From b960cc214f34d1aa12ee8c8a8833a0f525fbe858 Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Fri, 12 Jun 2026 19:43:34 +0600 Subject: [PATCH 01/12] docs(setup): add ArgoCD, FluxCD, and OpenShift install guides - Add ArgoCD tab with Application manifests for ace-user-roles, license-proxyserver, kubedb, kubestash (backup), and the monitoring stack (kube-prometheus-stack, panopticon, monitoring-operator). - Add FluxCD tab with HelmRepository + HelmRelease against the ghcr.io/appscode-charts OCI registry, wiring the license via a Secret. - Add Install on OpenShift section covering the standard chart with global.distro overrides, the Red Hat certified Helm chart (kubedb-certified + kubedb-certified-crds), and the OpenShift OperatorHub bundle with the installer.kubedb.com/v1 Kubedb CR. - Add Enable Database Engines section documenting the full global.featureGates map and how to apply it via Helm values or --set. Signed-off-by: Tamal Saha --- docs/setup/install/kubedb.md | 736 +++++++++++++++++++++++++++++++++++ 1 file changed, 736 insertions(+) diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md index a87d6e252a..834cc8ac09 100644 --- a/docs/setup/install/kubedb.md +++ b/docs/setup/install/kubedb.md @@ -29,6 +29,12 @@ Download a FREE license from [AppsCode License Server](https://appscode.com/issu
  • YAML
    • +
  • + ArgoCD +
    • +
  • + FluxCD +
    • @@ -88,6 +94,736 @@ $ helm template kubedb oci://ghcr.io/appscode-charts/kubedb \ To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). +
    +
    + +## Using ArgoCD + +KubeDB can be deployed via [ArgoCD](https://argo-cd.readthedocs.io/) using the [Helm chart support](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/) for `Application` resources. Deploy the following `Application` manifests in order to your ArgoCD cluster. + +### 1. Install `ace-user-roles` + +The `ace-user-roles` chart provisions the cluster roles required by KubeDB and related operators. Create the following ArgoCD `Application`: + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: ace-user-roles + namespace: argocd +spec: + destination: + namespace: kubeops + server: https://kubernetes.default.svc + project: default + source: + chart: ace-user-roles + helm: + values: | + enableClusterRoles: + ace: false + appcatalog: true + catalog: false + cert-manager: false + kubedb: true + kubedb-ui: false + kubestash: true # enable if used + kubevault: true # enable if used + license-proxyserver: true + metrics: true + prometheus: false + secrets-store: false + stash: true # enable if used + virtual-secrets: false + annotations: + "helm.sh/hook": null + "helm.sh/hook-delete-policy": null + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.2.16 + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true +``` + +### 2. Install `license-proxyserver` + +The `license-proxyserver` chart distributes license tokens to KubeDB and other AppsCode operators inside the cluster. Before applying the manifest below, generate an online license-proxyserver token from `https://appscode.com/billing/{org}/license-proxy-server` and replace the placeholder `token` value with it. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: license-proxyserver + namespace: argocd +spec: + project: default + source: + chart: license-proxyserver + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.2.16 + helm: + values: | + platform: + baseURL: https://appscode.com + token: '****************************************' + destination: + server: "https://kubernetes.default.svc" + namespace: kubeops + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: license-proxyserver-apiserver-cert + namespace: kubeops + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.proxyserver.licenses.appscode.com + jsonPointers: + - /spec/caBundle + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: servicemonitors.monitoring.coreos.com + jsonPointers: + - /metadata/annotations + - /spec +``` + +### 3. Install KubeDB + +Finally, deploy the KubeDB operators themselves. The `ace-user-roles` sub-chart is disabled here because it was already installed in the first step. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kubedb + namespace: argocd +spec: + project: default + source: + chart: kubedb + repoURL: ghcr.io/appscode-charts + targetRevision: {{< param "info.version" >}} + helm: + values: | + ace-user-roles: + enabled: false + destination: + server: "https://kubernetes.default.svc" + namespace: kubedb + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kubedb-kubedb-webhook-server-cert + namespace: kubedb + - jsonPointers: + - /data + kind: Secret + name: kubedb-petset-cert + namespace: kubedb + - jsonPointers: + - /data + kind: Secret + name: kubedb-sidekick-cert + namespace: kubedb + + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.petset.appscode.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.autoscaling.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.elasticsearch.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.schema.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.autoscaling.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.elasticsearch.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.ops.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.petset.appscode.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.schema.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + - group: apps + kind: StatefulSet + name: kubedb-kubedb-autoscaler + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: StatefulSet + name: kubedb-kubedb-ops-manager + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: StatefulSet + name: kubedb-kubedb-provisioner + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-kubedb-webhook-server + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-petset + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-sidekick + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload +``` + +### 4. (Optional) Install KubeStash for Backup + +To enable backup and restore for KubeDB-managed databases, deploy the `kubestash` chart via ArgoCD: + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kubestash + namespace: argocd +spec: + project: default + source: + chart: kubestash + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.2.26 + helm: + values: | + ace-user-roles: + enabled: false + destination: + server: "https://kubernetes.default.svc" + namespace: kubestash + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kubestash-kubestash-operator-cert + namespace: kubestash + - group: apps + kind: Deployment + name: kubestash-kubestash-operator-operator + namespace: kubestash + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubestash-kubestash-operator-webhook-server + namespace: kubestash + jsonPointers: + - /spec/template/metadata/annotations/reload + + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: kubestash-kubestash-operator + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: kubestash-kubestash-operator + jqPathExpressions: + - .webhooks[].clientConfig.caBundle +``` + +### 5. (Optional) Install Monitoring Stack + +To enable monitoring for KubeDB-managed databases, deploy the following three components in order. + +#### 5a. Install `kube-prometheus-stack` + +Deploy the upstream [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) chart from the `prometheus-community` repository. The `panopticon` and `monitoring-operator` charts below expect its `ServiceMonitor` selector label `release: kube-prometheus-stack`. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kube-prometheus-stack + namespace: argocd +spec: + project: default + source: + chart: kube-prometheus-stack + repoURL: https://prometheus-community.github.io/helm-charts + targetRevision: 65.1.1 + helm: + values: | + prometheus: + prometheusSpec: + serviceMonitorSelectorNilUsesHelmValues: false + serviceMonitorSelector: + matchLabels: + release: kube-prometheus-stack + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + - ServerSideApply=true +``` + +#### 5b. Install `panopticon` + +`panopticon` exposes KubeDB-specific Prometheus metrics for databases managed by KubeDB. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: panopticon + namespace: argocd +spec: + project: default + source: + chart: panopticon + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.1.15 + helm: + values: | + ace-user-roles: + enabled: false + monitoring: + agent: prometheus.io/operator + enabled: true + serviceMonitor: + labels: + release: kube-prometheus-stack + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: panopticon-apiserver-cert + namespace: monitoring + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.validators.metrics.appscode.com + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: panopticon + namespace: monitoring + jsonPointers: + - /spec/template/metadata/annotations/checksum~1apiregistration.yaml + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + name: servicemonitors.monitoring.coreos.com + jsonPointers: + - /metadata/annotations + - /spec +``` + +#### 5c. Install `monitoring-operator` + +`monitoring-operator` provisions Grafana dashboards and the OpenViz UI integration for KubeDB databases. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: monitoring-operator + namespace: argocd +spec: + project: default + source: + chart: monitoring-operator + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.1.15 + helm: + values: | + monitoring: + agent: "prometheus.io/operator" + serviceMonitor: + labels: + release: kube-prometheus-stack + destination: + server: "https://kubernetes.default.svc" + namespace: monitoring + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: monitoring-operator-apiserver-cert + namespace: monitoring + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.ui.openviz.dev + jsonPointers: + - /spec/caBundle + - group: apps + kind: Deployment + name: monitoring-operator + namespace: monitoring + jsonPointers: + - /spec/template/metadata/annotations/checksum~1apiregistration.yaml +``` + +To see the detailed configuration options for each chart, visit the [AppsCode Charts repository](https://github.com/appscode/charts). + +
    +
    + +## Using FluxCD + +KubeDB can be deployed via [FluxCD](https://fluxcd.io/) using its [Helm Controller](https://fluxcd.io/flux/components/helm/) against the OCI Helm registry at `ghcr.io/appscode-charts`. Apply the manifests below in order. + +### 1. Configure the OCI Helm repository + +```yaml +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: appscode-charts + namespace: flux-system +spec: + type: oci + interval: 12h + url: oci://ghcr.io/appscode-charts +``` + +### 2. Create a Secret with the license + +Generate a license from the [AppsCode License Server](https://appscode.com/issue-license?p=kubedb) and store it in a Secret so `HelmRelease` can reference it via `valuesFrom`. + +```bash +$ kubectl create namespace kubedb +$ kubectl create secret generic kubedb-license \ + --from-file=license=/path/to/the/license.txt \ + -n kubedb +``` + +### 3. Install KubeDB via `HelmRelease` + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: kubedb + namespace: kubedb +spec: + interval: 1h + chart: + spec: + chart: kubedb + version: {{< param "info.version" >}} + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + crds: CreateReplace + upgrade: + crds: CreateReplace + valuesFrom: + - kind: Secret + name: kubedb-license + valuesKey: license + targetPath: global.license + values: + global: + featureGates: + Elasticsearch: true + Kafka: true + MariaDB: true + MongoDB: true + MySQL: true + Postgres: true + Redis: true +``` + +If you use a private Docker registry with self-signed certificates, add the registry hosts under `global.insecureRegistries`: + +```yaml + values: + global: + insecureRegistries: + - hub.example.com + - hub2.example.com +``` + +To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). + +
