Skip to main content

Custom

To install APL on any other conformant Kubernetes, use the custom provider. Make sure your infrastructure adheres to the following pre-requisites:

Prerequisites

Kubernetes versions

APL currently supports the following Kubernetes versions:

  • 1.28
  • 1.29
  • 1.30

Compute resources

APL requires a node pool with at least 12 vCPU and 24 GB RAM.

Default storage class

The custom provider uses the default storage class. If your cluster has a storage class, make sure it is set to be the default:

kubectl patch storageclass <your-storage-class> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

Use the _rawValues to specify another StorageClass per app. This is an example for Harbor:

app:
harbor:
_rawValues:
persistence:
persistentVolumeClaim:
registry:
storageClass: <your-storage-class>
size: 5Gi

External IP

APL needs to be able to create a Kubernetes LoadBalancer Service that obtains an external IP. This IP needs to be accessible from within the cluster. Use Metallb for on-prem installations to allow APL to create a LoadBalancer Service:

# Install Metallb with Helm
kubectl create namespace mlb
helm repo add metallb https://metallb.github.io/metallb
helm repo update
helm install metallb metallb/metallb -n mlb

sleep 60
# Create the IPAddressPool and L2Advertisement
cat <<EOF | kubectl apply -f -
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: default-pool
namespace: mlb
spec:
addresses:
- <start-ip>-<end-ip>
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: default-pool
namespace: mlb
EOF

APL uses the Nginx Ingress Controller. If the cloud provider requires specific annotations to be set on the LoadBalancer Service, add the required annotations to the service in the APL chart values:

ingress:
platformClass:
entrypoint: ''
annotations:
- key: service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol
value: true

CNI

To use the network policies feature in APL, make sure to install the Calico CNI or any other CNI that supports Kubernetes network polices.

Install Tigera Operator:

helm repo add projectcalico https://docs.tigera.io/calico/charts
helm repo update
kubectl create namespace tigera-operator
helm install calico projectcalico/tigera-operator --version v3.26.3 --namespace tigera-operator

Or install Calico minimal:

kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.3/manifests/calico.yaml

Metrics Server

APL installs a Metrics Server. If your provider already installed Metrics Server on their managed Kubernetes service, then disable Metrics Server in APL:

apps:
metrics-server:
enabled: false

API certificates

If your Kubernetes cluster uses untrusted certificates, make sure to set metrics-server for kubelet-insecure-tls:

apps:
metrics-server:
extraArgs:
kubelet-insecure-tls: true
kubelet-preferred-address-types: InternalIP

Cluster Autoscaler

APL does NOT install a Cluster Autoscaler. If your provider does not install a Cluster Autoscaler, install one yourself if required.

DNS

The APL Builds and Projects features are NOT supported when APL is installed without DNS. Install APL with DNS to use all APL features.

Install APL using Helm

To install APL using the custom provider, use the following values:

tee values.yaml<<EOF
cluster:
name: $CLUSTER_NAME
provider: custom
# optionally configure metrics-server for kubelet-insecure-tls
apps:
metrics-server:
extraArgs:
kubelet-insecure-tls: true
kubelet-preferred-address-types: InternalIP
EOF

The custom provider can be used in combination with any DNS provider.