Deploying the Edge core Helm Chart
This section describes how to deploy the PlainID Edge core Helm chart in a Kubernetes environment. The core deployment installs the foundational PlainID Edge components required for MCP Gateway, discovery, and RAG enrichment capabilities. These steps assume that the Kubernetes cluster is already available and that Helm is installed and configured.
Before proceeding with the installation, ensure that you have received access to the PlainID Docker OCI Helm repository oci://registry-1.docker.io/plainidhelm and that you can pull the Helm repository plainidhelm/core.
Ensure that you have also received access to pull the following container images from Docker Hub:
plainid/enrichment-agentplainid/vector-db-classifier-engineplainid/discovery-agentplainid/mcp-gateway
Contact PlainID Support for help.
To set up the Core Helm Chart deployment:
-
Log in to the OCI Helm registry:
$ helm registry login -u <YOUR_USERNAME> oci://registry-1.docker.io/plainidhelm Password: Login SucceededNotes:
- Replace
<YOUR_USERNAME>with Docker Hub credentials that are authorized to access the registry.
- Replace
-
Validate access to the Helm charts. You can repeat these steps for each chart. The version number may vary.
$ helm show chart oci://registry-1.docker.io/plainidhelm/enrichment-agent Pulled: registry-1.docker.io/plainidhelm/enrichment-agent:1.0.2 Digest: sha256:091a51c24568a28c86425e743865db89dbb8398670788b89ce9beda50cf08c4a apiVersion: v2 appVersion: 1.0.2 description: PlainID enrichment-agent icon: https://www.plainid.com/wp-content/uploads/2024/01/mobile-logo.png maintainers: - email: support@plainid.com name: PlainID url: plainid.com name: enrichment-agent type: application version: 1.0.2Notes:
- By default, it will show the latest version of the chart.
-
Deploy the
coreHelm chart:$ helm install <HELM_RELEASE_NAME> oci://registry-1.docker.io/plainidhelm/core -f <YOUR_VALUES_FILE>The following example shows a sample values file.
--- global: imagePullSecrets: - name: "<YOUR_PULL_SECRET>" vector-db-classifier-engine: secret: OPENAI_API_KEY: "YOUR_OPENAI_API_KEY" enrichment-agent: env: JWT_VALIDATION_ENABLED: "false" CLASSIFICATION_SERVICE_URL: "http://<HELM_RELEASE_NAME>-vector-db-classifier-engine:8000" secret: PINECONE_API_KEY: "YOUR_PINECONE_API_KEY" mcp-gateway: plainIDConfig: config.yaml: | mcpServers: context7: url: "https://mcp.context7.com/mcp" transportType: "streamable-http" headersToForward: - "Authorization" - "X-User-Token" - "X-Agent-Token" plainID: runtimeBaseURL: "http://${PLAINID_RUNTIME_HOST}:${PLAINID_RUNTIME_PORT}/api" toolsAsset: "tools" clientID: "${PLAINID_CLIENT_ID}" clientSecret: "${PLAINID_CLIENT_SECRET}" emptyOnError: false plugins: logger: enable: true presidio: enable: false analyzer_url: "http://${PRESIDIO_ANALYZER_HOST}:${PRESIDIO_ANALYZER_PORT}/analyze" anonymizer_url: "http://${PRESIDIO_ANONYMIZER_HOST}:${PRESIDIO_ANONYMIZER_PORT}/anonymize" threshold: 0.5 dataFilter: enable: false authHeader: "X-User-Token" filterUrl: "http://${DATAFILTER_HOST}:${DATAFILTER_PORT}/resql" clientID: "${DATAFILTER_CLIENT_ID}" clientSecret: "${DATAFILTER_CLIENT_SECRET}" flags: emptyAllowedTreatAsPermitted: true ignoreRuntimeAllowedFields: true expandStarColumn: false oppositeColumnFilteringBehavior: true runtimeAllowedAsMasked: false runtimeCLSAsMasked: true headersToForward: - "Authorization" - "X-User-Token" - "X-Agent-Token" mcpProxy: addr: 5432 pingInterval: 10 discovery-agent: env: PLAINID_API_URL: "https://<PLAINID_API_ENDPOINT>" PLAINID_DISCOVERY_URL: "https://<PLAINID_LAMBDA_URL>" POP_ID: "MCP" ENVIRONMENT_ID: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" PLAINID_MCP_GATEWAY_URL: "<HELM_RELEASE_NAME>-mcp-gateway:5235" PLAINID_CLIENT_ID: "XXXXXXXXXXXXXXXXXXXX" PLAINID_CLIENT_SECRET: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"- Every individual component can be disabled by configuring the
enabled: falseparameter in individual components.- Example:
vector-db-classifier-engine: enabled: false
- Every individual component can be disabled by configuring the