    +
    + +## Enable Database Engines + +KubeDB ships support for many database engines, gated behind individual feature flags so the operator only installs the components you actually need. Toggle an engine on by setting its `global.featureGates.` value to `true`. The defaults below mirror the upstream chart — `Elasticsearch`, `Kafka`, `MariaDB`, `MongoDB`, `MySQL`, `Postgres`, and `Redis` are enabled out of the box; every other engine is disabled. + +```yaml +global: + featureGates: + Cassandra: false + ClickHouse: false + DB2: false + DocumentDB: false + Druid: false + Elasticsearch: true + HanaDB: false + Hazelcast: false + Ignite: false + Kafka: true + MariaDB: true + Memcached: false + Milvus: false + MongoDB: true + MSSQLServer: false + MySQL: true + Neo4j: false + Oracle: false + PerconaXtraDB: false + PgBouncer: false + Pgpool: false + Postgres: true + ProxySQL: false + Qdrant: false + RabbitMQ: false + Redis: true + Singlestore: false + Solr: false + Weaviate: false + ZooKeeper: false +``` + +Save these values to a file (e.g. `values.yaml`) and pass it to `helm install` / `helm upgrade`: + +```bash +$ helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --values values.yaml \ + --wait --burst-limit=10000 --debug +``` + +Or override individual engines inline with `--set`: + +```bash +$ helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --set global.featureGates.Cassandra=true \ + --set global.featureGates.ClickHouse=true \ + --wait --burst-limit=10000 --debug +``` + +The same `global.featureGates` map works with the ArgoCD `Application` manifests under the `spec.source.helm.values` block, with the `kubedb-certified` chart on OpenShift, and with the `Kubedb` installer CR used by the OperatorHub bundle. + +## Install on OpenShift + +KubeDB supports OpenShift in three different ways. Pick the one that best matches your deployment workflow. + + +
    +
    + +### Option A: Standard KubeDB chart with OpenShift overrides + +The standard `kubedb` chart can be deployed on OpenShift by enabling the OpenShift distro flags. The `openshift` flag is also auto-detected when the cluster exposes the `project.openshift.io/v1` API, so you can leave it `false` and only switch the image flavor to UBI. + +```bash +$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --set global.distro.openshift=false \ + --set global.distro.ubi=operator \ + --wait --burst-limit=10000 --debug +``` + +Equivalent values file: + +```yaml +global: + distro: + openshift: false + ubi: "operator" +``` + +
    +
    + +### Option B: Red Hat OpenShift Certified Helm Chart + +AppsCode publishes a Red Hat OpenShift Certified Helm chart, [`kubedb-certified`](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb-certified). This chart does **not** ship the KubeDB CRDs; you must install the companion [`kubedb-certified-crds`](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb-certified-crds) chart first. + +**Step 1 — Install the CRDs:** + +```bash +$ helm repo add appscode https://charts.appscode.com/stable/ +$ helm repo update + +$ helm upgrade -i kubedb-certified-crds appscode/kubedb-certified-crds \ + -n kubedb --create-namespace \ + --version={{< param "info.version" >}} +``` + +**Step 2 — Install the operator:** + +```bash +$ helm upgrade -i kubedb-certified appscode/kubedb-certified \ + -n kubedb --create-namespace \ + --version={{< param "info.version" >}} \ + --set-file global.license=/path/to/the/license.txt +``` + +
    +
    + +### Option C: Red Hat OpenShift OperatorHub + +KubeDB is a [Red Hat Certified Operator](https://catalog.redhat.com/en/software/container-stacks/detail/6867c6a358efc229b095b8ee#overview) in the OpenShift OperatorHub catalog. You can install the KubeDB operator bundle directly from the OpenShift web console (**Operators → OperatorHub → KubeDB**) or with `oc`. + +Once the operator bundle is installed, create a `Kubedb` installer resource to deploy the KubeDB operator components. Toggle the `featureGates` to match the database engines you intend to use, and set either `license` (inline content) or `licenseSecretName` (a Secret with key `key.txt`) — get a license from the [AppsCode License Server](https://appscode.com/issue-license?p=kubedb). + +```yaml +apiVersion: installer.kubedb.com/v1 +kind: Kubedb +metadata: + name: kubedb +spec: + global: + featureGates: + Cassandra: false + ClickHouse: false + DB2: false + DocumentDB: false + Druid: false + Elasticsearch: true + HanaDB: false + Hazelcast: false + Ignite: false + Kafka: true + MSSQLServer: false + MariaDB: true + Memcached: false + Milvus: false + MongoDB: true + MySQL: true + Neo4j: false + Oracle: false + PerconaXtraDB: false + PgBouncer: false + Pgpool: false + Postgres: true + ProxySQL: false + Qdrant: false + RabbitMQ: false + Redis: true + Singlestore: false + Solr: false + Weaviate: false + ZooKeeper: false + imagePullSecrets: [] + insecureRegistries: [] + license: '' + licenseSecretName: '' + networkPolicy: + enabled: false + registry: '' + registryFQDN: '' +``` + +Apply it with: + +```bash +$ oc apply -f kubedb.yaml +``` +
    From e61b9379a952fa5a48b263964eb6e74f91e9b1d4 Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Mon, 15 Jun 2026 23:46:29 +0600 Subject: [PATCH 02/12] fix Signed-off-by: Tamal Saha --- .github/workflows/ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f2e46a7290..144d972a6e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -92,6 +92,11 @@ jobs: kubectl create -f https://raw.githubusercontent.com/virtual-secrets/apimachinery/refs/heads/master/crds/config.virtual-secrets.dev_secretstores.yaml kubectl create -f https://raw.githubusercontent.com/virtual-secrets/apimachinery/refs/heads/master/crds/virtual-secrets.dev_secretmounts.yaml kubectl create -f https://raw.githubusercontent.com/virtual-secrets/apimachinery/refs/heads/master/crds/virtual-secrets.dev_secrets.yaml + # argocd crds + kubectl create -f https://github.com/argoproj/argo-cd/raw/v3.4.3/manifests/crds/application-crd.yaml + # fluxcd crds + kubectl create -f https://github.com/fluxcd/helm-controller/raw/v1.3.0/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml + kubectl create -f https://github.com/fluxcd/source-controller/raw/v1.6.2/config/crd/bases/source.toolkit.fluxcd.io_helmrepositories.yaml - name: Check codespan schema run: | From 1fc671446a954569a56f596613e49b59f2904cc4 Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Mon, 15 Jun 2026 23:52:10 +0600 Subject: [PATCH 03/12] wip Signed-off-by: Tamal Saha --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 144d972a6e..b80058863d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -94,9 +94,9 @@ jobs: kubectl create -f https://raw.githubusercontent.com/virtual-secrets/apimachinery/refs/heads/master/crds/virtual-secrets.dev_secrets.yaml # argocd crds kubectl create -f https://github.com/argoproj/argo-cd/raw/v3.4.3/manifests/crds/application-crd.yaml - # fluxcd crds - kubectl create -f https://github.com/fluxcd/helm-controller/raw/v1.3.0/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml - kubectl create -f https://github.com/fluxcd/source-controller/raw/v1.6.2/config/crd/bases/source.toolkit.fluxcd.io_helmrepositories.yaml + # # fluxcd crds + # kubectl create -f https://github.com/fluxcd/helm-controller/raw/v1.3.0/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml + # kubectl create -f https://github.com/fluxcd/source-controller/raw/v1.6.2/config/crd/bases/source.toolkit.fluxcd.io_helmrepositories.yaml - name: Check codespan schema run: | From 96760f90c772669d6ef07573e180b4879702b05a Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Tue, 16 Jun 2026 00:01:21 +0600 Subject: [PATCH 04/12] wip Signed-off-by: Tamal Saha --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b80058863d..6cf314ebed 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -65,6 +65,7 @@ jobs: kubectl create -f https://github.com/stashed/installer/raw/master/crds/stash-crds.yaml kubectl create -f https://github.com/kubevault/installer/raw/master/crds/kubevault-crds.yaml kubectl create -f https://github.com/kubedb/installer/raw/master/crds/kubedb-crds.yaml + kubectl create -f https://github.com/kubedb/installer/raw/master/bundle/manifests/installer.kubedb.com_kubedbs.yaml kubectl create -f https://github.com/kubernetes-csi/external-snapshotter/raw/master/client/config/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml kubectl create -f https://github.com/kubestash/installer/raw/master/crds/kubestash-crds.yaml # recommendation From e31fc3fd7543c327ae928ac15d517125b83d09fa Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Tue, 16 Jun 2026 00:07:30 +0600 Subject: [PATCH 05/12] wip Signed-off-by: Tamal Saha --- docs/setup/install/kubedb.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md index 834cc8ac09..d5a7218c22 100644 --- a/docs/setup/install/kubedb.md +++ b/docs/setup/install/kubedb.md @@ -775,6 +775,7 @@ apiVersion: installer.kubedb.com/v1 kind: Kubedb metadata: name: kubedb + namespace: kubedb spec: global: featureGates: From cf278f44b78224668a39e4cfc437b8b91f50e0fc Mon Sep 17 00:00:00 2001 From: Tamal Saha Date: Tue, 16 Jun 2026 00:12:02 +0600 Subject: [PATCH 06/12] wip Signed-off-by: Tamal Saha --- docs/setup/uninstall/kubedb.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/setup/uninstall/kubedb.md b/docs/setup/uninstall/kubedb.md index 24dd8eec54..5f0445cc69 100644 --- a/docs/setup/uninstall/kubedb.md +++ b/docs/setup/uninstall/kubedb.md @@ -29,7 +29,7 @@ To uninstall KubeDB, run the following command: ## Using Helm 3 -In Helm 3, release names are [scoped to a namespace](https://v3.helm.sh/docs/faq/#release-names-are-now-scoped-to-the-namespace). So, provide the namespace you used to install the operator when installing. +In Helm 3, release names are [scoped to a namespace](https://helm.sh/docs/v3/faq/changes_since_helm2/). So, provide the namespace you used to install the operator when installing. ```bash $ helm uninstall kubedb --namespace kubedb From 897647cc70e0ba3db9f0fb3716108934c0dfdac4 Mon Sep 17 00:00:00 2001 From: Arnob Kumar Saha Date: Tue, 16 Jun 2026 10:14:49 +0600 Subject: [PATCH 07/12] docs(setup): trim ArgoCD extras, add Flux license-proxyserver path Signed-off-by: Arnob Kumar Saha --- docs/setup/install/kubedb.md | 336 ++++++++++++++--------------------- 1 file changed, 130 insertions(+), 206 deletions(-) diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md index d5a7218c22..723616bbde 100644 --- a/docs/setup/install/kubedb.md +++ b/docs/setup/install/kubedb.md @@ -334,212 +334,6 @@ spec: - /spec/template/metadata/annotations/reload ``` -### 4. (Optional) Install KubeStash for Backup - -To enable backup and restore for KubeDB-managed databases, deploy the `kubestash` chart via ArgoCD: - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kubestash - namespace: argocd -spec: - project: default - source: - chart: kubestash - repoURL: ghcr.io/appscode-charts - targetRevision: v2026.2.26 - helm: - values: | - ace-user-roles: - enabled: false - destination: - server: "https://kubernetes.default.svc" - namespace: kubestash - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true - - ignoreDifferences: - - jsonPointers: - - /data - kind: Secret - name: kubestash-kubestash-operator-cert - namespace: kubestash - - group: apps - kind: Deployment - name: kubestash-kubestash-operator-operator - namespace: kubestash - jsonPointers: - - /spec/template/metadata/annotations/reload - - group: apps - kind: Deployment - name: kubestash-kubestash-operator-webhook-server - namespace: kubestash - jsonPointers: - - /spec/template/metadata/annotations/reload - - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - name: kubestash-kubestash-operator - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: kubestash-kubestash-operator - jqPathExpressions: - - .webhooks[].clientConfig.caBundle -``` - -### 5. (Optional) Install Monitoring Stack - -To enable monitoring for KubeDB-managed databases, deploy the following three components in order. - -#### 5a. Install `kube-prometheus-stack` - -Deploy the upstream [kube-prometheus-stack](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack) chart from the `prometheus-community` repository. The `panopticon` and `monitoring-operator` charts below expect its `ServiceMonitor` selector label `release: kube-prometheus-stack`. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kube-prometheus-stack - namespace: argocd -spec: - project: default - source: - chart: kube-prometheus-stack - repoURL: https://prometheus-community.github.io/helm-charts - targetRevision: 65.1.1 - helm: - values: | - prometheus: - prometheusSpec: - serviceMonitorSelectorNilUsesHelmValues: false - serviceMonitorSelector: - matchLabels: - release: kube-prometheus-stack - destination: - server: "https://kubernetes.default.svc" - namespace: monitoring - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true - - ServerSideApply=true -``` - -#### 5b. Install `panopticon` - -`panopticon` exposes KubeDB-specific Prometheus metrics for databases managed by KubeDB. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: panopticon - namespace: argocd -spec: - project: default - source: - chart: panopticon - repoURL: ghcr.io/appscode-charts - targetRevision: v2026.1.15 - helm: - values: | - ace-user-roles: - enabled: false - monitoring: - agent: prometheus.io/operator - enabled: true - serviceMonitor: - labels: - release: kube-prometheus-stack - destination: - server: "https://kubernetes.default.svc" - namespace: monitoring - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true - - ignoreDifferences: - - jsonPointers: - - /data - kind: Secret - name: panopticon-apiserver-cert - namespace: monitoring - - group: apiregistration.k8s.io - kind: APIService - name: v1alpha1.validators.metrics.appscode.com - jsonPointers: - - /spec/caBundle - - group: apps - kind: Deployment - name: panopticon - namespace: monitoring - jsonPointers: - - /spec/template/metadata/annotations/checksum~1apiregistration.yaml - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: servicemonitors.monitoring.coreos.com - jsonPointers: - - /metadata/annotations - - /spec -``` - -#### 5c. Install `monitoring-operator` - -`monitoring-operator` provisions Grafana dashboards and the OpenViz UI integration for KubeDB databases. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: monitoring-operator - namespace: argocd -spec: - project: default - source: - chart: monitoring-operator - repoURL: ghcr.io/appscode-charts - targetRevision: v2026.1.15 - helm: - values: | - monitoring: - agent: "prometheus.io/operator" - serviceMonitor: - labels: - release: kube-prometheus-stack - destination: - server: "https://kubernetes.default.svc" - namespace: monitoring - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true - - ignoreDifferences: - - jsonPointers: - - /data - kind: Secret - name: monitoring-operator-apiserver-cert - namespace: monitoring - - group: apiregistration.k8s.io - kind: APIService - name: v1alpha1.ui.openviz.dev - jsonPointers: - - /spec/caBundle - - group: apps - kind: Deployment - name: monitoring-operator - namespace: monitoring - jsonPointers: - - /spec/template/metadata/annotations/checksum~1apiregistration.yaml -``` - To see the detailed configuration options for each chart, visit the [AppsCode Charts repository](https://github.com/appscode/charts). @@ -624,6 +418,136 @@ If you use a private Docker registry with self-signed certificates, add the regi - hub2.example.com ``` +### (Alternative) Use License Proxyserver instead of a license Secret + +Instead of creating a per-cluster license Secret (steps 2–3 above), you can deploy the `license-proxyserver` chart. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `kubedb` `HelmRelease` no longer needs to mount a license. Use this approach in place of the `kubedb-license` Secret. + +#### a. Install `ace-user-roles` + +The `ace-user-roles` chart provisions the cluster roles required by KubeDB and the license-proxyserver. + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: ace-user-roles + namespace: kubeops +spec: + interval: 1h + chart: + spec: + chart: ace-user-roles + version: v2026.2.16 + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + values: + enableClusterRoles: + ace: false + appcatalog: true + catalog: false + cert-manager: false + kubedb: true + kubedb-ui: false + kubestash: true # enable if used + kubevault: true # enable if used + license-proxyserver: true + metrics: true + prometheus: false + secrets-store: false + stash: true # enable if used + virtual-secrets: false + annotations: + "helm.sh/hook": null + "helm.sh/hook-delete-policy": null +``` + +#### b. Install `license-proxyserver` + +Generate an online license-proxyserver token from `https://appscode.com/billing/{org}/license-proxy-server`, then store it in a Secret that the `HelmRelease` references via `valuesFrom`: + +```bash +$ cat > license-proxyserver.yaml <<'EOF' +platform: + baseURL: https://appscode.com + token: '****************************************' +EOF + +$ kubectl create secret generic ace-licenseserver-cred \ + --from-file=license-proxyserver.yaml \ + -n kubeops +``` + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: license-proxyserver + namespace: kubeops +spec: + interval: 5m + chart: + spec: + chart: license-proxyserver + version: v2026.2.16 + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + crds: CreateReplace + upgrade: + crds: CreateReplace + values: + registryFQDN: ghcr.io + valuesFrom: + - kind: Secret + name: ace-licenseserver-cred + valuesKey: license-proxyserver.yaml + optional: true +``` + +#### c. Install KubeDB without a license Secret + +With the proxyserver running, deploy the `kubedb` `HelmRelease` without the `valuesFrom` license Secret — drop step 2 and the `valuesFrom` block from step 3: + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: kubedb + namespace: kubedb +spec: + interval: 1h + chart: + spec: + chart: kubedb + version: {{< param "info.version" >}} + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + crds: CreateReplace + upgrade: + crds: CreateReplace + values: + global: + featureGates: + Elasticsearch: true + Kafka: true + MariaDB: true + MongoDB: true + MySQL: true + Postgres: true + Redis: true +``` + To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). From 34b8d7a22a1991155cd6e4bfcd26a3f7cd33e5c3 Mon Sep 17 00:00:00 2001 From: Arnob Kumar Saha Date: Tue, 16 Jun 2026 10:23:39 +0600 Subject: [PATCH 08/12] docs(setup): link gitops repo for argo components, drop flux ace-user-roles step Signed-off-by: Arnob Kumar Saha --- docs/setup/install/kubedb.md | 49 +++--------------------------------- 1 file changed, 4 insertions(+), 45 deletions(-) diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md index 723616bbde..3e939d7e0d 100644 --- a/docs/setup/install/kubedb.md +++ b/docs/setup/install/kubedb.md @@ -101,6 +101,8 @@ To see the detailed configuration options, visit [here](https://github.com/kubed KubeDB can be deployed via [ArgoCD](https://argo-cd.readthedocs.io/) using the [Helm chart support](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/) for `Application` resources. Deploy the following `Application` manifests in order to your ArgoCD cluster. +Ready-to-use `Application` manifests for KubeDB and the rest of the AppsCode stack (e.g. `kubestash`, `kubevault`, `stash`, `panopticon`, `monitoring-operator`) are maintained in the [appscode/gitops](https://github.com/appscode/gitops/tree/2025-06/argocd/helm) repository. Install `ace-user-roles` and `license-proxyserver` first, then pick whichever component manifests you need from there. + ### 1. Install `ace-user-roles` The `ace-user-roles` chart provisions the cluster roles required by KubeDB and related operators. Create the following ArgoCD `Application`: @@ -422,50 +424,7 @@ If you use a private Docker registry with self-signed certificates, add the regi Instead of creating a per-cluster license Secret (steps 2–3 above), you can deploy the `license-proxyserver` chart. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `kubedb` `HelmRelease` no longer needs to mount a license. Use this approach in place of the `kubedb-license` Secret. -#### a. Install `ace-user-roles` - -The `ace-user-roles` chart provisions the cluster roles required by KubeDB and the license-proxyserver. - -```yaml -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: ace-user-roles - namespace: kubeops -spec: - interval: 1h - chart: - spec: - chart: ace-user-roles - version: v2026.2.16 - sourceRef: - kind: HelmRepository - name: appscode-charts - namespace: flux-system - install: - createNamespace: true - values: - enableClusterRoles: - ace: false - appcatalog: true - catalog: false - cert-manager: false - kubedb: true - kubedb-ui: false - kubestash: true # enable if used - kubevault: true # enable if used - license-proxyserver: true - metrics: true - prometheus: false - secrets-store: false - stash: true # enable if used - virtual-secrets: false - annotations: - "helm.sh/hook": null - "helm.sh/hook-delete-policy": null -``` - -#### b. Install `license-proxyserver` +#### a. Install `license-proxyserver` Generate an online license-proxyserver token from `https://appscode.com/billing/{org}/license-proxy-server`, then store it in a Secret that the `HelmRelease` references via `valuesFrom`: @@ -511,7 +470,7 @@ spec: optional: true ``` -#### c. Install KubeDB without a license Secret +#### b. Install KubeDB without a license Secret With the proxyserver running, deploy the `kubedb` `HelmRelease` without the `valuesFrom` license Secret — drop step 2 and the `valuesFrom` block from step 3: From e04bd73659ef2a72576a4fcde7a6cbd4f189bf2a Mon Sep 17 00:00:00 2001 From: Arnob Kumar Saha Date: Tue, 16 Jun 2026 10:37:36 +0600 Subject: [PATCH 09/12] docs(setup): fix review nits in install guide and ci Signed-off-by: Arnob Kumar Saha --- .github/workflows/ci.yml | 2 +- docs/setup/install/kubedb.md | 8 +------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6cf314ebed..e3e289b962 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -95,7 +95,7 @@ jobs: kubectl create -f https://raw.githubusercontent.com/virtual-secrets/apimachinery/refs/heads/master/crds/virtual-secrets.dev_secrets.yaml # argocd crds kubectl create -f https://github.com/argoproj/argo-cd/raw/v3.4.3/manifests/crds/application-crd.yaml - # # fluxcd crds + # fluxcd crds # kubectl create -f https://github.com/fluxcd/helm-controller/raw/v1.3.0/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml # kubectl create -f https://github.com/fluxcd/source-controller/raw/v1.6.2/config/crd/bases/source.toolkit.fluxcd.io_helmrepositories.yaml diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md index 3e939d7e0d..276335d563 100644 --- a/docs/setup/install/kubedb.md +++ b/docs/setup/install/kubedb.md @@ -188,12 +188,6 @@ spec: name: v1alpha1.proxyserver.licenses.appscode.com jsonPointers: - /spec/caBundle - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - name: servicemonitors.monitoring.coreos.com - jsonPointers: - - /metadata/annotations - - /spec ``` ### 3. Install KubeDB @@ -672,11 +666,11 @@ spec: Hazelcast: false Ignite: false Kafka: true - MSSQLServer: false MariaDB: true Memcached: false Milvus: false MongoDB: true + MSSQLServer: false MySQL: true Neo4j: false Oracle: false From 542926f446c150edbed22a71255e53dd868bc19b Mon Sep 17 00:00:00 2001 From: Arnob Kumar Saha Date: Tue, 16 Jun 2026 10:44:51 +0600 Subject: [PATCH 10/12] docs(setup): add Helm license-proxyserver alternative, link token guide Signed-off-by: Arnob Kumar Saha --- docs/setup/install/kubedb.md | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md index 276335d563..ce2b846cbe 100644 --- a/docs/setup/install/kubedb.md +++ b/docs/setup/install/kubedb.md @@ -63,6 +63,30 @@ $ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ --wait --burst-limit=10000 --debug ``` +### (Alternative) Use License Proxyserver instead of a license file + +Instead of passing a license file to every operator, you can install the `license-proxyserver` chart once. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `helm install kubedb` command no longer needs `--set-file global.license`. + +Generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/), then install the chart with that token: + +```bash +$ helm install license-proxyserver oci://ghcr.io/appscode-charts/license-proxyserver \ + --version v2026.2.16 \ + --namespace kubeops --create-namespace \ + --set platform.baseURL=https://appscode.com \ + --set platform.token= \ + --wait --burst-limit=10000 --debug +``` + +With the proxyserver running, install KubeDB without the license flag: + +```bash +$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --wait --burst-limit=10000 --debug +``` + To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). @@ -150,7 +174,7 @@ spec: ### 2. Install `license-proxyserver` -The `license-proxyserver` chart distributes license tokens to KubeDB and other AppsCode operators inside the cluster. Before applying the manifest below, generate an online license-proxyserver token from `https://appscode.com/billing/{org}/license-proxy-server` and replace the placeholder `token` value with it. +The `license-proxyserver` chart distributes license tokens to KubeDB and other AppsCode operators inside the cluster. Before applying the manifest below, generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/) and replace the placeholder `token` value with it. ```yaml apiVersion: argoproj.io/v1alpha1 @@ -420,7 +444,7 @@ Instead of creating a per-cluster license Secret (steps 2–3 above), you can de #### a. Install `license-proxyserver` -Generate an online license-proxyserver token from `https://appscode.com/billing/{org}/license-proxy-server`, then store it in a Secret that the `HelmRelease` references via `valuesFrom`: +Generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/), then store it in a Secret that the `HelmRelease` references via `valuesFrom`: ```bash $ cat > license-proxyserver.yaml <<'EOF' From 0e62a5651e9a274ae4184564361e681162a40126 Mon Sep 17 00:00:00 2001 From: Arnob Kumar Saha Date: Tue, 16 Jun 2026 11:02:42 +0600 Subject: [PATCH 11/12] docs(setup): split KubeDB install into per-method pages, drop tab switcher Signed-off-by: Arnob Kumar Saha --- .../recommendation/configuration.md | 2 +- docs/setup/README.md | 4 +- docs/setup/install/kubedb.md | 760 ------------------ docs/setup/install/kubedb/_index.md | 39 + docs/setup/install/kubedb/argocd.md | 250 ++++++ docs/setup/install/kubedb/configuration.md | 105 +++ docs/setup/install/kubedb/fluxcd.md | 183 +++++ docs/setup/install/kubedb/helm.md | 65 ++ docs/setup/install/kubedb/openshift.md | 127 +++ docs/setup/install/kubedb/yaml.md | 41 + 10 files changed, 813 insertions(+), 763 deletions(-) delete mode 100644 docs/setup/install/kubedb.md create mode 100644 docs/setup/install/kubedb/_index.md create mode 100644 docs/setup/install/kubedb/argocd.md create mode 100644 docs/setup/install/kubedb/configuration.md create mode 100644 docs/setup/install/kubedb/fluxcd.md create mode 100644 docs/setup/install/kubedb/helm.md create mode 100644 docs/setup/install/kubedb/openshift.md create mode 100644 docs/setup/install/kubedb/yaml.md diff --git a/docs/operatormanual/recommendation/configuration.md b/docs/operatormanual/recommendation/configuration.md index 1824599444..84375e94e8 100644 --- a/docs/operatormanual/recommendation/configuration.md +++ b/docs/operatormanual/recommendation/configuration.md @@ -19,7 +19,7 @@ section_menu_id: operatormanual Before using KubeDB Recommendations, ensure that: * You have a running Kubernetes cluster with `kubectl` configured (e.g. via [kind](https://kind.sigs.k8s.io/docs/user/quick-start/)). -* KubeDB is installed following the [setup guide](/docs/setup/install/kubedb.md), with the Supervisor enabled: +* KubeDB is installed following the [setup guide](/docs/setup/install/kubedb/_index.md), with the Supervisor enabled: ```bash --set supervisor.enabled=true diff --git a/docs/setup/README.md b/docs/setup/README.md index c9babc8d8e..9b44084d6e 100644 --- a/docs/setup/README.md +++ b/docs/setup/README.md @@ -18,14 +18,14 @@ aliases: # Setup
    The setup section contains instructions for installing the KubeDB and its various components in Kubernetes. This section has been divided into the following sub-sections: - **Install KubeDB:** Installation instructions for KubeDB and its various components. - - [KubeDB](/docs/setup/install/kubedb.md): Installation instructions for KubeDB. + - [KubeDB](/docs/setup/install/kubedb/_index.md): Installation instructions for KubeDB. - [KubeDB kubectl Plugin](/docs/setup/install/kubectl_plugin.md): Installation instructions for KubeDB `kubectl` plugin. - [Troubleshooting](/docs/setup/install/troubleshoting.md): Troubleshooting guide for various installation problems. diff --git a/docs/setup/install/kubedb.md b/docs/setup/install/kubedb.md deleted file mode 100644 index ce2b846cbe..0000000000 --- a/docs/setup/install/kubedb.md +++ /dev/null @@ -1,760 +0,0 @@ ---- -title: Install KubeDB -description: Installation guide for KubeDB -menu: - docs_{{ .version }}: - identifier: install-kubedb-enterprise - name: KubeDB - parent: installation-guide - weight: 20 -product_name: kubedb -menu_name: docs_{{ .version }} -section_menu_id: setup ---- - -# Install KubeDB - -## Get a Free License - -Download a FREE license from [AppsCode License Server](https://appscode.com/issue-license?p=kubedb). - -> KubeDB licensing process has been designed to work with CI/CD workflow. You can automatically obtain a license from your CI/CD pipeline by following the guide from [here](https://github.com/appscode/offline-license-server#offline-license-server). - -## Install - - -
    -
    - -## Using Helm 3 - -KubeDB can be installed via [Helm](https://helm.sh/) using the [chart](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb) from [AppsCode Charts Repository](https://github.com/appscode/charts). To install, follow the steps below: - -```bash -$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set-file global.license=/path/to/the/license.txt \ - --wait --burst-limit=10000 --debug -``` - -{{< notice type="warning" message="If you are using **private Docker registries** using *self-signed certificates*, please pass the registry domains to the operator like below:" >}} - -```bash -$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set global.insecureRegistries[0]=hub.example.com \ - --set global.insecureRegistries[1]=hub2.example.com \ - --set-file global.license=/path/to/the/license.txt \ - --wait --burst-limit=10000 --debug -``` - -### (Alternative) Use License Proxyserver instead of a license file - -Instead of passing a license file to every operator, you can install the `license-proxyserver` chart once. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `helm install kubedb` command no longer needs `--set-file global.license`. - -Generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/), then install the chart with that token: - -```bash -$ helm install license-proxyserver oci://ghcr.io/appscode-charts/license-proxyserver \ - --version v2026.2.16 \ - --namespace kubeops --create-namespace \ - --set platform.baseURL=https://appscode.com \ - --set platform.token= \ - --wait --burst-limit=10000 --debug -``` - -With the proxyserver running, install KubeDB without the license flag: - -```bash -$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --wait --burst-limit=10000 --debug -``` - -To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). - -
    -
    - -## Using YAML - -If you prefer to not use Helm, you can generate YAMLs from KubeDB chart and deploy using `kubectl`. Here we are going to show the procedure using Helm 3. - -```bash -$ helm template kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set-file global.license=/path/to/the/license.txt \ - --set global.skipCleaner=true | kubectl apply -f - -``` - -{{< notice type="warning" message="If you are using **private Docker registries** using *self-signed certificates*, please pass the registry domains to the operator like below:" >}} - -```bash -$ helm template kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set-file global.license=/path/to/the/license.txt \ - --set global.insecureRegistries[0]=hub.example.com \ - --set global.insecureRegistries[1]=hub2.example.com \ - --set global.skipCleaner=true | kubectl apply -f - -``` - -To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). - -
