- Kubernetes cluster
- Kubectl
- Helm v3.10+
Create namespace:
kubectl create namespace mprove
Default mprove/values.yaml values should be overrided by your custom values. Values examples:
- values-mprove-example-managed-demo.yaml
- values-mprove-example-no-demo.yaml
- values-mprove-example-gitclone-demo.yaml
Create values-mprove.yaml file to override helm chart default values:
curl 'https://raw.githubusercontent.com/mprove-io/mprove-helm-charts/master/values-mprove-example-managed-demo.yaml' > values-mprove.yaml
Replace the suggested values in the file with your own.
If you are using your own Ingress, make sure HTTP requests are routed between the Front and Backend services using the "/api" prefix. Check mprove/templates/ingress/route.yaml for example.
ingress:
enabled: false
Install istioctl:
brew install istioctl
Install Istio to the cluster:
istioctl install
Add istio-injection label:
kubectl label namespace mprove istio-injection=enabled --overwrite
Install Cert Manager to the cluster:
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager -n cert-manager --create-namespace --set installCRDs=true
Create DNS A record pointing your real-host.example.com
to your kubernetes cluster's LoadBalancer public IP.
values-mprove.yaml overrides example:
ingress:
enabled: true
host: real-host.example.com
acmeEmail: real-email@example.com
helm install -f values-mprove.yaml mprove oci://ghcr.io/mprove-io/mprove-helm-charts/mprove --version <CHART_VERSION> -n mprove
helm upgrade -f values-mprove.yaml mprove oci://ghcr.io/mprove-io/mprove-helm-charts/mprove --version <CHART_VERSION> -n mprove
helm uninstall mprove -n mprove
helm template -f values-mprove.yaml mprove oci://ghcr.io/mprove-io/mprove-helm-charts/mprove --version <CHART_VERSION> -n mprove
First Project (p1) belongs to the First Org (demo).
First User gets the role Owner for the First Org (demo).
First User gets the role Admin for the First Project (p1).
First Project is for demonstration purposes only. Many user actions in the demo/p1 project are restricted.
Each new registered Mprove user is automatically added to the demo/p1 project.
To disable First Org and First Project, you need to set the environment variables to empty values. Then delete demo/p1 via UI if they are already created.
backendCommon:
envs:
BACKEND_FIRST_ORG_ID=
BACKEND_FIRST_PROJECT_ID=
You can also disable demo data warehouses:
dwhPostgres:
enabled: false
dwhClickhouse:
enabled: false
Parameter | Description | Default |
---|---|---|
ingress: | Kubernetes Ingress (Istio + Cert Manager) | |
enabled: | Enables mprove/templates/ingress/* resources | false |
host: | Replace with real host. | real-host.example.com |
acmeEmail: | Replace with real email. For cert-manager ClusterIssuer. | real-email@example.com |
certProdSecretName: | cert-prod-secret |
|
certStagingSecretName: | cert-staging-secret |
|
routeGrafana: | ||
enabled: | Enables mprove/templates/ingress/route-grafana.yaml resource | false |
host: | grafana.example.com |
|
destination: | grafana-service-name.grafana-namespace.svc.cluster.local |
|
kubeSystemNodeSetup: | Kubernetes Node Setup | |
enabled: | Enables mprove/templates/kube-system-node-setup.yaml resource. Increases the number of inotify max_user_watches per kubernetes node. | true |
