Deployment

Self-hosting with Helm

14min
installing the jumpwire engine is available as a helm chart, which provides a first class method of installation on kubernetes requirements helm 3 or later steps 1\) add the helm repository $ helm repo add jumpwire https //charts jumpwire io 2\) update your local helm chart repository cache $ helm repo update 3\) install jumpwire engine this is a minimal setup required to run the engine $ helm install \\ \ set token=eyj\[ ]eg \\ \ set domain=no proxy domain set \\ my jw release jumpwire/jumpwire token — root api token, should be 64 bytes long domain — domain to serve proxy at; might be an arbitrary value for minimal setup for more advanced configuration, please refer to the next sections after the chart is installed, additional instructions will be displayed please read them to learn how the engine service can be accessed tls configuration if you want to enable secure connections to the jumpwire proxy, tls must be configured you can both provide your own certificates or get them autogenerated automatic provisioning certificates can be provisioned automatically with the help of a cert manager the first step is to install it, e g $ helm repo add jetstack https //charts jetstack io && helm repo update $ helm install \\ \ namespace cert manager \\ \ create namespace \\ \ version v1 9 1 \\ \ set installcrds=true \\ cert manager jetstack/cert manager the next step is to configure the certificate issuer, according to https //cert manager io/docs/configuration/ here is an example of a self signed issuer $ cat <\<eof | kubectl apply f apiversion cert manager io/v1 kind clusterissuer metadata name my cluster issuer spec selfsigned {} eof in a production scenario, you should use issuers like cloudflare or google clouddns after that, the jumpwire chart can be installed with the following values \ set certificate create=true \\ \ set certificate issuerref name=my cluster issuer \\ manual provisioning if you already have generated certificates, you can pass them directly to the chart \ set tls cert=${cert content} \\ \ set tls key=${key content} \\ access configuration depending if you want to access the jumpwire proxy within the cluster, or access it from outside, the service needs to be configured appropriately clusterip this is the default mode, which makes the engine accessible from within the cluster only if you want to reach it temporarily from the outside, you can use the kubernetes proxy, e g $ kubectl port forward service/my jumpwire release 3306 3306 loadbalancer using loadbalancer is a simple way to expose the engine to external traffic it can be also combined with external dns \ set service type=loadbalancer \\ \ set service externaldns=true \\ ingress this is the most flexible way of exposing service, but the most complicated to set up to enable ingress and allow accessing proxy via your domain com url, use the following values \ set domain=your domain com \\ \ set ingress enabled=true \\ \ set ingress hosts\[0] host=your domain com \\ \ set ingress hosts\[0] paths\[0] path="/" \\ \ set ingress hosts\[0] paths\[0] pathtype=prefix \\ you can also configure additional tls, e g \ set ingress tls\[0] secretname=your tls secret \ set ingress tls\[0] hosts\[0]=your domain com remember to update domain dns records to point them to the ip of ingress uninstalling you can uninstall the engine with the following command $ helm uninstall my jw release if you installed cert manager, then you might uninstall it as well