Helm Chart - Helix Controlplane on k8s

Helm Chart - Helix Controlplane on k8s

Setup Keycloak

Helix uses keycloak for authentication. If you have one already, you can skip this step. Otherwise, to install one through Helm (chart info, repo), do this:

Some of the values:

helm upgrade --install keycloak oci://registry-1.docker.io/bitnamicharts/keycloak \
  --set auth.adminUser=admin \
  --set auth.adminPassword=oh-hallo-insecure-password \
  --set httpRelativePath="/auth/" 

By default it only has ClusterIP service, in order to expose it, you can either port-forward or create a load balancer to access it if you are on k3s or minikube:

kubectl expose pod keycloak-0 --port 8888 --target-port 8080 --name keycloak-ext --type=LoadBalancer

Alternatively, if you run on k3s:

helm upgrade --install keycloak oci://registry-1.docker.io/bitnamicharts/keycloak \
  --set auth.adminUser=admin \
  --set auth.adminPassword=oh-hallo-insecure-password \
  --set httpRelativePath="/auth/" \
  --set service.type=LoadBalancer \
  --set service.ports.http=8888

Then, open it on http://localhost:8888/auth/. Once opened, click on “Create realm” and copy the file contents from realm.json. Search for "5ca0fc03-d625-456e-bca7-8e732309165f" and change it to a random UUID. Then click on “Create”.

Then, update the frontend URL in Keycloak to your http://<public domain>/auth. This is used for redirects from within the Keycloak when registering an account or logging in:

frontend URL in keycloak

Setup Helix

Copy the values-example.yaml to values-your-env.yaml and update the values as needed. Then run the following command (just with your own file):

helm upgrade --install helix \
  ./helix-controlplane \
  -f helix-controlplane/values.yaml \
  -f helix-controlplane/values-example.yaml

Use port-forward to access the service.

Ingress

When configuring ingress, adjust both global.serverUrl to your domain name and keycloak’s frontend URL to the same domain name. This is important for the redirects to work.

Connecting runners

You can connect runners through Docker, Docker Compose, Synpse, Runpod, LambdaLabs or Kubernetes chart

Last updated on