This is the multi-page printable view of this section. Click here to print.
Getting Started
How to get started using Portefaix.
- 1: Overview
- 2: Getting Started
1 - Overview
Overview of installation choices for various environments
This document provides information about setting up Portefaix in various environments.
Before you begin
It’s important that you have some knowledge of the following systems and tools:
2 - Getting Started
Getting started
Installation
Installing Portefaix
There are various ways to install Portefaix. Choose one of the following options to suit your environment (public cloud, existing Kubernetes cluster, or a single-node cluster which you can use on a desktop or server or in the cloud).
Installing Portefaix on a public cloud
Choose the Portefaix deployment guide for your chosen cloud:
- To use Portefaix on Google Kubernetes Engine (GKE), follow the GKE deployment guide.
- To use Portefaix on Amazon Elastic Kubernetes Service (EKS), follow the EKS deployment guide.
- To use Portefaix on Microsoft Azure Kubernetes Service (AKS), follow the AKS deployment guide.
- To use Portefaix on AlibabaCloud Container Service for Kubernetes (ACK), follow the ACK deployment guide.
- To use Portefaix as your Homelab, follow the Raspberry PI Homelab.
Components
Infrastructure management
- Terraform: Bootstraps and manages the cloud provider infrastructure.
- Crossplane: Kubernetes-native infrastructure management.
Cluster management
- Argo CD: Reconciles kubernetes clusters with this repository.
- Kyverno: Policy engine supporting validate, mutate, generate, and cleanup rules.
- Renovate: Automatic updates for applications via pull requests.
Secrets
- External Secrets: Synchronizes secrets from Doppler into Kubernetes.
- AKeyless: A secrets management platform.
Networking
- Cilium: eBPF-based CNI & service mesh.
- Cert Manager: Automatic Let’s Encrypt certificates.
Security
- Authentik: Identity Provider.
- