Skip to main content
This section describes optional configurations for SambaStack Hosted deployments. You can customize your installation by using custom domains with TLS certificates or connecting to an external Postgres database instead of the default in-cluster database.

Custom domain and TLS certificate configuration

To use a custom domain with TLS on your SambaStack deployment, follow these steps:

1. Obtain TLS certificates

Acquire the TLS certificate and private key for your domain from a trusted certificate authority.

2. Create Kubernetes TLS secret

Follow the official Kubernetes documentation to create a Kubernetes secret for your TLS certificate and key. Example command: 
kubectl create secret tls <name-for-tls> --cert=path/to/cert.crt --key=path/to/key.key

3. Configure DNS records

Create DNS records to map your custom domains to the SambaStack servers as follows:
DomainRecord TypeValue
api.example.comCNAMEapi.sambanova.ai
api.example.comTXT<From installer log>
ui.example.comCNAMEcloud.sambanova.ai
ui.example.comTXT<From installer log>
Contact SambaNova support to confirm your regional endpoint, if needed.

4. Update sambastack.yaml

Edit the sambastack.yaml configuration file under data → sambastack.yaml to include your domain and TLS secret information with correct indentation: 
data:
  sambastack.yaml: |
    gateway:
      ingress:
        hosts:
          - host: api.example.com
            tlsSecretName: <name-for-tls>
    cloud-ui:
      ingress:
        hosts:
        - host: ui.example.com
          tlsSecretName: <name-for-tls>

5. Apply configuration

Apply your changes: 
kubectl apply -f sambastack.yaml

6. Sanity check

Monitor the installer logs to verify TLS certificate processing and domain verification: 
kubectl -n sambastack-installer logs -l sambanova.ai/app=sambastack-installer -f
After applying these changes, your SambaStack deployment will use the specified custom domains and TLS certificates.

Using external Postgres database

By default, SambaNova provisions a Postgres instance within your cluster. To use an external Postgres database, complete the following steps:

1. Provision external database

Set up an external Postgres instance and collect these credentials:
  • DB_HOST
  • DB_DATABASE
  • DB_USER
  • DB_PASSWD

2. Create Kubernetes secret for Postgres credentials

Create a secret named pg-credentials with your database credentials: 
  cat <<EOPGSECRET | kubectl apply -f -
  apiVersion: v1
  kind: Secret
  metadata:
    name: pg-credentials
    namespace: default
  type: Opaque
  data:
    DB_HOST: <Base64 encoded DB_HOST>
    DB_DATABASE: <Base64 encoded DB_DATABASE>
    DB_USER: <Base64 encoded DB_USER>
    DB_PASSWD: <Base64 encoded DB_PASSWD>
  EOPGSECRET
Ensure all credential values are base64 encoded.

3. Sample sambastack.yaml update

Modify sambastack.yaml (data → sambastack.yaml) to reference your external Postgres secret and disable the in-cluster database: 
data:
  sambastack.yaml: |
    # Auth and Billing Configuration
    auth-and-billing:
      pgSecretName: pg-credentials # Kubernetes secret with Postgres credentials
    # Database Configuration
    cloudnative-pg:
      enabled: false # Disable in-cluster PostgreSQL

4. Apply updated configuration

Apply the changes: 
kubectl apply -f sambastack.yaml
After applying these changes, your deployment will connect to the configured external Postgres database.