Articles in this section

Install Deepfactor portal using Helm Follow

Avatar
DeepFactor Support
  • Updated

This document outlines how to install the Deepfactor portal in your Kubernetes cluster using a Helm chart. This installation process is intended for scenarios where customization needs to be performed during the installation.

For a simpler installation process that uses default choices for most options, visit Deploying Deepfactor Portal in your Kubernetes Cluster.

 

Requirements

To deploy the Deepfactor portal on Kubernetes, the following are required.

  1. kubectl is compatible with your cluster.

  2. Helm v3

  3. A Kubernetes cluster, 1.19 through 1.21. 8vCPU and 32GB of RAM are recommended.

  4. A valid Deepfactor Portal key. You can obtain the key by registering on Deepfactor's website.

  5. TLS Certificates in PEM format.

Installation

1. Generate TLS certificate

Deepfactor needs a TLS certificate to encrypt traffic between the portal and your applications running with Deepfactor enabled. There are different ways of providing this certificate depending upon how your organization generates and maintains certificates. A few ways are described in articles below:
 

 

Note: The following steps assume that you have already create the deepfactor namespace as part of this step. If not already done, please execute the following command to create it

kubectl create ns deepfactor

2. Add the Deepfactor Helm chart repo

helm repo add deepfactor https://static.deepfactor.io/helm-charts
helm repo update

 

3. Create an override.yaml file with your config

Note: If you are using cert-manager replace app.deepfactor.io with the name of the secret created by the cert-manager issued certificate

dfstartup:
  config:
    firstName: Alice
    lastName: Smith
    emailID: alice@example.io
    ttlDays: 30
ingress:
  hostName: app.deepfactor.io
  secretName: app.deepfactor.io

 

4. Install the portal

helm install df-stable deepfactor/deepfactor -n deepfactor \
  -f override.yaml \
  --set dfstartup.config.password=YOUR_PORTAL_PASSWORD \
  --set dfstartup.config.portalToken= \
   "YOUR_DEEPFACTOR_LICENSE_KEY_FROM_MY.DEEPFACTOR.IO"

 

Advanced Configuration

The Deepfactor Helm charts support additional configurable values that can be specified in the override.yaml file.

Parameter

Description

Default

Required

dfstartup.config.firstName

First name of the admin login for the portal

 

Yes

dfstartup.config.lastName

Last name of the admin login for the portal

 

Yes

dfstartup.config.emailID

Email id of the first/admin login for the portal

 

Yes

dfstartup.config.ttlDays

The number of days to retain the telemetry

 

Yes

dfstartup.config.password

The password of the first/admin login for the portal

 

Yes

dfstartup.config.portalToken

The Deepfactor portal license key that can be obtained from https://my.deepfactor.io

 

Yes

appSettings.numberOfConcurrentWebScansAllowed

The number of concurrent webscans allowed on this portal

1

No

deepfactorImageRegistry

The registry to fetch the deepfactor service images from

public.ecr.aws/deepfactor/

 

No

imagePullSecrets

The secret that contains the image pull dockerconfig to pull from private registries

- name: "regcred"

No

ingress-nginx.enablemodule

The Deepfactor portal by default creates an ingress-nginx controller. You would have to disable this if you choose to use an existing ingress

true

No

ingress-nginx.tcp.13443

 

 

No

nginx.service.proxyPort

The port number to use for the webscan proxy

13443

No

webappsvc.zapPod.memReq

The memory request for the webscan pod

8Gi

No

webappsvc.zapPod.memLimit

The memory limit for the webscan pod

16Gi

No

postgres.password

The password for the postgres database used by the portal

Auto-generated random password

No

postgres.storage.requests

The storage size that is requested for the postgres database

100Gi

No

clickhouse.password

The password for the clickhouse database used by the portal

Auto-generated random password

No

clickhouse.storage.requests

The storage size that is requested for the clickhouse database

300Gi

No

 

Customizations

We understand that different enterprises have different policies for Kubernetes clusters and hence we provide a rich set of customizations for our Deepfactor K8s portal installation. You can specify an override.yaml file while deploying our helm charts in your cluster. Some common customization scenarios are captured in the following article

Customizing your Deepfactor Portal Deployment in K8s

Related articles

Comments

0 comments

Please sign in to leave a comment.