db: | Mprove Application Database | |
enabled: | Enables mprove/templates/db.yaml resource | true |
image: | mysql |
|
tag: | 8.0.29 |
|
name: | db |
|
storage: | 10Gi |
|
envsSecretName: | Secret name from which db container will get environment variables | db-envs |
createEnvsSecret: | Creates mprove/templates/secrets/secret-db-envs.yaml secret from envs values | true |
envs: | ||
MYSQL_ROOT_PASSWORD: | Replace with your value | mysqlpass |
MYSQL_DATABASE: | mprovedb |
|
MYSQL_USERNAME: | root |
|
rabbit: | Mprove Application Message Queue | |
enabled: | Enables mprove/templates/rabbit.yaml resource | true |
image: | rabbitmq |
|
tag: | 3.10.6-management |
|
name: | rabbit |
|
envsSecretName: | Secret name from which rabbit container will get environment variables | rabbit-envs |
createEnvsSecret: | Creates mprove/templates/secrets/secret-rabbit-envs.yaml secret from envs values | true |
envs: | ||
RABBITMQ_DEFAULT_USER: | rabbituser |
|
RABBITMQ_DEFAULT_PASS: | Replace with your value | rabbitpass |
RABBITMQ_ERLANG_COOKIE: | Replace with your value | rabbitcookie |
front: | Mprove Frontend Service (Nginx) | |
image: | ghcr.io/mprove-io/mprove-front |
|
name: | front |
|
replicas: | 1 |
|
disk: | Mprove Disk Service | |
image: | ghcr.io/mprove-io/mprove-disk |
|
name: | disk |
|
storage: | 2Gi |
|
envsSecretName: | Secret name from which disk containers will get environment variables | disk-envs |
createEnvsSecret: | Creates mprove/templates/secrets/secret-disk-envs.yaml secret from envs values | true |
envs: | ||
NODE_ENV: | production |
|
DISK_ENV: | PROD |
|
DISK_ORGANIZATIONS_PATH: | /root/mprove_data/organizations |
|
DISK_RABBIT_PROTOCOL: | amqp |
|
DISK_RABBIT_USER: | rabbituser |
|
DISK_RABBIT_PASS: | Replace with your value | rabbitpass |
DISK_RABBIT_HOST: | rabbit |
|
DISK_RABBIT_PORT: | 5672 |
|
DISK_LOG_IS_JSON: | Value must be 'TRUE' or 'FALSE' |
'TRUE' |
DISK_LOG_RESPONSE_ERROR: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
DISK_LOG_RESPONSE_OK: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
blockmlSingle: | Mprove BlockML Service | |
name: | blockml-single |
|
replicas: | 1 |
|
blockmlCommon: | Mprove common values for BlockML services | |
image: | ghcr.io/mprove-io/mprove-blockml |
|
envsSecretName: | Secret name from which blockml containers will get environment variables | blockml-common-envs |
createEnvsSecret: | Creates mprove/templates/secrets/secret-blockml-common-envs.yaml secret from envs values | true |
envs: | ||
NODE_ENV: | production |
|
BLOCKML_ENV: | PROD |
|
BLOCKML_RABBIT_PROTOCOL: | amqp |
|
BLOCKML_RABBIT_USER: | rabbituser |
|
BLOCKML_RABBIT_PASS: | Replace with your value | rabbitpass |
BLOCKML_RABBIT_HOST: | rabbit |
|
BLOCKML_RABBIT_PORT: | 5672 |
|
BLOCKML_LOG_IO: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
BLOCKML_LOG_FUNC: | ALL |
|
BLOCKML_COPY_LOGS_TO_MODELS: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
BLOCKML_LOGS_PATH: | /root/mprove_data/blockml-logs |
|
BLOCKML_IS_SINGLE: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
BLOCKML_IS_MAIN: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
BLOCKML_IS_WORKER: | Value must be 'TRUE' or 'FALSE' |
'FALSE ' |
BLOCKML_CONCURRENCY_LIMIT: | 0 |
|
BLOCKML_LOG_IS_JSON: | Value must be 'TRUE' or 'FALSE' |
'TRUE' |
