Pre‐requisites for setting up Devtron - devtron-labs/utilities GitHub Wiki

Welcome to Devtron! Before we proceed with setting up Devtron for your application management and CI/CD workflows, let's ensure that all the necessary pre-requisites are in place. Please follow this checklist to ensure a smooth onboarding experience.

Infrastructure Requirements

Devtron requires a functional Kubernetes cluster to operate. Here's a breakdown of the necessary infrastructure components:

Kubernetes Cluster

  • Ensure you have a properly configured Kubernetes cluster with sufficient resources (CPU, memory) to handle Devtron and your applications. Devtron recommends using Kubernetes version 1.16 or higher for optimal performance.
  • NODES: Devtron recommends having 2 node-pools/node-groups, one for Devtron workloads and another dedicated one for build (CI workloads). Keep both the Node pools in the same Zone to avoid inter-zone cost.

    • Devtron node pool: 4vCPU and 8GB recommended for Devtron without GitOps, 8vCPU and 16GB recommended for Devtron with Gitops.
    • Devtron CI node pool: 4vCPU and 8GB recommended with taints dedicated: "ci:NoSchedule" and label purpose: ci
  • STORAGE CLASS: A Storage Class defines how persistent volumes (storage for your applications) are provisioned in your cluster. You'll need a storage class configured based on your preferred storage solution (e.g., local storage, cloud storage).

Blob Storage

  • Devtron utilizes blob storage for logs and cache data. You can configure Devtron to use an S3-compatible bucket or any blob storage solution accessible from your cluster. A MINIO based S3 compatible storage solution can also be setup within the Devtron stack if no blob storage is available.
  • Please create the following blob storage buckets and ensure it's R/W access from the Devtron cluster.
  1. <org-name>-devtron-ci-logs (versioning disabled, retention policy: Delete post 365 days or after if required)
  2. <org-name>-devtron-ci-cache (versioning disabled, retention policy: Delete after 180 days)

Global Configuration Requirements

Once you have your Devtron stack set up, you'll need to configure Devtron with global configurations for functionalities like access and integrations. Here are a few things you should be ready with in order to configure Devtron Global configurations. You can also refer to the complete Global Documentation

  • Devtron Host URL:
    • The Devtron dashboard URL where Devtron can be accessed. This dashboard can be hosted on a URL such as devtron.your-organization.com.
      • Access for DNS mapping of devtron.your-organization.com to the LoadBalancer IP.
      • Please be prepared with SSL certificates/Certificate ARNs or a utility like Kcert can be installed for management of SSL certs.
  • GitOps:
    • Devtron supports GitOps workflows for managing application deployments with GIT as the single source of truth. You'll need to specify the Git credentials in order and Devtron will automate the creation of repos and ensure committing your configs to the respective repos as soon as a deployment is initiated from Devtron. If you enable Gitops while installing Devtron, an ArgoCD stack will also be installed along with Devtron. Please refer to the Devtron Gitops documentation to create a free Github Organization/Gitlab groups/Bitbucket workspace/Azure Devops Project.

    • Ensure you've created a separate (other than your code org/group/workspace/project) Github Organization/Gitlab groups/Bitbucket workspace/Azure Devops Project that has very restrictive access to people in your organization.

    • Ensure you have arranged credentials for the gitops org/group/workspace/project that you got created for gitops that has access to create repositories/write/read for Devtron.

GITOPS: We strongly recommend using a separate (other than your code org/group/workspace/project) Github Organization/Gitlab groups/Bitbucket workspace/Azure Devops Project that has very restrictive view access to the users within your organization as it will host your application manifests and a change to it may initiate a deployment in your target Kuberentes clusters.

  • Git Accounts:
    • Prepare credentials for Git accounts that will be used by Devtron to access your application code. This allows Devtron to clone code and build container images. Ensure that the credentials that you use have access to all the code repos that you wish to build for using Devtron. You can also add multiple git-accounts on Devtron. Refer Git account documentation
  • Container/ OCI Registry:
    • Prepare the container registry credentials (e.g. Amazon ECR, Azure ACR, Docker Hub, Quay, GHCR, or any other private registry) where your application container images will be stored. Devtron will push container images or Helm charts (In case of OCI compliant registries) to this registry after build. Refer Container / OCI Registry documentation
  • SSO Configurations:
    • Prepare SSO configurations and credentials. Devtron supports Single Sign-On (SSO) integrations for user authentication. Configure Devtron to use an SSO provider like Google, GitHub, LDAP, Microsoft Azure AD etc., to simplify user authentication. Refer Devtron SSO Configuration documentation

Please ensure that all the items in this checklist are completed before proceeding with the Devtron onboarding process. If you have any questions or need assistance, refer to our official documentation or reach out to our support team for help. We're here to ensure a seamless onboarding experience for you and your team!

PS: Since Devtron is a self-hosted tool, any credentials stored within Devtron are kept on the cluster where it's hosted. Therefore, it's crucial to restrict access to this cluster to a select few individuals within your organization. Additionally, ensure that access to superadmin privileges within Devtron is limited, as those with superadmin access can also potentially access the cluster where Devtron is hosted.

⚠️ **GitHub.com Fallback** ⚠️