Streamlining Milvus Vector Search Deployment on Kubernetes with Helm Charts and External Dependencies
Container Registry and Image Pre-Configuration
Before initializing the cluster, ensure all required container images are accessible within your network environment. Recent registry throttling policies may require pre-pulling specific artifacts. The following base images must be available locally or configured in your registry proxy:
# Required base images for Milvus 2.4.5 cluster mode
images:
core:
repository: milvusdb/milvus
tag: "v2.4.5"
tools:
repository: milvusdb/milvus-config-tool
tag: "v0.1.2"
state:
repository: docker.io/milvusdb/etcd
tag: "3.5.5-r4"
messaging:
broker: apachepulsar/pulsar
brokerTag: "2.8.2"
manager: zilliz/attu
managerTag: "v2.3.10"
profiler:
repository: milvusdb/heaptrack
tag: "v0.1.0"
Helm Values Architecture for External Dependencies
Decoupling Milvus from its default stateful dependencies simplifies infrastructure management and aligns with enterprise persistence requirements. The following configuration structure demonstrates how to route components toward external storage and message queues while disabling bundled subcharts.
Core Cluster and Networking
deployment:
clusterMode:
enabled: true
service:
type: NodePort
targetPort: 19530
nodePortMapping: null
allowedCidrs: ["0.0.0.0/0"]
ingress:
activate: false
backendProtocol: GRPC
Storage Backend Integration
Replace the embedded Minio instance with an external object storage endpoint. Configure credential mapping and bucket routing:
externalObjectStore:
isActive: true
endpointHost: s3-storage.internal
portNumber: 9000
credentials:
apiKey: "<access_key>"
secretKey: "<secret_access_key>"
bucketPath: milvus-vector-store
rootDirectory: ""
protocol: http
Messaging Layer Configuration
When bridging to an existing Apache Pulsar instance, disable the bundled broker and specify the tenant namespace. Note that Milvus requires topics without partitions to guarantee event ordering; manual topic creation may be necessary if the external cluster enforces default partition counts.
externalMessageQueue:
brokerEnabled: true
hostAddress: pulsar-gateway.prod
controlPort: 6650
maxPayloadSize: 5242880
namespaceInfo:
tenant: analytics_tenant
space: milvus_ns
authentication:
plugin: org.apache.pulsar.client.impl.auth.AuthenticationToken
tokenValue: "<generated_token>"
Metadata Service Routing
Point the metastore component to an external consensus database. Adjust retention and heartbeat interavls to stabilize probe mechanisms:
externalMetadataStore:
enabled: true
endpoints: ["etcd-vault.internal:2379"]
healthChecks:
livenessTimeout: 10
readinessPeriod: 20
tuning:
autoCompactionMode: revision
compactionRetention: "1000"
backendQuotaBytes: 4294967296
heartbeatIntervalMs: 500
electionTimeoutMs: 2500
Manifest Generation and Deployment Lifecycle
Extract the rendered Kubernetes resources from the Helm template before applying. Network latency during chart rendering can cause timeout errors; retry the command if the operation stalls.
# Render templates to a local manifest file
helm template -f cluster-values.yaml my-milvus-release milvus/milvus > cluster-manifest.yaml --debug
# Apply the generated resources to the target namespace
kubectl apply -f cluster-manifest.yaml
# Terminate the deployment cleanly
kubectl delete -f cluster-manifest.yaml
Operational Considerations
Persistent Volume Management
When utilizing external storage classes for stateful sets, ensure the provisioning driver supports ReadWriteOnce or ReadWriteMany based on component requirements. Repeated testing cycles often leave orphaned PVCs attached to nodes. Manually reclaiming these claims prevents scheduling failures during subsequent installations.
Pulsar Manager Initialization
The embedded Pulsar administration interface requires explicit CSRF token handling during superuser registration. Execute the following sequence to bootstrap administrative access:
# Retrieve the anti-forgery token
CSRF_TOKEN=$(curl -s http://pulsar-manager.internal:9527/pulsar-manager/csrf-token)
# Register the administrator account
curl -H "X-XSRF-TOKEN: $CSRF_TOKEN" \
-H "Cookie: XSRF-TOKEN=$CSRF_TOKEN;" \
-H 'Content-Type: application/json' \
-X PUT http://pulsar-manager.internal:9527/pulsar-manager/users/superuser \
-d '{"name":"admin","password":"secure_password_123","description":"Cluster Operator","email":"ops@internal.org"}'
Topic Partitioning Constraints
Legacy deployments sometimes encounter replication conflicts when connecting to third-party message brokers. If automatic topic provisioning creates partitioned channels, data consistency guarantees may break. Verify that routing prefixes such as by-dev-rootcoord-dml_* utilize zero-partition assignments. Manual initialization via shell utilities can enforce this requirement:
bin/pulsar-admin topics create-partitionless-topic persistent://analytics_tenant/milvus_ns/by-dev-rootcoord-dml_0
bin/pulsar-admin topics create-partitionless-topic persistent://analytics_tenant/milvus_ns/by-dev-rootcoord-dml_1
# Continue sequential numbering based on collection count
Coordinating infrastructure dependencies through explicit Helm overrides ensures predictable startup sequences and isolates failure domains within the vector search ecosystem.