BLOCKML_LOG_RESPONSE_ERROR: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
BLOCKML_LOG_RESPONSE_OK: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
backend: | Mprove Backend Service | |
name: | backend |
|
replicas: | 1 |
|
backendScheduler: | Mprove Backend Scheduler Service | |
name: | backend-scheduler |
|
backendCommon: | Mprove common values for Backend services | |
image: | ghcr.io/mprove-io/mprove-backend |
|
envsSecretName: | Secret name from which backend containers will get environment variables | backend-common-envs |
secretFilesSecretName: | Secret name from which backend containers will get secret files | backend-common-secret-files |
createEnvsSecret: | Creates mprove/templates/secrets/secret-backend-common-envs.yaml secret from envs values | true |
createSecretFilesSecret: | Creates mprove/templates/secrets/secret-backend-common-secret-files.yaml secret from firstProject* values | true |
firstProjectBigqueryCredentials: | Replace with your value. Required for first project bigquery connection seed if BACKEND_FIRST_PROJECT_SEED_CONNECTIONS is set to 'TRUE' . |
{} |
firstProjectRemotePrivateKey: | Replace with your value. Required if BACKEND FIRST_PROJECT_REMOTE_TYPE is set to GitClone |
'' |
firstProjectRemotePublicKey: | Replace with your value. Required if BACKEND FIRST_PROJECT_REMOTE_TYPE is set to GitClone |
'' |
envs: | ||
NODE_ENV: | production |
|
BACKEND_ENV: | PROD |
|
BACKEND_MYSQL_DATABASE: | mprovedb |
|
BACKEND_MYSQL_PASSWORD: | mysqlpass |
|
BACKEND_MYSQL_HOST: | db |
|
BACKEND_MYSQL_PORT: | 3306 |
|
BACKEND_MYSQL_USERNAME: | root |
|
BACKEND_RABBIT_PROTOCOL: | amqp |
|
BACKEND_RABBIT_USER: | rabbituser |
|
BACKEND_RABBIT_PASS: | Replace with your value | rabbitpass |
BACKEND_RABBIT_HOST: | rabbit |
|
BACKEND_RABBIT_PORT: | 5672 |
|
BACKEND_JWT_SECRET: | Replace with your value | jwtsecret |
BACKEND_SPECIAL_KEY: | ||
BACKEND_ALLOW_TEST_ROUTES: | Value must be 'TRUE' or 'FALSE' . Value 'TRUE' should be used for testing purposes only. |
'FALSE' |
BACKEND_FIRST_USER_EMAIL: | Replace with your real email | real-email@example.com |
BACKEND_FIRST_USER_PASSWORD: | Replace with your value | userpass |
BACKEND_FIRST_ORG_ID: | AWNCAHWLFQTQJYCH3ZSE |
|
BACKEND_FIRST_PROJECT_ID: | DXYE72ODCP5LWPWH2EXQ |
|
BACKEND_FIRST_PROJECT_REMOTE_TYPE: | Value must be Managed or GitClone . |
Managed |
BACKEND_FIRST_PROJECT_GIT_URL: | Replace with your value. Required if BACKEND FIRST_PROJECT_REMOTE_TYPE is set to GitClone . Git URL format is git@github.com:account-name/repo-name.git . |
|
BACKEND_FIRST_PROJECT_PRIVATE_KEY_PATH: | secrets/first-project-remote-private-key.pem |
|
BACKEND_FIRST_PROJECT_PUBLIC_KEY_PATH: | secrets/first-project-remote-public-key.pem |
|
BACKEND_FIRST_PROJECT_SEED_CONNECTIONS: | Value must be 'TRUE' or 'FALSE' |
'TRUE' |
BACKEND_FIRST_PROJECT_DWH_POSTGRES_PASSWORD: | Replace with your value | postgrespass |
BACKEND_FIRST_PROJECT_DWH_CLICKHOUSE_PASSWORD: | Replace with your value | clickhousepass |
BACKEND_FIRST_PROJECT_DWH_BIGQUERY_CREDENTIALS_PATH: | secrets/first-project-bigquery-credentials.json |
|
BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_ACCOUNT: | Replace with your value | realSnowflakeAccount |
BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_WAREHOUSE: | Replace with your value | realSnowflakeWarehouse |
BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_USERNAME: | Replace with your value | realSnowflakeUsername |
BACKEND_FIRST_PROJECT_DWH_SNOWFLAKE_PASSWORD: | Replace with your value | realSnowflakePassword |
BACKEND_ALLOW_USERS_TO_CREATE_ORGANIZATIONS: | Value must be 'TRUE' or 'FALSE' . If set to 'FALSE' , then make sure BACKEND_FIRST_USER_EMAIL and BACKEND_FIRST_USER_PASSWORD are not empty, as only the First User will be able to create new organizations. |
'FALSE' |
BACKEND_REGISTER_ONLY_INVITED_USERS: | Value must be 'TRUE' or 'FALSE' . If set to 'TRUE' , then make sure BACKEND_FIRST_USER_EMAIL and BACKEND_FIRST_USER_PASSWORD are not empty, as new users will only be able to register if they are invited to a project (by First User or other registered users). |
'TRUE' |
BACKEND_HOST_URL: | Replace with your value | https://real-host.example.com |
BACKEND_SEND_EMAIL_FROM_NAME: | Replace with your value | My Company Name |
BACKEND_SEND_EMAIL_FROM_ADDRESS: | Replace with your value | no-reply@example.com |
BACKEND_EMAIL_TRANSPORT: | Value must be SMTP or MAILGUN . Email delivery is used for transactional emails. Such as inviting new team members to the project, confirming registration or changing the password. Without a working email delivery credentials, users will not be able to confirm registration. |
SMTP |
BACKEND_MAILGUN_ACTIVE_API_KEY: | ||
BACKEND_MAILGUN_DOMAIN: | ||
BACKEND_SMTP_HOST: | Replace with your value | real-smtp.example.com |
BACKEND_SMTP_PORT: | Replace with your value | 465 |
BACKEND_SMTP_SECURE: | Value must be 'TRUE' or 'FALSE' |
'TRUE' |
BACKEND_SMTP_AUTH_USER: | Replace with your value | realSmtpUser |
BACKEND_SMTP_AUTH_PASSWORD: | Replace with your value | realSmtpPassword |
BACKEND_LOG_IS_JSON: | Value must be 'TRUE' or 'FALSE' |
'TRUE' |
BACKEND_LOG_RESPONSE_ERROR: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
BACKEND_LOG_RESPONSE_OK: | Value must be 'TRUE' or 'FALSE' |
'FALSE' |
dwhPostgres: | DWH Postgres container should only be used for First Project demonstration purposes | |
enabled: | Enables mprove/templates/dwh-postgres.yaml resource | true |
image: | ghcr.io/mprove-io/mprove-dwh-postgres |
|
name: | dwh-postgres |
|
storage: | 2Gi |
|
envsSecretName: | Secret name from which dwhPostgres container will get environment variables | dwh-postgres-envs |
createEnvsSecret: | Creates mprove/templates/secrets/secret-dwh-postgres-envs.yaml secret from envs values | true |
envs: | ||
PGDATA: | /var/lib/postgresql/data/pgdata |
|
POSTGRES_PASSWORD: | Replace with your value | postgrespass |
dwhClickhouse: | DWH ClickHouse container should only be used for First Project demonstration purposes | |
enabled: | Enables mprove/templates/dwh-clickhouse.yaml resource. | true |
image: | ghcr.io/mprove-io/mprove-dwh-clickhouse |
|
name: | dwh-clickhouse |
|
storage: | 2Gi |
|
storageLogs: | 2Gi |
|
envsSecretName: | Secret name from which dwhClickhouse container will get environment variables | dwh-clickhouse-envs |
createEnvsSecret: | Creates mprove/templates/secrets/secret-dwh-clickhouse-envs.yaml secret from envs values | true |
envs: | ||
CLICKHOUSE_DB: | c_db |
|
CLICKHOUSE_USER: | c_user |
|
CLICKHOUSE_PASSWORD: | Replace with your value | clickhousepass |