After following the POC guide from the QuickStart under README.md, you can now move on to setting up PeerDB Enterprise in a production environment. This guide will help you understand the best practices and configurations to follow for a production setup.
-
After running the
./install_catalog.shand./install_peerdb.shscripts, there should be 2 files available in the root directory of the repository pertaining the two charts that were installed (peerdbandpeerdb-catalog):$ ls *.values.secret.yaml peerdb-catalog.values.secret.yaml peerdb.values.secret.yaml -
These two files can now copied over and used to override the default chart values and used directly with the
helmcommands (or indirectly viahelmfile, ArgoCD, Flux, etc.) to deploy the charts with the desired configurations. -
Each password can be configured to use an in-cluster kubernetes secret by setting the
existingSecretkey available at the same level as the password key. The secret should have the keypasswordwith the value as the password. For example:# peerdb/values.customer.yaml peerdb: catalog: existingSecret: peerdb-catalog-secret ... # peerdb-catalog/values.customer.yaml credentials: default: existingSecret: peerdb-temporal-default-creds-secret visibility: existingSecret: peerdb-temporal-visibility-creds-secret admin: existingSecret: peerdb-temporal-admin-creds-secret catalog: existingSecret: peerdb-catalog-secret
-
The charts can be further used as subchart dependencies to include more manifests to include configuration like
ExternalSecrets,NetworkPolicies,PodSecurityPolicies, etc.
The Helm Charts are available via the GitHub Pages site of this repo and can be accessed via the following:
name: <peerdb|peerdb-catalog>
repository: https://peerdb-io.github.io/peerdb-enterpriseExample production setups can be seen in the examples directory.