In certain cases, you may want to override default configurations provided by Devtron. For example, for deployments or statefulsets you may want to change the memory or CPU requests or limit or add node affinity or taint tolerance. Say, for ingress, you may want to add annotations or host. Samples are available inside the manifests/updates directory.
To modify a particular object, it looks in namespace devtroncd
for the corresponding configmap as mentioned in the mapping below:
Let's take an example to understand how to override specific values. Say, you want to override annotations and host in the ingress, i.e., you want to change devtronIngress, copy the file devtron-ingress-override.yaml. This file contains a configmap to modify devtronIngress as mentioned above. Please note the structure of this configmap, data should have the key override
with a multiline string as a value.
apiVersion
, kind
, metadata.name
in the multiline string is used to match the object which needs to be modified. In this particular case it will look for apiVersion: extensions/v1beta1
, kind: Ingress
and metadata.name: devtron-ingress
and will apply changes mentioned inside update:
as per the example inside the metadata:
it will add annotations owner: app1
and inside spec.rules.http.host
it will add http://change-me
.
In case you want to change multiple objects, for eg in argocd
you want to change the config of argocd-dex-server
as well as argocd-redis
then follow the example in devtron-argocd-override.yaml.
Once we have made these changes in our local system we need to apply them to a Kubernetes cluster on which Devtron is installed currently using the below command:
Run the following command to make these changes take effect:
Our changes would have been propagated to Devtron after 20-30 minutes.
To use Devtron for production deployments, use our recommended production overrides located in manifests/updates/production. This configuration should be enough for handling up to 200 microservices.
The overall resources required for the recommended production overrides are:
The production overrides can be applied as pre-devtron installation
as well as post-devtron installation
in the respective namespace.
If you want to install a new Devtron instance for production-ready deployments, this is the best option for you.
Create the namespace and apply the overrides files as stated above:
After files are applied, you are ready to install your Devtron instance with production-ready resources.
If you have an existing Devtron instance and want to migrate it for production-ready deployments, this is the right option for you.
In the existing namespace, apply the production overrides as we do it above.
component | configmap name | purpose |
---|---|---|
Name | Value |
---|---|
argocd
argocd-override-cm
GitOps
clair
clair-override-cm
container vulnerability db
clair
clair-config-override-cm
Clair configuration
dashboard
dashboard-override-cm
UI for Devtron
gitSensor
git-sensor-override-cm
microservice for Git interaction
guard
guard-override-cm
validating webhook to block images with security violations
postgresql
postgresql-override-cm
db store of Devtron
imageScanner
image-scanner-override-cm
image scanner for vulnerability
kubewatch
kubewatch-override-cm
watches changes in ci and cd running in different clusters
lens
lens-override-cm
deployment metrics analysis
natsOperator
nats-operator-override-cm
operator for nats
natsServer
nats-server-override-cm
nats server
natsStreaming
nats-streaming-override-cm
nats streaming server
notifier
notifier-override-cm
sends notification related to CI and CD
devtron
devtron-override-cm
core engine of Devtron
devtronIngress
devtron-ingress-override-cm
ingress configuration to expose Devtron
workflow
workflow-override-cm
component to run CI workload
externalSecret
external-secret-override-cm
manage secret through external stores like vault/AWS secret store
grafana
grafana-override-cm
Grafana config for dashboard
rollout
rollout-override-cm
manages blue-green and canary deployments
minio
minio-override-cm
default store for CI logs and image cache
minioStorage
minio-storage-override-cm
db config for minio
cpu
6
memory
13GB
This page helps you to install Devtron without any integrations. Integrations can be added later using Devtron Stack Manager.
Install Helm if you haven't done that already!
Use the following command to get the dashboard URL:
You will get the result something as shown below:
The hostname aaff16e9760594a92afa0140dbfd99f7-305259315.us-east-1.elb.amazonaws.com
as mentioned above is the Loadbalancer URL where you can access the Devtron dashboard.
You can also do a CNAME entry corresponding to your domain/subdomain to point to this Loadbalancer URL to access it at a custom domain.
For admin login, use the username as admin
, and run the following command to get the admin password:
Please make sure that you do not have anything inside namespaces devtroncd, devtron-cd devtron-ci, and devtron-demo as the below steps will clean everything inside these namespaces
To use the CI/CD capabilities with Devtron, users can Install the CI/CD integration.
Devtron is installed over a Kubernetes cluster and can be installed standalone or along with CI/CD integration:
The minimum requirements for Devtron and Devtron with CI/CD integration in production and non-production environments include:
Non-production
Production (assumption based on 5 clusters)
After Devtron is installed, Devtron is accessible through service devtron-service
. If you want to access devtron through ingress, edit devtron-service and change the loadbalancer to ClusterIP. You can do this using kubectl patch
command like :
Optionally you also can access devtron through a specific host like :
Add Devtron repository
Install Devtron
This installation will use Minio for storing build logs and cache.
For those countries/users where Github is blocked, you can use Gitee as the installation source:
The install commands start Devtron-operator, which takes about 20 minutes to spin up all of the Devtron microservices one by one. You can use the following command to check the status of the installation:
The command executes with one of the following output messages, indicating the status of the installation:
To check the installer logs, run the following command:
Use the following command to get the dashboard URL:
You will get an output similar to the one shown below:
The hostname aaff16e9760594a92afa0140dbfd99f7-305259315.us-east-1.elb.amazonaws.com
as mentioned above is the Loadbalancer URL where you can access the Devtron dashboard.
If you don't see any results or receive a message that says "service doesn't exist," it means Devtron is still installing; please check back in 5 minutes.
Note: You can also do a
CNAME
entry corresponding to your domain/subdomain to point to this Loadbalancer URL to access it at a custom domain.
For admin login, use the username:admin
, and run the following command to get the admin password:
Please make sure that you do not have anything inside namespaces devtroncd, devtron-cd, devtron-ci, and devtron-demo as the below steps will clean everything inside these namespaces:
Configure Secrets
For helm
installation this section referes to secrets.env section of values.yaml
. For kubectl
based installation it refers to kind: secret
in install/devtron-operator-configs.yaml.
Configure the following properties:
Configure ConfigMaps
For helm
installation this section refers to configs section of values.yaml
. For kubectl
based installation it refers to kind: ConfigMap
in install/devtron-operator-configs.yaml.
Configure the following properties:
While installing Devtron and using the AWS-S3 bucket for storing the logs and caches, the below parameters are to be used in the ConfigMap.
NOTE: For using the S3 bucket it is important to add the S3 permission policy to the IAM role attached to the nodes of the cluster.
While installing Devtron using Azure Blob Storage for storing logs and caches, the below parameters will be used in the ConfigMap.
To convert string to base64 use the following command:
Note:
Ensure that the cluster has read and write access to the S3 buckets/Azure Blob storage container mentioned in DEFAULT_CACHE_BUCKET, DEFAULT_BUILD_LOGS_BUCKET or AZURE_BLOB_CONTAINER_CI_LOG, or AZURE_BLOB_CONTAINER_CI_CACHE.
Ensure that the cluster has read access to AWS secrets backends (SSM & secrets manager).
We can use the --set
flag to override the default values when installing with Helm. For example, to update POSTGRESQL_PASSWORD and BLOB_STORAGE_PROVIDER, use the install command as:
Host | Type | Points to |
---|---|---|
: Devtron installation with the CI/CD integration is used to perform CI/CD, security scanning, GitOps, debugging, and observability.
: The Devtron installation includes functionalities to deploy, observe, manage, and debug existing Helm applications in multiple clusters and deeply integrate with multiple tools using extensions.
Integration | CPU | Memory |
---|
Integration | CPU | Memory |
---|
Refer to the section for more information.
Create a (preferably K8s 1.16 or higher) if you haven't done that already!
Refer to the article to set up a cluster in the production environment.
After that create ingress by applying the ingress yaml file. You can use to create ingress to access devtron:
You can access devtron from any host after applying this yaml. For k8s versions <1.19, :
Install .
This installation will use AWS s3 buckets for storing build logs and cache. Refer to the AWS specific
parameters on the page.
This installation will use Azure Blob Storage for storing build logs and cache. Refer to the Azure specific
parameters on the page.
Append the command with --set installer.release="vX.X.X"
to install a particular version of Devtron. Where vx.x.x
is the .
If you are planning to use Devtron for production deployments
, please refer to our recommended overrides for .
Status | Description |
---|
Host | Type | Points to |
---|
Next,
Still facing issues, please reach out to us on .
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
NOTE: For using the storage containers it is mandatory to enable versioning on the storage account. to enable the same.
Parameter | Description | Default |
---|
The following tables contain parameters and their details for Secrets and ConfigMaps that are configured during the installation of Devtron. While installing Devtron using kubectl
the following parameters can be tweaked in file. If the installation is proceeded using helm3
, the values can be tweaked in file.