    -
    - -## Using ArgoCD - -KubeDB can be deployed via [ArgoCD](https://argo-cd.readthedocs.io/) using the [Helm chart support](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/) for `Application` resources. Deploy the following `Application` manifests in order to your ArgoCD cluster. - -Ready-to-use `Application` manifests for KubeDB and the rest of the AppsCode stack (e.g. `kubestash`, `kubevault`, `stash`, `panopticon`, `monitoring-operator`) are maintained in the [appscode/gitops](https://github.com/appscode/gitops/tree/2025-06/argocd/helm) repository. Install `ace-user-roles` and `license-proxyserver` first, then pick whichever component manifests you need from there. - -### 1. Install `ace-user-roles` - -The `ace-user-roles` chart provisions the cluster roles required by KubeDB and related operators. Create the following ArgoCD `Application`: - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: ace-user-roles - namespace: argocd -spec: - destination: - namespace: kubeops - server: https://kubernetes.default.svc - project: default - source: - chart: ace-user-roles - helm: - values: | - enableClusterRoles: - ace: false - appcatalog: true - catalog: false - cert-manager: false - kubedb: true - kubedb-ui: false - kubestash: true # enable if used - kubevault: true # enable if used - license-proxyserver: true - metrics: true - prometheus: false - secrets-store: false - stash: true # enable if used - virtual-secrets: false - annotations: - "helm.sh/hook": null - "helm.sh/hook-delete-policy": null - repoURL: ghcr.io/appscode-charts - targetRevision: v2026.2.16 - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true -``` - -### 2. Install `license-proxyserver` - -The `license-proxyserver` chart distributes license tokens to KubeDB and other AppsCode operators inside the cluster. Before applying the manifest below, generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/) and replace the placeholder `token` value with it. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: license-proxyserver - namespace: argocd -spec: - project: default - source: - chart: license-proxyserver - repoURL: ghcr.io/appscode-charts - targetRevision: v2026.2.16 - helm: - values: | - platform: - baseURL: https://appscode.com - token: '****************************************' - destination: - server: "https://kubernetes.default.svc" - namespace: kubeops - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true - - ignoreDifferences: - - jsonPointers: - - /data - kind: Secret - name: license-proxyserver-apiserver-cert - namespace: kubeops - - group: apiregistration.k8s.io - kind: APIService - name: v1alpha1.proxyserver.licenses.appscode.com - jsonPointers: - - /spec/caBundle -``` - -### 3. Install KubeDB - -Finally, deploy the KubeDB operators themselves. The `ace-user-roles` sub-chart is disabled here because it was already installed in the first step. - -```yaml -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kubedb - namespace: argocd -spec: - project: default - source: - chart: kubedb - repoURL: ghcr.io/appscode-charts - targetRevision: {{< param "info.version" >}} - helm: - values: | - ace-user-roles: - enabled: false - destination: - server: "https://kubernetes.default.svc" - namespace: kubedb - syncPolicy: - automated: {} - syncOptions: - - CreateNamespace=true - - ignoreDifferences: - - jsonPointers: - - /data - kind: Secret - name: kubedb-kubedb-webhook-server-cert - namespace: kubedb - - jsonPointers: - - /data - kind: Secret - name: kubedb-petset-cert - namespace: kubedb - - jsonPointers: - - /data - kind: Secret - name: kubedb-sidekick-cert - namespace: kubedb - - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - name: mutators.petset.appscode.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - name: mutators.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - name: mutators.autoscaling.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - name: mutators.elasticsearch.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: MutatingWebhookConfiguration - name: mutators.schema.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: validators.autoscaling.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: validators.elasticsearch.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: validators.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: validators.ops.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: validators.petset.appscode.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - group: admissionregistration.k8s.io - kind: ValidatingWebhookConfiguration - name: validators.schema.kubedb.com - jqPathExpressions: - - .webhooks[].clientConfig.caBundle - - - group: apps - kind: StatefulSet - name: kubedb-kubedb-autoscaler - namespace: kubedb - jsonPointers: - - /spec/template/metadata/annotations/reload - - group: apps - kind: StatefulSet - name: kubedb-kubedb-ops-manager - namespace: kubedb - jsonPointers: - - /spec/template/metadata/annotations/reload - - group: apps - kind: StatefulSet - name: kubedb-kubedb-provisioner - namespace: kubedb - jsonPointers: - - /spec/template/metadata/annotations/reload - - group: apps - kind: Deployment - name: kubedb-kubedb-webhook-server - namespace: kubedb - jsonPointers: - - /spec/template/metadata/annotations/reload - - group: apps - kind: Deployment - name: kubedb-petset - namespace: kubedb - jsonPointers: - - /spec/template/metadata/annotations/reload - - group: apps - kind: Deployment - name: kubedb-sidekick - namespace: kubedb - jsonPointers: - - /spec/template/metadata/annotations/reload -``` - -To see the detailed configuration options for each chart, visit the [AppsCode Charts repository](https://github.com/appscode/charts). - -
    -
    - -## Using FluxCD - -KubeDB can be deployed via [FluxCD](https://fluxcd.io/) using its [Helm Controller](https://fluxcd.io/flux/components/helm/) against the OCI Helm registry at `ghcr.io/appscode-charts`. Apply the manifests below in order. - -### 1. Configure the OCI Helm repository - -```yaml -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: appscode-charts - namespace: flux-system -spec: - type: oci - interval: 12h - url: oci://ghcr.io/appscode-charts -``` - -### 2. Create a Secret with the license - -Generate a license from the [AppsCode License Server](https://appscode.com/issue-license?p=kubedb) and store it in a Secret so `HelmRelease` can reference it via `valuesFrom`. - -```bash -$ kubectl create namespace kubedb -$ kubectl create secret generic kubedb-license \ - --from-file=license=/path/to/the/license.txt \ - -n kubedb -``` - -### 3. Install KubeDB via `HelmRelease` - -```yaml -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: kubedb - namespace: kubedb -spec: - interval: 1h - chart: - spec: - chart: kubedb - version: {{< param "info.version" >}} - sourceRef: - kind: HelmRepository - name: appscode-charts - namespace: flux-system - install: - createNamespace: true - crds: CreateReplace - upgrade: - crds: CreateReplace - valuesFrom: - - kind: Secret - name: kubedb-license - valuesKey: license - targetPath: global.license - values: - global: - featureGates: - Elasticsearch: true - Kafka: true - MariaDB: true - MongoDB: true - MySQL: true - Postgres: true - Redis: true -``` - -If you use a private Docker registry with self-signed certificates, add the registry hosts under `global.insecureRegistries`: - -```yaml - values: - global: - insecureRegistries: - - hub.example.com - - hub2.example.com -``` - -### (Alternative) Use License Proxyserver instead of a license Secret - -Instead of creating a per-cluster license Secret (steps 2–3 above), you can deploy the `license-proxyserver` chart. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `kubedb` `HelmRelease` no longer needs to mount a license. Use this approach in place of the `kubedb-license` Secret. - -#### a. Install `license-proxyserver` - -Generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/), then store it in a Secret that the `HelmRelease` references via `valuesFrom`: - -```bash -$ cat > license-proxyserver.yaml <<'EOF' -platform: - baseURL: https://appscode.com - token: '****************************************' -EOF - -$ kubectl create secret generic ace-licenseserver-cred \ - --from-file=license-proxyserver.yaml \ - -n kubeops -``` - -```yaml -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: license-proxyserver - namespace: kubeops -spec: - interval: 5m - chart: - spec: - chart: license-proxyserver - version: v2026.2.16 - sourceRef: - kind: HelmRepository - name: appscode-charts - namespace: flux-system - install: - createNamespace: true - crds: CreateReplace - upgrade: - crds: CreateReplace - values: - registryFQDN: ghcr.io - valuesFrom: - - kind: Secret - name: ace-licenseserver-cred - valuesKey: license-proxyserver.yaml - optional: true -``` - -#### b. Install KubeDB without a license Secret - -With the proxyserver running, deploy the `kubedb` `HelmRelease` without the `valuesFrom` license Secret — drop step 2 and the `valuesFrom` block from step 3: - -```yaml -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: kubedb - namespace: kubedb -spec: - interval: 1h - chart: - spec: - chart: kubedb - version: {{< param "info.version" >}} - sourceRef: - kind: HelmRepository - name: appscode-charts - namespace: flux-system - install: - createNamespace: true - crds: CreateReplace - upgrade: - crds: CreateReplace - values: - global: - featureGates: - Elasticsearch: true - Kafka: true - MariaDB: true - MongoDB: true - MySQL: true - Postgres: true - Redis: true -``` - -To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). - -
    -
    - -## Enable Database Engines - -KubeDB ships support for many database engines, gated behind individual feature flags so the operator only installs the components you actually need. Toggle an engine on by setting its `global.featureGates.` value to `true`. The defaults below mirror the upstream chart — `Elasticsearch`, `Kafka`, `MariaDB`, `MongoDB`, `MySQL`, `Postgres`, and `Redis` are enabled out of the box; every other engine is disabled. - -```yaml -global: - featureGates: - Cassandra: false - ClickHouse: false - DB2: false - DocumentDB: false - Druid: false - Elasticsearch: true - HanaDB: false - Hazelcast: false - Ignite: false - Kafka: true - MariaDB: true - Memcached: false - Milvus: false - MongoDB: true - MSSQLServer: false - MySQL: true - Neo4j: false - Oracle: false - PerconaXtraDB: false - PgBouncer: false - Pgpool: false - Postgres: true - ProxySQL: false - Qdrant: false - RabbitMQ: false - Redis: true - Singlestore: false - Solr: false - Weaviate: false - ZooKeeper: false -``` - -Save these values to a file (e.g. `values.yaml`) and pass it to `helm install` / `helm upgrade`: - -```bash -$ helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set-file global.license=/path/to/the/license.txt \ - --values values.yaml \ - --wait --burst-limit=10000 --debug -``` - -Or override individual engines inline with `--set`: - -```bash -$ helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set-file global.license=/path/to/the/license.txt \ - --set global.featureGates.Cassandra=true \ - --set global.featureGates.ClickHouse=true \ - --wait --burst-limit=10000 --debug -``` - -The same `global.featureGates` map works with the ArgoCD `Application` manifests under the `spec.source.helm.values` block, with the `kubedb-certified` chart on OpenShift, and with the `Kubedb` installer CR used by the OperatorHub bundle. - -## Install on OpenShift - -KubeDB supports OpenShift in three different ways. Pick the one that best matches your deployment workflow. - - -
