Kubernetes Installation

Self-hosted

This guide explains how to deploy Entropy Data Community Edition on Kubernetes using the official Helm chart.

Prerequisites

Before you begin, ensure you have:

Kubernetes cluster 1.24 or later
kubectl configured to access your cluster
Helm 3.8 or later
A running PostgreSQL database with the vector, hstore, uuid-ossp extension (running PostgreSQL in Kubernetes is not recommended for production)
An SMTP server for transactional emails
At least 1 CPU and 2 GB RAM available

Installation Steps

1. Clone the Helm Chart Repository

git clone https://github.com/entropy-data/entropy-data-helm.git
cd entropy-data-helm

2. Create Namespace

kubectl create namespace entropy-data

3. Create Database Secret

Create a Kubernetes secret with your PostgreSQL credentials:

kubectl create secret generic entropy-data-db \
  --namespace entropy-data \
  --from-literal=username=your_db_username \
  --from-literal=password=your_db_password

4. Create SMTP Secret

Create a secret for SMTP authentication:

kubectl create secret generic entropy-data-smtp \
  --namespace entropy-data \
  --from-literal=username=your_smtp_username \
  --from-literal=password=your_smtp_password

5. Configure values.yaml

Edit the values.yaml file to match your environment:

replicaCount: 1

image:
  repository: entropydata/entropy-data-ce
  tag: "1.7.4"
  pullPolicy: IfNotPresent

service:
  type: ClusterIP
  port: 8080

resources:
  limits:
    cpu: 1000m
    memory: 2Gi
  requests:
    cpu: 500m
    memory: 1Gi

env:
  APPLICATION_HOST_WEB: "https://entropy-data.your-domain.com"
  SPRING_DATASOURCE_URL: "jdbc:postgresql://your-postgres-host:5432/entropy_data"
  SPRING_DATASOURCE_USERNAME:
    secretKeyRef:
      name: entropy-data-db
      key: username
  SPRING_DATASOURCE_PASSWORD:
    secretKeyRef:
      name: entropy-data-db
      key: password
  SPRING_MAIL_HOST: "smtp.example.com"
  SPRING_MAIL_PORT: "587"
  SPRING_MAIL_USERNAME:
    secretKeyRef:
      name: entropy-data-smtp
      key: username
  SPRING_MAIL_PASSWORD:
    secretKeyRef:
      name: entropy-data-smtp
      key: password
  SPRING_MAIL_PROPERTIES_MAIL_SMTP_AUTH: "true"
  SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE: "true"
  APPLICATION_MAIL_FROM: "Entropy Data <noreply@your-domain.com>"
  APPLICATION_DATACONTRACT_SPECIFICATIONS: "odcs"
  APPLICATION_DATAPRODUCT_SPECIFICATIONTYPES: "dps"

6. Install with Helm

Deploy Entropy Data to your cluster:

helm install entropy-data . \
  --namespace entropy-data \
  --create-namespace

Access

Service Cluster IP

The application runs as a ClusterIP service on port 8080. To access it:

# Get cluster IP
kubectl get svc entropy-data -n entropy-data -o jsonpath='{.spec.clusterIP}'

The service is accessible within the cluster at http://<cluster-ip>:8080

Configure Ingress (Recommended for Production)

For external access, configure an ingress as described below.

Ingress Configuration

The Helm chart does not include an ingress resource. You need to configure ingress based on your cluster setup.

Example: Nginx Ingress with Cert-Manager

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: entropy-data
  namespace: entropy-data
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "50m"
spec:
  ingressClassName: nginx
  tls:
    - hosts:
        - entropy-data.your-domain.com
      secretName: entropy-data-tls
  rules:
    - host: entropy-data.your-domain.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: entropy-data
                port:
                  number: 8080

Apply the ingress:

kubectl apply -f ingress.yaml

Management Commands

View Deployment Status

# Check pods
kubectl get pods -n entropy-data

# View logs
kubectl logs -n entropy-data -l app.kubernetes.io/name=entropy-data -f

# Check service
kubectl get svc -n entropy-data

Upgrade Deployment

# Pull latest changes
git pull

# Upgrade release
helm upgrade entropy-data . \
  --namespace entropy-data

Uninstall

helm uninstall entropy-data --namespace entropy-data

Scaling

To run multiple replicas for high availability:

# values.yaml
replicaCount: 3

resources:
  limits:
    cpu: 2000m
    memory: 4Gi
  requests:
    cpu: 1000m
    memory: 2Gi

After updating values.yaml:

helm upgrade entropy-data . --namespace entropy-data

Azure SSO Integration (Optional)

If you want to use Azure Entra ID for authentication:

1. Create Azure SSO Secret

kubectl create secret generic entropy-data-azure-sso \
  --namespace entropy-data \
  --from-literal=clientId=your_azure_client_id \
  --from-literal=clientSecret=your_azure_client_secret

2. Enable in values.yaml

azureSso:
  enabled: true
  issuerUri: "https://login.microsoftonline.com/your-tenant-id/v2.0"
  secretName: entropy-data-azure-sso
  hosts: "entropy-data.your-domain.com"

Health Checks

The Helm chart includes built-in health checks:

Startup Probe: Checks /login endpoint, allows 30 failures over 5 minutes
Liveness Probe: Verifies application is running
Readiness Probe: Ensures application is ready to serve traffic

Additional Configuration

Add custom environment variables in values.yaml:

env:
  # Add any additional environment variables here
  APPLICATION_SUPERADMINS: "admin@your-domain.com"
  APPLICATION_COMPROMISEDPASSWORDCHECKER_ENABLED: "true"

For a complete list of environment variables, see the Configuration page.

Troubleshooting

Pod Not Starting

kubectl describe pod -n entropy-data <pod-name>
kubectl logs -n entropy-data <pod-name>

View All Resources

kubectl get all -n entropy-data

Support

For issues or questions, visit https://support.entropy-data.com

Next Steps

Configure SSO for user authentication
Set up SCIM for user provisioning
Configure observability for monitoring
Review all configuration options
Explore integrations with your data platforms