diff --git a/charts/langsmith/README.md b/charts/langsmith/README.md
index e0b469bc..6dff582a 100644
--- a/charts/langsmith/README.md
+++ b/charts/langsmith/README.md
@@ -68,7 +68,7 @@ For information on how to use this chart, up-to-date release notes, and other gu
 | clickhouse.statefulSet.resources.limits.cpu | string | `"8000m"` |  |
 | clickhouse.statefulSet.resources.limits.memory | string | `"32Gi"` |  |
 | clickhouse.statefulSet.resources.requests.cpu | string | `"3500m"` |  |
-| clickhouse.statefulSet.resources.requests.memory | string | `"15Gi"` |  |
+| clickhouse.statefulSet.resources.requests.memory | string | `"12Gi"` |  |
 | clickhouse.statefulSet.securityContext | object | `{}` |  |
 | clickhouse.statefulSet.sidecars | list | `[]` |  |
 | clickhouse.statefulSet.startupProbe.failureThreshold | int | `6` |  |
@@ -308,7 +308,7 @@ For information on how to use this chart, up-to-date release notes, and other gu
 | clickhouse.statefulSet.resources.limits.cpu | string | `"8000m"` |  |
 | clickhouse.statefulSet.resources.limits.memory | string | `"32Gi"` |  |
 | clickhouse.statefulSet.resources.requests.cpu | string | `"3500m"` |  |
-| clickhouse.statefulSet.resources.requests.memory | string | `"15Gi"` |  |
+| clickhouse.statefulSet.resources.requests.memory | string | `"12Gi"` |  |
 | clickhouse.statefulSet.securityContext | object | `{}` |  |
 | clickhouse.statefulSet.sidecars | list | `[]` |  |
 | clickhouse.statefulSet.startupProbe.failureThreshold | int | `6` |  |
diff --git a/charts/langsmith/ci/readonly-config-values.yaml b/charts/langsmith/ci/readonly-config-values.yaml
new file mode 100644
index 00000000..b3c10ad9
--- /dev/null
+++ b/charts/langsmith/ci/readonly-config-values.yaml
@@ -0,0 +1,127 @@
+# Read-Only configuration. Use this if you are running in an environment where containers must run as read-only.
+config:
+  langsmithLicenseKey: "YOUR_LICENSE_KEY"
+  apiKeySalt: "YOUR_API_KEY_SALT"
+
+backend:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+frontend:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+
+platformBackend:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+playground:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    command:
+      - "yarn"
+      - "start"
+      - "--cache-folder"
+      - "/tmp/.yarn"
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+
+queue:
+  deployment:
+    replicas: 1
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+
+postgres:
+  statefulSet:
+    resources:
+      requests:
+        cpu: 200m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+      - name: postgres
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+      - name: postgres
+        mountPath: /run/postgresql
+
+redis:
+  statefulSet:
+    resources:
+      requests:
+        cpu: 200m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+clickhouse:
+  statefulSet:
+    resources:
+      requests:
+        cpu: 200m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+      - name: var
+        emptyDir: {}
+      - name: etc
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+      - name: var
+        mountPath: /var
+      - name: etc
+        mountPath: /etc/clickhouse-server/users.d
diff --git a/charts/langsmith/examples/read_only_config.yaml b/charts/langsmith/examples/read_only_config.yaml
new file mode 100644
index 00000000..f0e58799
--- /dev/null
+++ b/charts/langsmith/examples/read_only_config.yaml
@@ -0,0 +1,109 @@
+# Read-Only configuration. Use this if you are running in an environment where containers must run as read-only.
+config:
+  langsmithLicenseKey: "YOUR_LICENSE_KEY"
+  apiKeySalt: "YOUR_API_KEY_SALT"
+
+backend:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+frontend:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+
+platformBackend:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+playground:
+  deployment:
+    resources:
+      requests:
+        cpu: 100m
+        memory: 500Mi
+    command:
+      - "yarn"
+      - "start"
+      - "--cache-folder"
+      - "/tmp/.yarn"
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+
+queue:
+  deployment:
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+
+postgres:
+  statefulSet:
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+      - name: postgres
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+      - name: postgres
+        mountPath: /run/postgresql
+
+redis:
+  statefulSet:
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+
+clickhouse:
+    securityContext:
+      allowPrivilegeEscalation: false
+      readOnlyRootFilesystem: true
+    volumes:
+      - name: tmp
+        emptyDir: {}
+      - name: var
+        emptyDir: {}
+      - name: etc
+        emptyDir: {}
+    volumeMounts:
+      - name: tmp
+        mountPath: /tmp
+      - name: var
+        mountPath: /var
+      - name: etc
+        mountPath: /etc/clickhouse-server/users.d
diff --git a/charts/langsmith/values.yaml b/charts/langsmith/values.yaml
index 791601ab..20194089 100644
--- a/charts/langsmith/values.yaml
+++ b/charts/langsmith/values.yaml
@@ -300,7 +300,7 @@ clickhouse:
         memory: 32Gi
       requests:
         cpu: 3500m
-        memory: 15Gi
+        memory: 12Gi
     command:
       - "/bin/bash"
       - "-c"