    -
    - -### Option A: Standard KubeDB chart with OpenShift overrides - -The standard `kubedb` chart can be deployed on OpenShift by enabling the OpenShift distro flags. The `openshift` flag is also auto-detected when the cluster exposes the `project.openshift.io/v1` API, so you can leave it `false` and only switch the image flavor to UBI. - -```bash -$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ - --version {{< param "info.version" >}} \ - --namespace kubedb --create-namespace \ - --set-file global.license=/path/to/the/license.txt \ - --set global.distro.openshift=false \ - --set global.distro.ubi=operator \ - --wait --burst-limit=10000 --debug -``` - -Equivalent values file: - -```yaml -global: - distro: - openshift: false - ubi: "operator" -``` - -
    -
    - -### Option B: Red Hat OpenShift Certified Helm Chart - -AppsCode publishes a Red Hat OpenShift Certified Helm chart, [`kubedb-certified`](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb-certified). This chart does **not** ship the KubeDB CRDs; you must install the companion [`kubedb-certified-crds`](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb-certified-crds) chart first. - -**Step 1 — Install the CRDs:** - -```bash -$ helm repo add appscode https://charts.appscode.com/stable/ -$ helm repo update - -$ helm upgrade -i kubedb-certified-crds appscode/kubedb-certified-crds \ - -n kubedb --create-namespace \ - --version={{< param "info.version" >}} -``` - -**Step 2 — Install the operator:** - -```bash -$ helm upgrade -i kubedb-certified appscode/kubedb-certified \ - -n kubedb --create-namespace \ - --version={{< param "info.version" >}} \ - --set-file global.license=/path/to/the/license.txt -``` - -
    -
    - -### Option C: Red Hat OpenShift OperatorHub - -KubeDB is a [Red Hat Certified Operator](https://catalog.redhat.com/en/software/container-stacks/detail/6867c6a358efc229b095b8ee#overview) in the OpenShift OperatorHub catalog. You can install the KubeDB operator bundle directly from the OpenShift web console (**Operators → OperatorHub → KubeDB**) or with `oc`. - -Once the operator bundle is installed, create a `Kubedb` installer resource to deploy the KubeDB operator components. Toggle the `featureGates` to match the database engines you intend to use, and set either `license` (inline content) or `licenseSecretName` (a Secret with key `key.txt`) — get a license from the [AppsCode License Server](https://appscode.com/issue-license?p=kubedb). - -```yaml -apiVersion: installer.kubedb.com/v1 -kind: Kubedb -metadata: - name: kubedb - namespace: kubedb -spec: - global: - featureGates: - Cassandra: false - ClickHouse: false - DB2: false - DocumentDB: false - Druid: false - Elasticsearch: true - HanaDB: false - Hazelcast: false - Ignite: false - Kafka: true - MariaDB: true - Memcached: false - Milvus: false - MongoDB: true - MSSQLServer: false - MySQL: true - Neo4j: false - Oracle: false - PerconaXtraDB: false - PgBouncer: false - Pgpool: false - Postgres: true - ProxySQL: false - Qdrant: false - RabbitMQ: false - Redis: true - Singlestore: false - Solr: false - Weaviate: false - ZooKeeper: false - imagePullSecrets: [] - insecureRegistries: [] - license: '' - licenseSecretName: '' - networkPolicy: - enabled: false - registry: '' - registryFQDN: '' -``` - -Apply it with: - -```bash -$ oc apply -f kubedb.yaml -``` - -
    -
    - -## Verify installation - -To check if KubeDB operator pods have started, run the following command: - -```bash -$ watch kubectl get pods --all-namespaces -l "app.kubernetes.io/instance=kubedb" - -NAME READY STATUS RESTARTS AGE -kubedb-kubedb-autoscaler-b5dd47dc5-bxnrq 1/1 Running 0 48s -kubedb-kubedb-ops-manager-6f766b86c6-h9m66 1/1 Running 0 48s -kubedb-kubedb-provisioner-6fd44d5784-d8v9c 1/1 Running 0 48s -kubedb-kubedb-webhook-server-6cf469bdf4-72wvz 1/1 Running 0 48s -``` - -Once the operator pod is running, you can cancel the above command by typing `Ctrl+C`. - -Now, to confirm CRD groups have been registered by the operator, run the following command: - -```bash -$ kubectl get crd -l app.kubernetes.io/name=kubedb -``` - -Now, you are ready to [create your first database](/docs/guides/README.md) using KubeDB. - -## Purchase KubeDB License - -If you are interested in purchasing KubeDB license, please contact us via sales@appscode.com for further discussion. You can also set up a meeting via our [calendly link](https://calendly.com/appscode/30min). - -If you are willing to purchase KubeDB but need more time to test in your dev cluster, feel free to contact sales@appscode.com. We will be happy to extend your trial period. diff --git a/docs/setup/install/kubedb/_index.md b/docs/setup/install/kubedb/_index.md new file mode 100644 index 0000000000..413324925c --- /dev/null +++ b/docs/setup/install/kubedb/_index.md @@ -0,0 +1,39 @@ +--- +title: Install KubeDB +description: Installation guide for KubeDB +menu: + docs_{{ .version }}: + identifier: install-kubedb-enterprise + name: KubeDB + parent: installation-guide + weight: 20 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Install KubeDB + +## Get a Free License + +Download a FREE license from [AppsCode License Server](https://appscode.com/issue-license?p=kubedb). + +> KubeDB licensing process has been designed to work with CI/CD workflow. You can automatically obtain a license from your CI/CD pipeline by following the guide from [here](https://github.com/appscode/offline-license-server#offline-license-server). + +## Choose an Installation Method + +KubeDB can be installed in several ways. Pick the one that fits your workflow: + +- [Helm 3](/docs/setup/install/kubedb/helm/) — recommended for most users. +- [YAML](/docs/setup/install/kubedb/yaml/) — render manifests and apply with `kubectl`. +- [ArgoCD](/docs/setup/install/kubedb/argocd/) — GitOps via ArgoCD `Application` resources. +- [FluxCD](/docs/setup/install/kubedb/fluxcd/) — GitOps via the Flux Helm Controller. +- [OpenShift](/docs/setup/install/kubedb/openshift/) — standard chart, Red Hat certified chart, or OperatorHub. + +After installing, see [Common Configuration](/docs/setup/install/kubedb/configuration/) to enable database engines and verify the installation. + +## Purchase KubeDB License + +If you are interested in purchasing KubeDB license, please contact us via sales@appscode.com for further discussion. You can also set up a meeting via our [calendly link](https://calendly.com/appscode/30min). + +If you are willing to purchase KubeDB but need more time to test in your dev cluster, feel free to contact sales@appscode.com. We will be happy to extend your trial period. diff --git a/docs/setup/install/kubedb/argocd.md b/docs/setup/install/kubedb/argocd.md new file mode 100644 index 0000000000..47a40998a1 --- /dev/null +++ b/docs/setup/install/kubedb/argocd.md @@ -0,0 +1,250 @@ +--- +title: Install KubeDB using ArgoCD +description: Install KubeDB using ArgoCD +menu: + docs_{{ .version }}: + identifier: install-kubedb-argocd + name: ArgoCD + parent: install-kubedb-enterprise + weight: 30 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Using ArgoCD + +KubeDB can be deployed via [ArgoCD](https://argo-cd.readthedocs.io/) using the [Helm chart support](https://argo-cd.readthedocs.io/en/stable/user-guide/helm/) for `Application` resources. Deploy the following `Application` manifests in order to your ArgoCD cluster. + +Ready-to-use `Application` manifests for KubeDB and the rest of the AppsCode stack (e.g. `kubestash`, `kubevault`, `stash`, `panopticon`, `monitoring-operator`) are maintained in the [appscode/gitops](https://github.com/appscode/gitops/tree/2025-06/argocd/helm) repository. Install `ace-user-roles` and `license-proxyserver` first, then pick whichever component manifests you need from there. + +## 1. Install `ace-user-roles` + +The `ace-user-roles` chart provisions the cluster roles required by KubeDB and related operators. Create the following ArgoCD `Application`: + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: ace-user-roles + namespace: argocd +spec: + destination: + namespace: kubeops + server: https://kubernetes.default.svc + project: default + source: + chart: ace-user-roles + helm: + values: | + enableClusterRoles: + ace: false + appcatalog: true + catalog: false + cert-manager: false + kubedb: true + kubedb-ui: false + kubestash: true # enable if used + kubevault: true # enable if used + license-proxyserver: true + metrics: true + prometheus: false + secrets-store: false + stash: true # enable if used + virtual-secrets: false + annotations: + "helm.sh/hook": null + "helm.sh/hook-delete-policy": null + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.2.16 + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true +``` + +## 2. Install `license-proxyserver` + +The `license-proxyserver` chart distributes license tokens to KubeDB and other AppsCode operators inside the cluster. Before applying the manifest below, generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/) and replace the placeholder `token` value with it. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: license-proxyserver + namespace: argocd +spec: + project: default + source: + chart: license-proxyserver + repoURL: ghcr.io/appscode-charts + targetRevision: v2026.2.16 + helm: + values: | + platform: + baseURL: https://appscode.com + token: '****************************************' + destination: + server: "https://kubernetes.default.svc" + namespace: kubeops + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: license-proxyserver-apiserver-cert + namespace: kubeops + - group: apiregistration.k8s.io + kind: APIService + name: v1alpha1.proxyserver.licenses.appscode.com + jsonPointers: + - /spec/caBundle +``` + +## 3. Install KubeDB + +Finally, deploy the KubeDB operators themselves. The `ace-user-roles` sub-chart is disabled here because it was already installed in the first step. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kubedb + namespace: argocd +spec: + project: default + source: + chart: kubedb + repoURL: ghcr.io/appscode-charts + targetRevision: {{< param "info.version" >}} + helm: + values: | + ace-user-roles: + enabled: false + destination: + server: "https://kubernetes.default.svc" + namespace: kubedb + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + + ignoreDifferences: + - jsonPointers: + - /data + kind: Secret + name: kubedb-kubedb-webhook-server-cert + namespace: kubedb + - jsonPointers: + - /data + kind: Secret + name: kubedb-petset-cert + namespace: kubedb + - jsonPointers: + - /data + kind: Secret + name: kubedb-sidekick-cert + namespace: kubedb + + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.petset.appscode.