Kubernetes Deployment Guide
Important Notes
- Ingress module is not included in the Helm chart
- Avoid using PersistentVolume with classStorage: local in production environments as it may cause service disruptions
- Before upgrading, verify the current Helm chart version. Major versions are not backward compatible!
GitFlic Installation via Helm
Note
- For enterprise version installation, download the gitflic-server-ee:
image from your account and push it to your container registry - Default storageClass.name=default
-
For evaluation purposes without persistent storage, add these flags to disable PVC creation (uses emptyDir instead):
--set redis.usePVC=false --set postgres.usePVC=false --set elasticsearch.usePVC=false --set gitflic.usePVC=false -
Automatic ingress controller configuration is in testing phase and disabled by default
For version changes and Helm chart capabilities, see the official repository
-
Generate SSH server certificate and RSA key pair:
ssh-keygen -t ed25519 -N "" -q -f key.pem openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048 openssl rsa -pubout -in private_key.pem -out public_key.pem -
Install GitFlic using Helm:
helm install gitflic oci://registry.gitflic.ru/helm/company/gitflic/gitflic-server-chart \ --namespace gitflic --create-namespace \ --set-file gitflic.certs.key=key.pem \ --set-file gitflic.certs.public_key=public_key.pem \ --set-file gitflic.certs.private_key=private_key.pem \ --set gitflic.baseUrl="http://localhost:8080" -
After initialization, verify web interface accessibility on port 8080 (SSH uses port 2255):
kubectl port-forward -n gitflic svc/gitflic-gitflic-service 8080:8080 2255:2255
NFS Subdir Provisioner Installation
The Helm chart includes optional NFS provisioner support for persistent storage (recommended for evaluation only).
NFS Server Setup
Important
- Ensure network configuration allows Kubernetes nodes to access your NFS server
- Verify proper directory permissions on the NFS server
- Allocate sufficient storage space for stable GitFlic operation
-
Install required packages on NFS server:
sudo apt update && sudo apt install nfs-kernel-server -
Create data directory with proper permissions:
sudo mkdir -p /mnt/gitflic_data sudo chown nobody:nogroup /mnt/gitflic_data -
Configure exports in /etc/exports:
/mnt/gitflic_data *(rw,sync,no_subtree_check,no_root_squash) -
Export directories and restart service:
sudo exportfs -a && sudo systemctl restart nfs-kernel-server -
Verify exported directories:
sudo showmount -e localhost
GitFlic Installation with NFS
-
Generate required certificates (same as standard installation)
-
Install with NFS configuration:
helm install gitflic oci://registry.gitflic.ru/helm/company/gitflic/gitflic-server-chart \ --namespace gitflic --create-namespace \ --set-file gitflic.certs.key=key.pem \ --set-file gitflic.certs.public_key=public_key.pem \ --set-file gitflic.certs.private_key=private_key.pem \ --set gitflic.baseUrl="http://localhost:8080" \ --set nfsprovisioner.install=true \ --set nfsprovisioner.nfs.server=<NFS_Server_IP> \ --set nfsprovisioner.nfs.path=<Exported_Path> \ --set storageClass.name="nfs-client-gitflic" \ --set redis.storage.storageClass.name="nfs-client-gitflic" \ --set postgres.storage.storageClass.name="nfs-client-gitflic" \ --set elasticsearch.storage.storageClass.name="nfs-client-gitflic" \ --set gitflic.storage.storageClass.name="nfs-client-gitflic" -
Verify accessibility (same as standard installation)
External Database Configuration
To use external databases, disable internal services and provide connection details:
# values.yaml
postgres:
install: false
host: external-host
port: external-port
user: external-user
password: external-password
database: external-database
elasticsearch:
install: false
uri: external-uri:external-port
user: external-user
password: external-password
Resource Limits Configuration
Configure container resource limits:
# values.yaml
elasticsearch:
containers:
resources:
requests:
cpu: "500m"
memory: "512Mi"
limits:
cpu: "1000m"
memory: "512Mi"