Lightrun Helm Chart¶
The lightrun Helm chart provides a reliable and efficient way to deploy and manage Lightrun on Kubernetes. It includes all the essential components for a smooth setup and can scale seamlessly to support large deployments.
Architecture Overview¶
Diagram¶
Components¶
| Component | Description |
|---|---|
| Router | Directs traffic into the cluster. |
| Frontend | Serves the user interface. |
| Backend | Acts as the control plane for Lightrun. |
| Keycloak | Manages authentication. |
| Redis | Handles caching and pub/sub channels (can be local or external). |
| MySQL | Stores application data (can be local or external). |
| RabbitMQ | [Optional] Manages the event message queue, primarily for sending telemetry to Lightrun (local or external). |
| Datastreamer | [Optional] Sends audit logs to various SIEM systems. |
Getting Started¶
Quick Start Installation¶
If you just want to get Lightrun up and running with default settings, start with our Quick Start Guide. This guide covers all the essential steps for a basic installation.
For a production-ready deployment, refer to the Step-by-Step Planning for Production section to ensure security, scalability, and best practices.
Step-by-Step Planning for Production¶
To ensure a smooth and secure production deployment of Lightrun, follow these key planning steps:
1. Capacity Planning¶
- Assess expected resource usage (CPU, memory, storage) and plan for scalability. For more information, see Capacity Planning.
2. Compatibility¶
- Review the Compatibility matrix for the supported tools. For more information, see Compatibility.
3. Secrets¶
- Decide whether to use Helm-managed secrets or an external secrets manager. For more information, see Secrets Management.
4. System Configuration¶
- Obtain the system configuration file and signature from Lightrun. More info on System Configuration
5. Lightrun Certificate¶
- Plan how Lightrun certificate will be issued and managed for secure communications. For more information, see Certificate.
6 Database¶
[!TIP] Use external managed database
- Choose a local or an external database. For more information, see Database Setup.
7. Router¶
- Decide how external traffic will reach the Lightrun router (Ingress, Service, OpenShift Route). For more information, see Router.
8. Container Images Registry¶
- Choose where to store and manage container images (e.g., private registry, Docker Hub, Azure Container Registry, AWS ECR). For more information, see Container Image Registry.
9. Redis¶
[!TIP] Use external managed redis - Determine if Redis will be local or external. For more information, see Redis Setup.
10. [Optional] RabbitMQ¶
- Determine if RabbitMQ is needed for sending telemetry to Lightrun. For more information, see RabbitMQ.
11. [Optional] Network Policy¶
- Establish network policies to restrict access between services and prevent unauthorized communication. For more information, see Network Policy.
12. [Optional} Internal TLS Communication¶
- Decide whether internal TLS is necessary for secure component communication. For more information, see Internal TLS.
13. Choose Your Deployment Option¶
Decide where to run your Kubernetes cluster based on your infrastructure needs. Consider whether you’ll deploy all services locally (including RabbitMQ, Redis, and MySQL) or use managed cloud services.
Supported Kubernetes Platforms¶
Select your preferred cloud provider for deployment:
14. Set up Monitoring and Alerting system¶
Review the Monitoring and Alerting guide.
Known Issues and Limitations¶
Release Notes¶
- Check the versions mapping documentation for version compatibility.
- Check the release strategy for the meaning of major, minor, and patch versions.
- See the changelog for a detailed history of changes and improvements in each release.