Deploy langgenius/dify, an LLM-based chatbot app on Kubernetes with Helm chart.
helm repo add dify https://borispolonsky.github.io/dify-helm
helm repo update
helm install my-release dify/difyFor customized installation, please refer to the README.md file.
The following diagram illustrates the complete network architecture and service topology of the Dify Helm deployment:
graph TB
%% External Traffic Entry Points
Internet[๐ Internet] --> Ingress[๐ช Ingress Controller]
Internet --> LB[โ๏ธ LoadBalancer Service]
%% Main Traffic Flow
Ingress --> ProxyService[๐ Proxy Service<br/>Port: 80]
LB --> ProxyService
%% Proxy Pod and Routing
ProxyService --> ProxyPod[๐ฆ Proxy Pod<br/>nginx:latest<br/>Port: 80]
%% Backend Services Routing
ProxyPod -->|API Endpoints| APIService[๐ง API Service<br/>Port: 5001]
ProxyPod -->|Web Pages| WebService[๐ Web Service<br/>Port: 3000]
ProxyPod -->|Plugin Routes| PluginService[๐ Plugin Daemon Service<br/>Port: 5002]
ProxyPod -->|Marketplace| MarketplaceAPI[๐ Marketplace API<br/>External]
%% Backend Pods
APIService --> APIPod[๐ฆ API Pod<br/>langgenius/dify-api:1.9.1<br/>Port: 5001]
WebService --> WebPod[๐ฆ Web Pod<br/>langgenius/dify-web:1.9.1<br/>Port: 3000]
PluginService --> PluginPod[๐ฆ Plugin Daemon Pod<br/>langgenius/dify-plugin-daemon:0.3.0-local<br/>Ports: 5002, 5003]
%% Worker Pod (Background Processing)
WorkerPod[๐ฆ Worker Pod<br/>langgenius/dify-api:1.9.1]
%% Beat Pod (Periodic task scheduler)
BeatPod[๐ฆ Beat Pod<br/>langgenius/dify-api:1.9.1]
%% Sandbox Service
SandboxService[๐๏ธ Sandbox Service<br/>Port: 8194] --> SandboxPod[๐ฆ Sandbox Pod<br/>langgenius/dify-sandbox:0.2.12<br/>Port: 8194]
%% SSRF Proxy Service
SSRFService[๐ก๏ธ SSRF Proxy Service<br/>Port: 3128] --> SSRFPod[๐ฆ SSRF Proxy Pod<br/>ubuntu/squid:latest<br/>Port: 3128]
%% Internal Communications
APIPod -.->|Code Execution| SandboxService
APIPod -.->|SSRF Protection| SSRFService
APIPod -.->|Plugin Management| PluginService
WorkerPod -.->|Background Tasks| APIPod
%% Data Layer - Databases
subgraph DataLayer [๐๏ธ Data Layer]
PostgresService[๐ PostgreSQL Service<br/>Port: 5432]
RedisService[๐ด Redis Service<br/>Port: 6379]
VectorDBService[๐งฎ Vector DB Service]
end
%% Database Connections
APIPod -.->|Database Operations| PostgresService
WorkerPod -.->|Database Operations| PostgresService
PluginPod -.->|Database Operations| PostgresService
APIPod -.->|Cache & Sessions| RedisService
WorkerPod -.->|Task Processing| RedisService
BeatPod -.->|Task Scheduling| RedisService
APIPod -.->|Vector Storage| VectorDBService
WorkerPod -.->|Vector Operations| VectorDBService
%% Storage Layer
subgraph StorageLayer [๐พ Storage Layer]
StorageType{Storage Type}
LocalPVC[๐ Local PVC]
S3Storage[โ๏ธ AWS S3]
AzureStorage[โ๏ธ Azure Blob]
GCSStorage[โ๏ธ Google Cloud Storage]
end
%% Storage Connections
APIPod -.->|File Storage| StorageType
WorkerPod -.->|File Storage| StorageType
PluginPod -.->|Plugin Storage| StorageType
