Install Kestra in a Kubernetes cluster using a Helm chart.
We recommend Kubernetes deployment for production workloads, as it allows you to scale specific Kestra services as needed.
We provide an official Helm Chart to make the deployment easier.
- The chart repository is available under helm.kestra.io.
- The source code of the charts can be found in the kestra-io/helm-charts repository.
All image tags provided by default can be found in the Docker installation guide.
helm repo add kestra https://helm.kestra.io/
helm install kestra kestra/kestra
By default, the chart will only deploy one Kestra standalone service with only one replica. This means that all Kestra server components will be deployed within a single pod. You can change that default behavior and deploy each service independently using the following Helm chart values:
The chart can additionally deploy the following related services:
- A Kafka cluster and Zookeeper using
- An Elasticsearch cluster using
- A MinIO standalone using
- A PostgreSQL using
The MinIO (as the internal storage backend) and PostgreSQL (as the database backend) services are enabled by default to provide a fully working setup out of the box.
All external services (Kafka, Elasticsearch, Zookeeper, MinIO, PostgreSQL) are deployed using unsecured configurations (no authentication, no TLS, etc.). When installing for a production environment, make sure to adjust their configurations to secure your deployment.
Here is how you can adjust Kestra configuration:
- Using a Kubernetes
- Using a Kubernetes
Both must be valid YAML that will be merged as the Kestra configuration file.
Here is an example showing how to enable Kafka as the queue implementation and configure its
bootstrap.servers property using a secret:
By default, we are installing Docker in Docker (DinD) on the worker in the
This can be restricted on some environment due to security limitations.
Some solutions you may try:
- On Google Kubernetes Engine (GKE), use a node pool based on
UBUNTU_CONTAINERDthat works well with docker DinD, even rootless
- Some Kubernetes clusters support only a root version of DinD; to make your Kestra deployment work, disable the rootless version using the following Helm chart values: