AI · Memory · Kubernetes

Helm Chart for
Engram Cloud

Community-maintained chart that deploys Engram Cloud — the AI-powered persistent memory server for LLM agents — on Kubernetes.

Artifact Hub Chart version 1.15.10 App version v1.15.10 MIT License Helm Lint & Test
Quick start 
$ helm repo add helm-engram https://devops-ia.github.io/helm-engram
$ helm repo update
$ helm install engram helm-engram/engram

Features

Everything you need, out of the box

Production-ready defaults with sensible security hardening and flexible configuration.

Bundled PostgreSQL

Ships with a Bitnami PostgreSQL StatefulSet. No external database required for getting started.

Flexible Secrets

Chart-managed secrets, existingSecret, External Secrets Operator, or Sealed Secrets — your call.

HPA & PDB

Horizontal Pod Autoscaler and PodDisruptionBudget included. Scale and protect with a single flag.

Security-hardened

Non-root UID 10001, read-only filesystem, dropped capabilities, and optional NetworkPolicy.

Ingress ready

Native Ingress support with TLS. Compatible with nginx, traefik, and any standard controller.

99 unit tests

Full helm-unittest test suite covering every template. CI passes on every commit.

Usage

Add the repository

Helm must be installed. Once set up, add this repository and install the chart.

bash 
# Add the Helm repository
$ helm repo add helm-engram https://devops-ia.github.io/helm-engram
$ helm repo update

# Install with bundled PostgreSQL (default)
$ helm install engram helm-engram/engram

# Install with external PostgreSQL DSN
$ helm install engram helm-engram/engram \
    --set engram.databaseUrl=postgres://user:pass@host:5432/db \
    --set postgresql.enabled=false

# Upgrade
$ helm upgrade engram helm-engram/engram

Configuration

Key values

Common values to get started. Full reference at values.yaml.

Parameter Description Default
engram.databaseUrl PostgreSQL DSN. Auto-built from subchart values when empty. ""
engram.jwtSecret JWT signing secret for Engram Cloud. ""
engram.allowedProjects Comma-separated list of allowed project names. ""
engram.existingSecret Name of an existing Secret containing ENGRAM_DATABASE_URL and ENGRAM_JWT_SECRET. ""
postgresql.enabled Deploy bundled PostgreSQL StatefulSet via Bitnami subchart. true
ingress.enabled Expose the service via Kubernetes Ingress. false
autoscaling.enabled Enable Horizontal Pod Autoscaler. false
networkPolicy.enabled Restrict pod ingress/egress with a NetworkPolicy. false