2025-02-27 12:59:21 +00:00
---
title: Kubernetes Deployment
---
:::important Enterprise Feature
2025-03-11 12:18:29 +00:00
The AI Application Gateway is available under the ClearML Enterprise plan.
:::
2025-03-17 05:35:38 +00:00
This guide details the installation of the ClearML App Gateway Router.
2025-03-19 06:28:00 +00:00
The App Gateway Router enables access to your AI workload applications (e.g. remote IDEs like VSCode and Jupyter, model API interface, etc.).
2025-03-17 05:35:38 +00:00
It acts as a proxy, identifying ClearML Tasks running within its [K8s namespace ](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ )
and making them available for network access.
2025-03-11 12:18:29 +00:00
:::important
2025-03-17 05:35:38 +00:00
The App Gateway Router must be installed in the same K8s namespace as a dedicated ClearML Agent.
It can only configure access for ClearML Tasks within its own namespace.
2025-02-27 12:59:21 +00:00
:::
2025-02-23 15:33:55 +00:00
## Requirements
* Kubernetes cluster: `>= 1.21.0-0 < 1.32.0-0`
* Helm installed and configured
2025-03-11 12:18:29 +00:00
* Helm token to access `clearml` helm-chart repo
* Credentials for `clearml` docker repo
2025-02-23 15:33:55 +00:00
* A valid ClearML Server installation
## Optional for HTTPS
* A valid DNS entry for the new TTR instance
* A valid SSL certificate
## Helm
### Login
```
2025-03-11 12:18:29 +00:00
helm repo add clearml-enterprise \
2025-03-02 09:54:05 +00:00
https://raw.githubusercontent.com/clearml/clearml-enterprise-helm-charts/gh-pages \
2025-02-23 15:33:55 +00:00
--username < GITHUB_TOKEN > \
--password < GITHUB_TOKEN >
```
2025-03-11 12:18:29 +00:00
Replace `<GITHUB_TOKEN>` with your valid GitHub token that has access to the ClearML Enterprise Helm charts repository.
2025-03-10 17:35:41 +00:00
### Prepare Values
2025-02-23 15:33:55 +00:00
2025-03-17 05:35:38 +00:00
Before installing the App Gateway Router, create a Helm override file:
2025-02-23 15:33:55 +00:00
```
imageCredentials:
2025-03-11 12:18:29 +00:00
password: ""
2025-02-23 15:33:55 +00:00
clearml:
2025-03-11 12:18:29 +00:00
apiServerKey: ""
apiServerSecret: ""
apiServerUrlReference: ""
authCookieName: ""
sslVerify: true
2025-02-23 15:33:55 +00:00
ingress:
2025-03-11 12:18:29 +00:00
enabled: true
hostName: ""
2025-02-23 15:33:55 +00:00
tcpSession:
2025-03-11 12:18:29 +00:00
routerAddress: ""
service:
type: LoadBalancer
portRange:
start:
end:
2025-02-23 15:33:55 +00:00
```
2025-03-17 05:35:38 +00:00
Configuration options:
2025-02-23 15:33:55 +00:00
2025-03-11 12:18:29 +00:00
* `imageCredentials.password` : ClearML DockerHub Access Token.
* `clearml.apiServerKey` : ClearML server API key.
* `clearml.apiServerSecret` : ClearML server secret key.
2025-03-17 05:35:38 +00:00
* `clearml.apiServerUrlReference` : ClearML API server URL starting with `https://api.` .
* `clearml.authCookieName` : Cookie used by the ClearML server to store the ClearML authentication cookie.
2025-03-13 09:15:22 +00:00
* `clearml.sslVerify` : Enable or disable SSL certificate validation on `apiserver` calls check.
2025-03-11 12:18:29 +00:00
* `ingress.hostName` : Hostname of router used by the ingress controller to access it.
* `tcpSession.routerAddress` : The external router address (can be an IP, hostname, or load balancer address) depending on your network setup. Ensure this address is accessible for TCP connections.
* `tcpSession.service.type` : Service type used to expose TCP functionality, default is `NodePort` .
* `tcpSession.portRange.start` : Start port for the TCP Session feature.
* `tcpSession.portRange.end` : End port for the TCP Session feature.
2025-02-23 15:33:55 +00:00
2025-03-17 05:35:38 +00:00
The full list of supported configuration is available with the command:
2025-02-23 15:33:55 +00:00
```
helm show readme allegroai-enterprise/clearml-enterprise-task-traffic-router
```
### Install
To install the TTR component via Helm use the following command:
```
helm upgrade --install \
< RELEASE_NAME > \
2025-03-11 12:18:29 +00:00
-n < WORKLOAD_NAMESPACE > \
2025-02-23 15:33:55 +00:00
allegroai-enterprise/clearml-enterprise-task-traffic-router \
2025-03-11 12:18:29 +00:00
--version < CHART_VERSION > \
-f override.yaml
2025-02-23 15:33:55 +00:00
```
2025-03-11 12:18:29 +00:00
Replace the placeholders with the following values:
2025-03-17 05:35:38 +00:00
* `<RELEASE_NAME>` - Unique name for the App Gateway Router within the K8s namespace. This is a required parameter in
Helm, which identifies a specific installation of the chart. The release name also defines the router’
2025-03-19 06:28:00 +00:00
appears in the UI within AI workload application URLs (e.g. Remote IDE URLs). This can be customized to support multiple installations within the same
2025-03-17 05:35:38 +00:00
namespace by assigning different release names.
* `<WORKLOAD_NAMESPACE>` - [Kubernetes Namespace ](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ )
where workloads will be executed. This namespace must be shared between a dedicated ClearML Agent and an App
Gateway Router. The agent is responsible for monitoring its assigned task queues and spawning workloads within this
2025-03-19 06:28:00 +00:00
namespace. The router monitors the same namespace for AI workloads (e.g. remote IDE applications). The router has a
namespace-limited scope, meaning it can only detect and manage tasks within its
2025-03-17 05:35:38 +00:00
assigned namespace.
2025-03-11 12:18:29 +00:00
* `<CHART_VERSION>` - Version recommended by the ClearML Support Team.