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.autoscaling.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.elasticsearch.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: MutatingWebhookConfiguration + name: mutators.schema.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.autoscaling.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.elasticsearch.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.ops.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.petset.appscode.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + - group: admissionregistration.k8s.io + kind: ValidatingWebhookConfiguration + name: validators.schema.kubedb.com + jqPathExpressions: + - .webhooks[].clientConfig.caBundle + + - group: apps + kind: StatefulSet + name: kubedb-kubedb-autoscaler + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: StatefulSet + name: kubedb-kubedb-ops-manager + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: StatefulSet + name: kubedb-kubedb-provisioner + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-kubedb-webhook-server + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-petset + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload + - group: apps + kind: Deployment + name: kubedb-sidekick + namespace: kubedb + jsonPointers: + - /spec/template/metadata/annotations/reload +``` + +To see the detailed configuration options for each chart, visit the [AppsCode Charts repository](https://github.com/appscode/charts). + +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). diff --git a/docs/setup/install/kubedb/configuration.md b/docs/setup/install/kubedb/configuration.md new file mode 100644 index 0000000000..99d88f9d4e --- /dev/null +++ b/docs/setup/install/kubedb/configuration.md @@ -0,0 +1,105 @@ +--- +title: KubeDB Common Configuration +description: Enable database engines and verify the KubeDB installation +menu: + docs_{{ .version }}: + identifier: install-kubedb-config + name: Common Configuration + parent: install-kubedb-enterprise + weight: 60 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Common Configuration + +The steps below apply regardless of which [installation method](/docs/setup/install/kubedb/) you used. + +## Enable Database Engines + +KubeDB ships support for many database engines, gated behind individual feature flags so the operator only installs the components you actually need. Toggle an engine on by setting its `global.featureGates.` value to `true`. The defaults below mirror the upstream chart — `Elasticsearch`, `Kafka`, `MariaDB`, `MongoDB`, `MySQL`, `Postgres`, and `Redis` are enabled out of the box; every other engine is disabled. + +```yaml +global: + featureGates: + Cassandra: false + ClickHouse: false + DB2: false + DocumentDB: false + Druid: false + Elasticsearch: true + HanaDB: false + Hazelcast: false + Ignite: false + Kafka: true + MariaDB: true + Memcached: false + Milvus: false + MongoDB: true + MSSQLServer: false + MySQL: true + Neo4j: false + Oracle: false + PerconaXtraDB: false + PgBouncer: false + Pgpool: false + Postgres: true + ProxySQL: false + Qdrant: false + RabbitMQ: false + Redis: true + Singlestore: false + Solr: false + Weaviate: false + ZooKeeper: false +``` + +Save these values to a file (e.g. `values.yaml`) and pass it to `helm install` / `helm upgrade`: + +```bash +$ helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --values values.yaml \ + --wait --burst-limit=10000 --debug +``` + +Or override individual engines inline with `--set`: + +```bash +$ helm upgrade -i kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --set global.featureGates.Cassandra=true \ + --set global.featureGates.ClickHouse=true \ + --wait --burst-limit=10000 --debug +``` + +The same `global.featureGates` map works with the ArgoCD `Application` manifests under the `spec.source.helm.values` block, with the `kubedb-certified` chart on OpenShift, and with the `Kubedb` installer CR used by the OperatorHub bundle. + +## Verify installation + +To check if KubeDB operator pods have started, run the following command: + +```bash +$ watch kubectl get pods --all-namespaces -l "app.kubernetes.io/instance=kubedb" + +NAME READY STATUS RESTARTS AGE +kubedb-kubedb-autoscaler-b5dd47dc5-bxnrq 1/1 Running 0 48s +kubedb-kubedb-ops-manager-6f766b86c6-h9m66 1/1 Running 0 48s +kubedb-kubedb-provisioner-6fd44d5784-d8v9c 1/1 Running 0 48s +kubedb-kubedb-webhook-server-6cf469bdf4-72wvz 1/1 Running 0 48s +``` + +Once the operator pod is running, you can cancel the above command by typing `Ctrl+C`. + +Now, to confirm CRD groups have been registered by the operator, run the following command: + +```bash +$ kubectl get crd -l app.kubernetes.io/name=kubedb +``` + +Now, you are ready to [create your first database](/docs/guides/README.md) using KubeDB. diff --git a/docs/setup/install/kubedb/fluxcd.md b/docs/setup/install/kubedb/fluxcd.md new file mode 100644 index 0000000000..9971c69c92 --- /dev/null +++ b/docs/setup/install/kubedb/fluxcd.md @@ -0,0 +1,183 @@ +--- +title: Install KubeDB using FluxCD +description: Install KubeDB using FluxCD +menu: + docs_{{ .version }}: + identifier: install-kubedb-fluxcd + name: FluxCD + parent: install-kubedb-enterprise + weight: 40 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Using FluxCD + +KubeDB can be deployed via [FluxCD](https://fluxcd.io/) using its [Helm Controller](https://fluxcd.io/flux/components/helm/) against the OCI Helm registry at `ghcr.io/appscode-charts`. Apply the manifests below in order. + +## 1. Configure the OCI Helm repository + +```yaml +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: appscode-charts + namespace: flux-system +spec: + type: oci + interval: 12h + url: oci://ghcr.io/appscode-charts +``` + +## 2. Create a Secret with the license + +Generate a license from the [AppsCode License Server](https://appscode.com/issue-license?p=kubedb) and store it in a Secret so `HelmRelease` can reference it via `valuesFrom`. + +```bash +$ kubectl create namespace kubedb +$ kubectl create secret generic kubedb-license \ + --from-file=license=/path/to/the/license.txt \ + -n kubedb +``` + +## 3. Install KubeDB via `HelmRelease` + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: kubedb + namespace: kubedb +spec: + interval: 1h + chart: + spec: + chart: kubedb + version: {{< param "info.version" >}} + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + crds: CreateReplace + upgrade: + crds: CreateReplace + valuesFrom: + - kind: Secret + name: kubedb-license + valuesKey: license + targetPath: global.license + values: + global: + featureGates: + Elasticsearch: true + Kafka: true + MariaDB: true + MongoDB: true + MySQL: true + Postgres: true + Redis: true +``` + +If you use a private Docker registry with self-signed certificates, add the registry hosts under `global.insecureRegistries`: + +```yaml + values: + global: + insecureRegistries: + - hub.example.com + - hub2.example.com +``` + +## (Alternative) Use License Proxyserver instead of a license Secret + +Instead of creating a per-cluster license Secret (steps 2–3 above), you can deploy the `license-proxyserver` chart. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `kubedb` `HelmRelease` no longer needs to mount a license. Use this approach in place of the `kubedb-license` Secret. + +### a. Install `license-proxyserver` + +Generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/), then store it in a Secret that the `HelmRelease` references via `valuesFrom`: + +```bash +$ cat > license-proxyserver.yaml <<'EOF' +platform: + baseURL: https://appscode.com + token: '****************************************' +EOF + +$ kubectl create secret generic ace-licenseserver-cred \ + --from-file=license-proxyserver.yaml \ + -n kubeops +``` + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: license-proxyserver + namespace: kubeops +spec: + interval: 5m + chart: + spec: + chart: license-proxyserver + version: v2026.2.16 + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + crds: CreateReplace + upgrade: + crds: CreateReplace + values: + registryFQDN: ghcr.io + valuesFrom: + - kind: Secret + name: ace-licenseserver-cred + valuesKey: license-proxyserver.yaml + optional: true +``` + +### b. Install KubeDB without a license Secret + +With the proxyserver running, deploy the `kubedb` `HelmRelease` without the `valuesFrom` license Secret — drop step 2 and the `valuesFrom` block from step 3: + +```yaml +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: kubedb + namespace: kubedb +spec: + interval: 1h + chart: + spec: + chart: kubedb + version: {{< param "info.version" >}} + sourceRef: + kind: HelmRepository + name: appscode-charts + namespace: flux-system + install: + createNamespace: true + crds: CreateReplace + upgrade: + crds: CreateReplace + values: + global: + featureGates: + Elasticsearch: true + Kafka: true + MariaDB: true + MongoDB: true + MySQL: true + Postgres: true + Redis: true +``` + +To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). + +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). diff --git a/docs/setup/install/kubedb/helm.md b/docs/setup/install/kubedb/helm.md new file mode 100644 index 0000000000..f2464e40fe --- /dev/null +++ b/docs/setup/install/kubedb/helm.md @@ -0,0 +1,65 @@ +--- +title: Install KubeDB using Helm 3 +description: Install KubeDB using Helm 3 +menu: + docs_{{ .version }}: + identifier: install-kubedb-helm + name: Helm 3 + parent: install-kubedb-enterprise + weight: 10 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Using Helm 3 + +KubeDB can be installed via [Helm](https://helm.sh/) using the [chart](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb) from [AppsCode Charts Repository](https://github.com/appscode/charts). To install, follow the steps below: + +```bash +$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --wait --burst-limit=10000 --debug +``` + +{{< notice type="warning" message="If you are using **private Docker registries** using *self-signed certificates*, please pass the registry domains to the operator like below:" >}} + +```bash +$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set global.insecureRegistries[0]=hub.example.com \ + --set global.insecureRegistries[1]=hub2.example.com \ + --set-file global.license=/path/to/the/license.txt \ + --wait --burst-limit=10000 --debug +``` + +## (Alternative) Use License Proxyserver instead of a license file + +Instead of passing a license file to every operator, you can install the `license-proxyserver` chart once. It distributes license tokens to KubeDB and other AppsCode operators inside the cluster, so the `helm install kubedb` command no longer needs `--set-file global.license`. + +Generate