Configuration Store

About the Configuration Store

The configuration store is a directory, persistent volume, or database that contains the guardrail configurations. The microservice uses the store for persisting the guardrail configurations.

For file-based configuration stores, the directory structure is as follows:

/config-store
├── config-1
│   ├── rails
│   │   └── colang-file-1.co
│   ├── kb
│   │   └── markdown-file-1.md
│   ├── prompts.yml
│   └── config.yml
├── config-2
│   └── config.yml
└── config-3
    └── config.yml

Each directory contains a guardrail configuration.

Refer to Configuration Guide in the NeMo Guardrails toolkit documentation for information about the contents of the config.yml file, prompts.yml file, and so on.

Guardrails Configurations for Configuration Store

A guardrail configurations specifies information such as the models, model endpoints, and the checks to apply to input and output. The microservice can support multiple configuration. Each inference request to the microservice specifies the configuration to apply.

For file-based configuration stores, you set the CONFIG_STORE_PATH environment variable to the directory inside the container that contains the guardrail configurations. The default path is /app/services/guardrails/config-store, but /config-store is commonly used as an override.

When Deploying with Docker

When deploying with Docker, make sure the CONFIG_STORE_PATH environment variable is set to the same directory where the guardrail configurations are mapped. The following example uses /config-store for this value:

docker run \
  -v <path-to-configs-folder>:/config-store \
  -e CONFIG_STORE_PATH=/config-store \
  nvcr.io/nvidia/nemo-microservices/guardrails:25.08

When Deploying with Helm in Kubernetes

When deploying in Kubernetes, you should either use the default PostgreSQL or configure an external production-grade PostgreSQL. To learn more about PostgreSQL, refer to PostgreSQL.

Using the Default PostgreSQL

To use the default PostgreSQL, include the following in the Helm values file:

guardrails:
  postgresql:
    enabled: true

Using an External PostgreSQL

To use an external PostgreSQL, add the following to the Helm values file. For setting up a secret, refer to External Database Secrets.

guardrails:
  postgresql:
    enabled: false
  externalDatabase:
    host: <your-host-name>
    port: <your-port>
    database: guardrails_api
    user: guardrails_api
    existingSecret: <your-guardrails-db-creds-secret-name>
    existingSecretPasswordKey: <your-password-key>

Using NFS Storage

Alternatively, if you are required to avoid PostgreSQL, you can deploy with Helm and use NFS storage by setting the CONFIG_STORE_PATH environment variable to the same path as the configStore.nfs.mountPath key in the values.yaml file.

    configStore:
      nfs:
        enabled: true
        path: "/path/to/nfs/share"
        server: "nfs-server.example.com"
        mountPath: "/config-store"
        storageClass: "standard"

Make sure the configStore.nfs.path key references the root of the configuration store directory–which is the directory containing subfolders for each individual guardrail configuration.