Install YaK on your own K8S cluster

Follow this procedure to install the YaK on your Kubernetes cluster.

1. Create your own yak namespace

We usually simply use "yak4all" as namespace, but feel free to let your creativity run wild 😄

kubectl create ns <namespace>

2. Add repository

helm repo add yak https://gitlab.com/api/v4/projects/63133284/packages/helm/stable && helm repo update

3. Create your "yak.values.yaml" file

global:
  hostname: <your_hostname>.<your_domain>
  admin_credentials:    
    password: "ABCdef1234@" #default password to be changed to your need

yak-postgres:
  postgresPassword: "" # Randomly generated if not set
  persistence:
    size: 20Gi
    storageClassName: "<your_storage_class>" # Uses default if empty

yak-graphile:
  # Archive storage stores the component types archives at import time
  persistence: &archives_storage
    size: 20Gi
    storageClassName: "<your_storage_class>" # Uses default if empty
  # If using a multi-node cluster, uncomment these 2 lines:
    #accessModes:
     # - ReadWriteMany

  # If you want to expose the rest API at https://hostname/data/graphql and have the postgraphile UI at https://yak.my-domain.local/data/graphiql
  ingress:
    enabled: true
    className: "<your_ingress_class>" # Uses default if empty
    tls:
     - secretName: yak-tls-secret
       hosts:
       - <your_hostname>.<your_domain>

yak-runner:
  image:
    pullPolicy: Always
  persistence:
  # Runner shares the archives storage with graphile
    graphile: *archives_storage
    components:
      enabled: true
      storageClassName: "<your_storage_class>" # Uses default if empty
      size: 8Gi
    sshconfig:
      enabled: true
      storageClassName: "<your_storage_class>" # Uses default if empty
      size: 1Gi

yak-ui:
  # Mandatory if you want to access the UI through ingress
  ingress:
    enabled: true
    className: "<your_ingress_class>" # Uses default if empty
    tls:
     - secretName: yak-tls-secret
       hosts:
       - <your_hostname>.<your_domain>

• Replace "<your_hostname>.<your_domain>" in the yaml file with your actual hostname

  • ex : yak.my-domain.com

• Replace "<your_storage_class>"in the yaml file with your actual storage class name

  • It will use the default storage class if left empty

  • You can list your storage classes using kubectl get sc if needed.

  • Your storage provisioner shall support Read-Write-Many mode ("RWX") when YaK is installed on a multi-node cluster

    • In this case, uncomment the lines in the yaml file above:

      accessModes:
       - ReadWriteMany

• Replace "<your_ingress_class>" in the yaml file with your actual ingress class name

  • If left empty, it will use the default ingress class if you have one configured as default

  • You can list your ingress classes using kubectl get ingressclasses if needed.

• Save the file as "yak.values.yaml"

4. Create your TLS secret

Optionally, for testing purpose, you can generate a self signed certificate with the following command.

openssl req -x509 -newkey rsa:2048 -keyout <key-filepath>.key -out <cert-filepath>.pem -days 365 -nodes

For the Ingress TLS configuration, use your certificate and create the following Kubernetes secret.

kubectl create secret tls yak-tls-secret -n <namespace> --cert=<cert-filepath>.pem --key=<key-filepath>.key

5. Install YaK

helm install yak yak/yak -f yak.values.yaml -n <namespace>

6. Check that YaK is properly deployed

localhost:~ # kubectl get pods -n <namespace>
NAME                            READY   STATUS    RESTARTS   AGE
yak-graphile-f8d947cff-tpndm    1/1     Running   0          10m
yak-postgres-797db7c857-7dj5z   1/1     Running   0          10m
yak-runner-7cffbc885c-svx6s     1/1     Running   0          10m
yak-ui-5df58bdbbf-88t64         1/1     Running   0          10m

7. Connect to the YaK with https

• https://<your_hostname>.<your_domain>

  • Default credentials :

    • User: admin

    • Password: ABCdef1234@