Install OpenEverest using Helm¶
This section explains how to install OpenEverest using Helm as an alternative to everestctl. Helm charts simplify the deployment process by packaging all necessary resources and configurations, making them ideal for automating and managing installations in Kubernetes environments.
OpenEverest Helm charts can be found in percona/percona-helm-charts repository in Github.
Important
If you installed OpenEverest using Helm, make sure to uninstall it exclusively through Helm for a seamless removal.
Install OpenEverest and deploy database namespaces¶
Here are the steps to install OpenEverest and deploy additional database namespaces:
-
Add the OpenEverest Helm repository:
helm repo add percona https://percona.github.io/percona-helm-charts/ helm repo update -
Install OpenEverest:
helm install everest-core percona/everest \ --namespace everest-system \ --create-namespaceWhat’s happening under the hood
The command does the following:
-
Deploys the OpenEverest components in the
everest-systemnamespace. Currently, specifying a different namespace for OpenEverest is not supported. -
Deploys a new namespace called
everestfor your databases and the database operators.You can override the name of the database namespace by using the
dbNamespace.namespaceOverrideparameter. If you prefer to deploy just the core components, setdbNamespace.enabled=false
Optional installation flags
Flags Description Helm flag PMM deployment Deploy Percona Monitoring and Management (PMM) as a sub-chart. PMM will be automatically deployed within the everest-systemnamespace.--set pmm.enabled=trueTLS enabled Enable TLS encryption for secure communication between OpenEverest components. --set server.tls.enabled=trueExamples
Install with PMM enabled
helm install everest-core percona/everest --namespace=everest-system --create-namespace --set pmm.enabled=trueInstall OpenEverest with TLS enabled:
helm install everest-core percona/everest \ --namespace everest-system \ --create-namespace --set server.tls.enabled=trueFor comprehensive instructions on enabling TLS for OpenEverest, see the section TLS setup with OpenEverest.
-
-
Once the installation is complete, retrieve the
adminpassword.kubectl get secret everest-accounts -n everest-system -o jsonpath='{.data.users\.yaml}' | base64 --decode | yq '.admin.passwordHash'-
The default username for logging into the OpenEverest UI is
admin. You can set a different default admin password by using theserver.initialAdminPasswordparameter during installation. -
The default
adminpassword is stored in plain text. It is highly recommended to update the password usingeverestctlto ensure that the passwords are hashed. Instructions for installingeverestctlcan be found at everestctl installation guide.To access detailed information on user management, see the manage users in OpenEverest section.
-
-
Access the OpenEverest UI/API using one of the following options for exposing it, as OpenEverest is not exposed with an external IP by default:
Use the following commands to change the Everest service type to
LoadBalancer:-
Run the following command:
helm upgrade everest-core percona/everest \ --namespace everest-system \ --reuse-values \ --set server.service.type=LoadBalancer -
Retrieve the external IP address for the
everestservice. This is the address where you can then launch OpenEverest at the end of the installation procedure. In this example, the external IP address used ishttp://34.175.201.246.kubectl get svc/everest -n everest-systemExpected output
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE everest LoadBalancer 10.43.172.194 34.175.201.246 8080:8080/TCP 10sWhen TLS is enabled
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE everest LoadBalancer 10.43.172.194 34.175.201.246 443:8080/TCP 10s
A NodePort is a service that makes a specific port accessible on all nodes within the cluster. It enables external traffic to reach services running within the Kubernetes cluster by assigning a static port to each node’s IP address.
-
Run the following command to change the Everest service type to
NodePort:The following output displays the port assigned by Kubernetes to the everest service, which ishelm upgrade everest-core percona/everest \ --namespace everest-system \ --reuse-values \ --set server.service.type=NodePort32349in this case.kubectl get svc/everest -n everest-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE everest NodePort 10.43.139.191 <none> 8080:32349/TCP 28mWhen TLS is enabled
kubectl get svc/everest -n everest-system NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE everest NodePort 10.43.139.191 <none> 443:32349/TCP 28m -
Retrieve the external IP addresses for the kubernetes cluster nodes.
Expected output
kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IPEXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME gke-everest-test-default-pool-8bbed860-65gx Ready <none> 3m35s v1.30.3-gke.1969001 10.204.15.199 34.175.155.135 Container- Optimized OS from Google 6.1.100+ containerd://1.7.19 gke-everest-test-default-pool-8bbed860-pqzb Ready <none> 3m35s v1.30.3-gke.1969001 10.204.15.200 34.175.120.50 Container- Optimized OS from Google 6.1.100+ containerd://1.7.19 gke-everest-test-default-pool-8bbed860-s0hg Ready <none> 3m35s v1.30.3-gke.1969001 10.204.15.201 34.175.201.246 Container- Optimized OS from Google 6.1.100+ containerd://1.7.19 -
To launch the OpenEverest UI and create your first database cluster, go to the IP address/port found in step 1 and 3 (if TLS is enabled). In this example, the external IP address used is
http://34.175.155.135:32349. Nevertheless, you have the option to use any node IP specified in the above steps.
Run the following command to setup a port-forward to the OpenEverest server service:
kubectl port-forward svc/everest 8080:8080 -n everest-systemTo launch the OpenEverest UI and create your first database cluster, go to your localhost IP address
http://127.0.0.1:8080.When TLS is enabled
kubectl port-forward svc/everest 8443:443 -n everest-systemOpenEverest will be available at
https://127.0.0.1:8443. -
-
Deploy additional database namespaces:
Once OpenEverest is successfully running, you can create additional database namespaces using the
everest-db-namespaceHelm chart.If you set
dbNamespaces.enabled=falsein step 2, you can deploy a database namespace with the following command:helm install everest \ percona/everest-db-namespace \ --create-namespace \ --namespace <DB namespace>Note
- All database operators are installed in your database namespace by default. You can override this by specifying one or more of the following options:
[dbNamespace.pxc=false, dbNamespace.pg=false, dbNamespace.psmdb=false]. - Installation without chart hooks (i.e, the use of
--no-hooks) is currently not supported.
- All database operators are installed in your database namespace by default. You can override this by specifying one or more of the following options:
Configure parameters¶
You can customize various parameters in the OpenEverest Helm charts for your deployment to meet your specific needs. Refer to the Helm documentation to discover how to configure these parameters.
A few parameters are listed in the following table. For a detailed list of the parameters, see the README.
percona/everest chart
| Key | Type | Default | Description |
|---|---|---|---|
server.initialAdminPassword |
string | ”“ | Initial password configured for admin user. If it is not set, a random password is generated. It is recommended to reset the admin password after installation. |
server.oidc |
object | {} | OIDC configuration for Everest. These settings are applied only during installation. To modify the settings after installation, you have to manually update the everest-settings ConfigMap. |
percona/everest-db-namespace subchart
| Key | Type | Default | Description |
|---|---|---|---|
pxc |
bool | true | Installs the Percona XtraDB Cluster operator if set. |
| everest-db-namespace | postgresql |
bool | true |
psmdb |
bool | true | Installs the Percona Server MongoDB operator if set. |