an online license-proxyserver token by following the [License Proxyserver guide](https://kubedb.com/docs/platform/v2026.5.22/guides/license-management/license-proxyserver/), then install the chart with that token: + +```bash +$ helm install license-proxyserver oci://ghcr.io/appscode-charts/license-proxyserver \ + --version v2026.2.16 \ + --namespace kubeops --create-namespace \ + --set platform.baseURL=https://appscode.com \ + --set platform.token= \ + --wait --burst-limit=10000 --debug +``` + +With the proxyserver running, install KubeDB without the license flag: + +```bash +$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --wait --burst-limit=10000 --debug +``` + +To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). + +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). diff --git a/docs/setup/install/kubedb/openshift.md b/docs/setup/install/kubedb/openshift.md new file mode 100644 index 0000000000..8387f958c1 --- /dev/null +++ b/docs/setup/install/kubedb/openshift.md @@ -0,0 +1,127 @@ +--- +title: Install KubeDB on OpenShift +description: Install KubeDB on OpenShift +menu: + docs_{{ .version }}: + identifier: install-kubedb-openshift + name: OpenShift + parent: install-kubedb-enterprise + weight: 50 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Install on OpenShift + +KubeDB supports OpenShift in three different ways. Pick the one that best matches your deployment workflow. + +## Option A: Standard KubeDB chart with OpenShift overrides + +The standard `kubedb` chart can be deployed on OpenShift by enabling the OpenShift distro flags. The `openshift` flag is also auto-detected when the cluster exposes the `project.openshift.io/v1` API, so you can leave it `false` and only switch the image flavor to UBI. + +```bash +$ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --set global.distro.openshift=false \ + --set global.distro.ubi=operator \ + --wait --burst-limit=10000 --debug +``` + +Equivalent values file: + +```yaml +global: + distro: + openshift: false + ubi: "operator" +``` + +## Option B: Red Hat OpenShift Certified Helm Chart + +AppsCode publishes a Red Hat OpenShift Certified Helm chart, [`kubedb-certified`](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb-certified). This chart does **not** ship the KubeDB CRDs; you must install the companion [`kubedb-certified-crds`](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb-certified-crds) chart first. + +**Step 1 — Install the CRDs:** + +```bash +$ helm repo add appscode https://charts.appscode.com/stable/ +$ helm repo update + +$ helm upgrade -i kubedb-certified-crds appscode/kubedb-certified-crds \ + -n kubedb --create-namespace \ + --version={{< param "info.version" >}} +``` + +**Step 2 — Install the operator:** + +```bash +$ helm upgrade -i kubedb-certified appscode/kubedb-certified \ + -n kubedb --create-namespace \ + --version={{< param "info.version" >}} \ + --set-file global.license=/path/to/the/license.txt +``` + +## Option C: Red Hat OpenShift OperatorHub + +KubeDB is a [Red Hat Certified Operator](https://catalog.redhat.com/en/software/container-stacks/detail/6867c6a358efc229b095b8ee#overview) in the OpenShift OperatorHub catalog. You can install the KubeDB operator bundle directly from the OpenShift web console (**Operators → OperatorHub → KubeDB**) or with `oc`. + +Once the operator bundle is installed, create a `Kubedb` installer resource to deploy the KubeDB operator components. Toggle the `featureGates` to match the database engines you intend to use, and set either `license` (inline content) or `licenseSecretName` (a Secret with key `key.txt`) — get a license from the [AppsCode License Server](https://appscode.com/issue-license?p=kubedb). + +```yaml +apiVersion: installer.kubedb.com/v1 +kind: Kubedb +metadata: + name: kubedb + namespace: kubedb +spec: + global: + featureGates: + Cassandra: false + ClickHouse: false + DB2: false + DocumentDB: false + Druid: false + Elasticsearch: true + HanaDB: false + Hazelcast: false + Ignite: false + Kafka: true + MariaDB: true + Memcached: false + Milvus: false + MongoDB: true + MSSQLServer: false + MySQL: true + Neo4j: false + Oracle: false + PerconaXtraDB: false + PgBouncer: false + Pgpool: false + Postgres: true + ProxySQL: false + Qdrant: false + RabbitMQ: false + Redis: true + Singlestore: false + Solr: false + Weaviate: false + ZooKeeper: false + imagePullSecrets: [] + insecureRegistries: [] + license: '' + licenseSecretName: '' + networkPolicy: + enabled: false + registry: '' + registryFQDN: '' +``` + +Apply it with: + +```bash +$ oc apply -f kubedb.yaml +``` + +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). diff --git a/docs/setup/install/kubedb/yaml.md b/docs/setup/install/kubedb/yaml.md new file mode 100644 index 0000000000..4cd44ab2d0 --- /dev/null +++ b/docs/setup/install/kubedb/yaml.md @@ -0,0 +1,41 @@ +--- +title: Install KubeDB using YAML +description: Install KubeDB using YAML +menu: + docs_{{ .version }}: + identifier: install-kubedb-yaml + name: YAML + parent: install-kubedb-enterprise + weight: 20 +product_name: kubedb +menu_name: docs_{{ .version }} +section_menu_id: setup +--- + +# Using YAML + +If you prefer to not use Helm, you can generate YAMLs from KubeDB chart and deploy using `kubectl`. Here we are going to show the procedure using Helm 3. + +```bash +$ helm template kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --set global.skipCleaner=true | kubectl apply -f - +``` + +{{< notice type="warning" message="If you are using **private Docker registries** using *self-signed certificates*, please pass the registry domains to the operator like below:" >}} + +```bash +$ helm template kubedb oci://ghcr.io/appscode-charts/kubedb \ + --version {{< param "info.version" >}} \ + --namespace kubedb --create-namespace \ + --set-file global.license=/path/to/the/license.txt \ + --set global.insecureRegistries[0]=hub.example.com \ + --set global.insecureRegistries[1]=hub2.example.com \ + --set global.skipCleaner=true | kubectl apply -f - +``` + +To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). + +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). From ecea62d196e47215d9e2d636f47b1fd7740aea57 Mon Sep 17 00:00:00 2001 From: Arnob Kumar Saha Date: Tue, 16 Jun 2026 11:15:15 +0600 Subject: [PATCH 12/12] docs(setup): use .md link style for KubeDB install pages Signed-off-by: Arnob Kumar Saha --- docs/setup/install/kubedb/_index.md | 12 ++++++------ docs/setup/install/kubedb/argocd.md | 2 +- docs/setup/install/kubedb/configuration.md | 2 +- docs/setup/install/kubedb/fluxcd.md | 2 +- docs/setup/install/kubedb/helm.md | 2 +- docs/setup/install/kubedb/openshift.md | 2 +- docs/setup/install/kubedb/yaml.md | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/setup/install/kubedb/_index.md b/docs/setup/install/kubedb/_index.md index 413324925c..8b2e841b26 100644 --- a/docs/setup/install/kubedb/_index.md +++ b/docs/setup/install/kubedb/_index.md @@ -24,13 +24,13 @@ Download a FREE license from [AppsCode License Server](https://appscode.com/issu KubeDB can be installed in several ways. Pick the one that fits your workflow: -- [Helm 3](/docs/setup/install/kubedb/helm/) — recommended for most users. -- [YAML](/docs/setup/install/kubedb/yaml/) — render manifests and apply with `kubectl`. -- [ArgoCD](/docs/setup/install/kubedb/argocd/) — GitOps via ArgoCD `Application` resources. -- [FluxCD](/docs/setup/install/kubedb/fluxcd/) — GitOps via the Flux Helm Controller. -- [OpenShift](/docs/setup/install/kubedb/openshift/) — standard chart, Red Hat certified chart, or OperatorHub. +- [Helm 3](/docs/setup/install/kubedb/helm.md) — recommended for most users. +- [YAML](/docs/setup/install/kubedb/yaml.md) — render manifests and apply with `kubectl`. +- [ArgoCD](/docs/setup/install/kubedb/argocd.md) — GitOps via ArgoCD `Application` resources. +- [FluxCD](/docs/setup/install/kubedb/fluxcd.md) — GitOps via the Flux Helm Controller. +- [OpenShift](/docs/setup/install/kubedb/openshift.md) — standard chart, Red Hat certified chart, or OperatorHub. -After installing, see [Common Configuration](/docs/setup/install/kubedb/configuration/) to enable database engines and verify the installation. +After installing, see [Common Configuration](/docs/setup/install/kubedb/configuration.md) to enable database engines and verify the installation. ## Purchase KubeDB License diff --git a/docs/setup/install/kubedb/argocd.md b/docs/setup/install/kubedb/argocd.md index 47a40998a1..03cb9bcd27 100644 --- a/docs/setup/install/kubedb/argocd.md +++ b/docs/setup/install/kubedb/argocd.md @@ -247,4 +247,4 @@ spec: To see the detailed configuration options for each chart, visit the [AppsCode Charts repository](https://github.com/appscode/charts). -Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration.md). diff --git a/docs/setup/install/kubedb/configuration.md b/docs/setup/install/kubedb/configuration.md index 99d88f9d4e..959d21a8af 100644 --- a/docs/setup/install/kubedb/configuration.md +++ b/docs/setup/install/kubedb/configuration.md @@ -14,7 +14,7 @@ section_menu_id: setup # Common Configuration -The steps below apply regardless of which [installation method](/docs/setup/install/kubedb/) you used. +The steps below apply regardless of which [installation method](/docs/setup/install/kubedb/_index.md) you used. ## Enable Database Engines diff --git a/docs/setup/install/kubedb/fluxcd.md b/docs/setup/install/kubedb/fluxcd.md index 9971c69c92..f67820d3bb 100644 --- a/docs/setup/install/kubedb/fluxcd.md +++ b/docs/setup/install/kubedb/fluxcd.md @@ -180,4 +180,4 @@ spec: To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). -Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration.md). diff --git a/docs/setup/install/kubedb/helm.md b/docs/setup/install/kubedb/helm.md index f2464e40fe..f0d8dc7d31 100644 --- a/docs/setup/install/kubedb/helm.md +++ b/docs/setup/install/kubedb/helm.md @@ -62,4 +62,4 @@ $ helm install kubedb oci://ghcr.io/appscode-charts/kubedb \ To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). -Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration.md). diff --git a/docs/setup/install/kubedb/openshift.md b/docs/setup/install/kubedb/openshift.md index 8387f958c1..b1a5f17a1e 100644 --- a/docs/setup/install/kubedb/openshift.md +++ b/docs/setup/install/kubedb/openshift.md @@ -124,4 +124,4 @@ Apply it with: $ oc apply -f kubedb.yaml ``` -Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration.md). diff --git a/docs/setup/install/kubedb/yaml.md b/docs/setup/install/kubedb/yaml.md index 4cd44ab2d0..a952c6463d 100644 --- a/docs/setup/install/kubedb/yaml.md +++ b/docs/setup/install/kubedb/yaml.md @@ -38,4 +38,4 @@ $ helm template kubedb oci://ghcr.io/appscode-charts/kubedb \ To see the detailed configuration options, visit [here](https://github.com/kubedb/installer/tree/{{< param "info.installer" >}}/charts/kubedb). -Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration/). +Next: [enable database engines and verify the installation](/docs/setup/install/kubedb/configuration.md).