Mi` | ## Security