Parameter | Description | Default | Necessity |
---|
Parameter | Description | Default | Necessity |
---|
Parameter | Description |
---|
devtron.yourdomain.com
CNAME
aaff16e9760594a92afa0140dbfd99f7-305259315.us-east-1.elb.amazonaws.com
Devtron with CI/CD | 2 | 6 GB |
Devtron | 1 | 1 GB |
Devtron with CI/CD | 6 | 13 GB |
Devtron | 2 | 3 GB |
| The installer has downloaded all the manifests, and the installation is in progress. |
| The installer has successfully applied all the manifests, and the installation is complete. |
devtron.yourdomain.com | CNAME | aaff16e9760594a92afa0140dbfd99f7-305259315.us-east-1.elb.amazonaws.com |
POSTGRESQL_PASSWORD | Using this parameter the auto-generated password for Postgres can be edited as per requirement(Used by Devtron to store the app information) |
WEBHOOK_TOKEN | If you want to continue using Jenkins for CI then provide this for authentication of requests should be base64 encoded |
DEFAULT_CACHE_BUCKET | AWS bucket to store docker cache, it should be created beforehand (required) |
DEFAULT_BUILD_LOGS_BUCKET | AWS bucket to store build logs, it should be created beforehand (required) |
DEFAULT_CACHE_BUCKET_REGION | AWS region of S3 bucket to store cache (required) |
DEFAULT_CD_LOGS_BUCKET_REGION | AWS region of S3 bucket to store CD logs (required) |
AZURE_ACCOUNT_NAME | Account name for AZURE Blob Storage |
AZURE_BLOB_CONTAINER_CI_LOG | AZURE Blob storage container for storing ci-logs after running the CI pipeline |
AZURE_BLOB_CONTAINER_CI_CACHE | AZURE Blob storage container for storing ci cache after running the CI pipeline |
ACD_PASSWORD | ArgoCD Password for CD Workflow | Auto-Generated | Optional |
AZURE_ACCOUNT_KEY | Account key to access Azure objects such as BLOB_CONTAINER_CI_LOG or CI_CACHE | "" | Mandatory (If using Azure) |
GRAFANA_PASSWORD | Password for Grafana to display graphs | Auto-Generated | Optional |
POSTGRESQL_PASSWORD | Password for your Postgresql database that will be used to access the database | Auto-Generated | Optional |
AZURE_ACCOUNT_NAME | Azure account name which you will use | "" | Mandatory (If using Azure) |
AZURE_BLOB_CONTAINER_CI_LOG | Name of container created for storing CI_LOG | ci-log-container | Optional |
AZURE_BLOB_CONTAINER_CI_CACHE | Name of container created for storing CI_CACHE | ci-cache-container | Optional |
BLOB_STORAGE_PROVIDER | Cloud provider name which you will use | MINIO | Mandatory (If using any cloud other than MINIO), MINIO/AZURE/S3 |
DEFAULT_BUILD_LOGS_BUCKET | S3 Bucket name used for storing Build Logs | devtron-ci-log | Mandatory (If using AWS) |
DEFAULT_CD_LOGS_BUCKET_REGION | Region of S3 Bucket where CD Logs are being stored | us-east-1 | Mandatory (If using AWS) |
DEFAULT_CACHE_BUCKET | S3 Bucket name used for storing CACHE (Do not include s3://) | devtron-ci-cache | Mandatory (If using AWS) |
DEFAULT_CACHE_BUCKET_REGION | S3 Bucket region where Cache is being stored | us-east-1 | Mandatory (If using AWS) |
EXTERNAL_SECRET_AMAZON_REGION | Region where the cluster is setup for Devtron installation | "" | Mandatory (If using AWS) |
ENABLE_INGRESS | To enable Ingress (True/False) | False | Optional |
INGRESS_ANNOTATIONS | Annotations for ingress | "" | Optional |
PROMETHEUS_URL | Existing Prometheus URL if it is installed | "" | Optional |
CI_NODE_LABEL_SELECTOR | Label of CI worker node | "" | Optional |
CI_NODE_TAINTS_KEY | Taint key name of CI worker node | "" | Optional |
CI_NODE_TAINTS_VALUE | Value of taint key of CI node | "" | Optional |
CI_DEFAULT_ADDRESS_POOL_BASE_CIDR | CIDR ranges used to allocate subnets in each IP address pool for CI | "" | Optional |
CI_DEFAULT_ADDRESS_POOL_SIZE | The subnet size to allocate from the base pool for CI | "" | Optional |
CD_NODE_LABEL_SELECTOR | Label of CD node | kubernetes.io/os=linux | Optional |
CD_NODE_TAINTS_KEY | Taint key name of CD node | dedicated | Optional |
CD_NODE_TAINTS_VALUE | Value of taint key of CD node | ci | Optional |
CD_LIMIT_CI_CPU | CPU limit for pre and post CD Pod | 0.5 | Optional |
CD_LIMIT_CI_MEM | Memory limit for pre and post CD Pod | 3G | Optional |
CD_REQ_CI_CPU | CPU request for CI Pod | 0.5 | Optional |
CD_REQ_CI_MEM | Memory request for CI Pod | 1G | Optional |
CD_DEFAULT_ADDRESS_POOL_BASE_CIDR | CIDR ranges used to allocate subnets in each IP address pool for CD | "" | Optional |
CD_DEFAULT_ADDRESS_POOL_SIZE | The subnet size to allocate from the base pool for CD | "" | Optional |
GITOPS_REPO_PREFIX | Prefix for Gitops repository | devtron | Optional |
RECOMMEND_SECURITY_SCANNING | If True, |
FORCE_SECURITY_SCANNING | If set to True, |
HIDE_DISCORD | Hides discord chatbot from the dashboard. |
BASE_URL_SCHEME | Either of HTTP or HTTPS (required) | HTTP |
BASE_URL | URL without scheme and trailing slash, this is the domain pointing to the cluster on which the Devtron platform is being installed. For example, if you have directed domain |
|
DEX_CONFIG |
EXTERNAL_SECRET_AMAZON_REGION | AWS region for the secret manager to pick (required) |
PROMETHEUS_URL | URL of Prometheus where all cluster data is stored; if this is wrong, you will not be able to see application metrics like CPU, RAM, HTTP status code, latency, and throughput (required) |
dex config if you want to integrate login with SSO (optional) for more information check