Fairwinds Insights Documentation

# Installation

You'll need a code provided by the Fairwinds team in order to try out the self hosted version of Insights. If you're interested, schedule some time to chat (opens new window)

# Quickstart

These instructions are for a quick demo of self hosted Insights. For production grade installations, you'll want to use the instructions here to harden your installation.

helm repo add fairwinds-stable https://charts.fairwinds.com/stable
# These options are for quickstart only. See documentation for hardening tips
helm install fairwinds-insights fairwinds-stable/fairwinds-insights \
  --namespace fairwinds-insights \
  --create-namespace=true \
  --set options.autogenerateKeys=true \
  --set options.allowHTTPCookies=true \
  --set postgresql.sslMode=disable \
  --set postgresql.password=THISISASECRET \
  --set installationCode="$FAIRWINDS_PROVIDED_CODE"

You can then access the dashboard via port-forward:

kubectl port-forward -n fairwinds-insights svc/fairwinds-insights-dashboard 8080:80

# Hardening

The default configuration will give you a working version of Fairwinds Insights. But there are a few issues you'll want to solve before starting to use it seriously:

  • Database: set up a durable Postgres database for your data
  • File Storage: set up a durable place to store files (S3 or Minio)
  • Ingress: host Insights behind a custom domain
  • Sessions: Generate permanent session keys in order to preserve running sessions when Insights is updated
  • Email: In order to confirm email addresses and add new users, you'll need to set up an email provider

Some of these simply involve passing new data to the Helm chart. Others may require the creation of new Kubernetes secrets.

For example, a hardened setup might look like this:

values.yaml:

fairwindsInsights:
  host: https://insights.example.com
  adminEmail: admin@example.com
ingress:
  enabled: true
  hostedZones:
    - insights.example.com
  annotations:
    kubernetes.io/ingress.class: "nginx-ingress"
email:
  strategy: smtp
  smtpHost: smtp.gmail.com
  smtpUsername: you@gmail.com
  smtpPort: "465"
postgresql:
  ephemeral: false
  passwordSecret: fwinsights-postgresql
  postgresqlUsername: your_username
  postgresqlDatabase: desired_database_name
  postgresqlHost: your-server.us-east-1.rds.amazonaws.com
  sslMode: require
  service:
    port: 5432

secrets.yaml:

apiVersion: v1
data:
    COOKIE_HASH_KEY: TjZCbzAzMVJ0U1lXS2RPaE9sU0ZERDJJdXpTNFhLeG91VWFYdU9DcU9kTkpmenlFNWFsT29sajZ3VGpNbjNSSA==
    COOKIE_BLOCK_KEY: RDFNVVhWVzM4QllJd0Z5NXNIT1kxV1RrVWNweWRnbmM=
    SESSION_AUTH_KEY: NTczV0o0NGFBeGtXVzduZjZHV25FdFZMb0s5TE5SSWU3bG00YkNtaE93bHZUVW1VSXZUYW9ya2UzdHE2eFZXSA==
    SESSION_ENCRYPTION_KEY: ME1LeFRPdTYwOVU0YlVvUGVEUUdQYjZnbTlyZUh4b2I=
    SMTP_PASSWORD: aGVsbG93b3JsZA==
    AWS_ACCESS_KEY_ID: aGVsbG93b3JsZA==
    AWS_SECRET_ACCESS_KEY: aGVsbG93b3JsZA==
kind: Secret
metadata:
    name: fwinsights-secrets
type: Opaque

postgres-secret.yaml:

apiVersion: v1
data:
    postgresql-password: aGVsbG93b3JsZA==
kind: Secret
metadata:
    name: fwinsights-postgresql
type: Opaque

Database

Learn more about Fairwinds Try Fairwinds Insights
Privacy Policy