StorageType --> LocalPVC
StorageType --> S3Storage
StorageType --> AzureStorage
StorageType --> GCSStorage
%% Vector Database Options
subgraph VectorOptions [๐งฎ Vector Database Options]
WeaviateDB[๐ Weaviate<br/>Port: 8080]
QdrantDB[โก Qdrant<br/>Port: 6333]
MilvusDB[๐ Milvus<br/>Port: 19530]
PGVectorDB[๐ PGVector<br/>Port: 5432]
end
VectorDBService -.-> WeaviateDB
VectorDBService -.-> QdrantDB
VectorDBService -.-> MilvusDB
VectorDBService -.-> PGVectorDB
%% External Dependencies
subgraph ExternalServices [๐ External Services]
ExternalDB[(๐ง External PostgreSQL)]
ExternalRedis[(๐ด External Redis)]
ExternalVector[(๐งฎ External Vector DB)]
ExternalStorage[(๐พ External Object Storage)]
end
%% External Service Connections (Alternative)
APIPod -.->|Alternative| ExternalDB
APIPod -.->|Alternative| ExternalRedis
APIPod -.->|Alternative| ExternalVector
APIPod -.->|Alternative| ExternalStorage
%% Styling
classDef podClass fill:#e1f5fe,stroke:#0277bd,stroke-width:2px
classDef serviceClass fill:#f3e5f5,stroke:#7b1fa2,stroke-width:2px
classDef storageClass fill:#e8f5e8,stroke:#2e7d32,stroke-width:2px
classDef externalClass fill:#fff3e0,stroke:#ef6c00,stroke-width:2px
class APIPod,WebPod,WorkerPod,BeatPod,SandboxPod,SSRFPod,PluginPod podClass
class APIService,WebService,SandboxService,SSRFService,PluginService,ProxyService serviceClass
class PostgresService,RedisService,VectorDBService,WeaviateDB,QdrantDB,MilvusDB,PGVectorDB storageClass
class ExternalDB,ExternalRedis,ExternalVector,ExternalStorage,S3Storage,AzureStorage,GCSStorage externalClass
The Nginx proxy handles traffic routing with the following rules:
/console/api โ API Service (5001)
/api โ API Service (5001)
/v1 โ API Service (5001)
/files โ API Service (5001)
/mcp โ API Service (5001)
/e/ โ Plugin Daemon (5002)
/explore โ Web Service (3000)
/marketplace โ External Marketplace API
/ โ Web Service (3000) [Default Route]| Component | Image | Port | Role |
|---|---|---|---|
| API | langgenius/dify-api:1.9.1 |
5001 | RESTful API server, business logic processing |
| Web | langgenius/dify-web:1.9.1 |
3000 | Web UI frontend |
| Worker | langgenius/dify-api:1.9.1 |
- | Background task processing (Celery) |
| Beat | langgenius/dify-api:1.9.1 |
- | Periodic task scheduler (Celery Beat) |
| Sandbox | langgenius/dify-sandbox:0.2.12 |
8194 | Secure code execution environment |
| Plugin Daemon | langgenius/dify-plugin-daemon:0.3.0-local |
5002, 5003 | Plugin management and execution |
| SSRF Proxy | ubuntu/squid:latest |
3128 | External request security proxy |
| Nginx Proxy | nginx:latest |
80 | Reverse proxy, load balancing |
- Redis (Standalone and Sentinel)
- PostgreSQL
- Object Storage:
- Amazon S3
- Microsoft Azure Blob Storage
- Alibaba Cloud OSS
- Google Cloud Storage
- Tencent Cloud COS
- Huawei Cloud OBS
- Volcengine TOS
- External Vector DB:
- Weaviate
- Qdrant
- Milvus
- PGVector
- Tencent Vector DB
- MyScaleDB
- TableStore
- Elasticsearch
