This guide describes how to validate connectivity and functional operation of a HiddenLayer Runtime deployment after it has been successfully deployed to a Kubernetes cluster.
At this stage:
- The Kubernetes cluster is provisioned.
- The Runtime Kubernetes resources have been applied.
- Pods are running successfully.
- The service has been created, typically as an internal LoadBalancer.
The purpose of this guide is to confirm:
- The Runtime service is reachable
- The Kubernetes service routing is functioning
- The API endpoint is responding correctly
- Interaction payloads can be submitted successfully
This validation ensures the infrastructure and runtime configuration are working before integrating upstream LLMs or application traffic.
Verify the pod is running:
kubectl -n {namespace} get podsExpected output:
NAME READY STATUS RESTARTS AGE
aidr-genai-xxxxxx 1/1 Running 0 ...If the pod is not Running, investigate before continuing:
kubectl describe pod <pod-name> -n {namespace}Check the Events section for common issues:
ImagePullBackOff— registry secret or image path issueCrashLoopBackOff— container is starting and crashing; check logs withkubectl -n {namespace} logs <pod-name>Pending— insufficient cluster resources or node selector mismatch
If the Service is configured as an internal LoadBalancer, direct access may not be available from your workstation.
The recommended validation method is port forwarding.
Start port forwarding:
kubectl -n {namespace} port-forward svc/aidr-genai 8080:80You should see:
Forwarding from 127.0.0.1:8080 -> 80Leave this terminal running. This forwards:
- Local port 8080
- To Service port 80
- Which maps to container port 8000
From a separate terminal, confirm the route exists:
curl -i http://localhost:8080/detection/v1/interactionsExpected response:
HTTP/1.1 405 Method Not AllowedThis confirms the endpoint requires POST.
Send a valid interaction payload to confirm end-to-end functionality:
curl -i -X POST http://localhost:8080/detection/v1/interactions \
-H "Content-Type: application/json" \
-d '{
"metadata": {
"model": "test-model",
"requester_id": "user-1",
"provider": "openai"
},
"input": {
"messages": [
{
"role": "user",
"content": "Hello"
}
]
},
"output": {
"messages": [
{
"role": "assistant",
"content": "Hello! How can I help you?"
}
]
}
}'This is a sample interaction submitted directly to Runtime for validation purposes.
- This test does not require a live connection to an upstream LLM.
- Because both
inputandoutputare provided in the request, Runtime evaluates the interaction payload without needing to proxy a model call. - The response confirms API connectivity, schema validation, and detection processing.
Expected result:
- HTTP 200 OK
- JSON response containing detection results
If required fields are missing, you may receive:
HTTP/1.1 422 Unprocessable ContentA 422 response still confirms:
- Connectivity is functioning
- Schema validation is active
- The API is responding correctly
In addition to the API response, Runtime will emit structured logs inside the container. You can view them with:
kubectl -n {namespace} logs deploy/aidr-genaiFor details on the log output format, see Container Logging.
To validate that the application server is running:
kubectl -n {namespace} logs deploy/aidr-genaiLook for:
Application startup complete.
Uvicorn running on http://0.0.0.0:8000This confirms the API server is active inside the pod.
If you are on corporate VPN or have direct access to the cluster network:
kubectl -n {namespace} get svc aidr-genaiThen:
curl http://<INTERNAL-IP>| Symptom | Likely Cause |
|---|---|
ImagePullBackOff | Registry secret or image path issue |
InvalidImageName | Image string formatting issue |
| 422 response | Missing required JSON fields |
| Connection refused | Port-forward not running |
| 404 Not Found | Incorrect endpoint path |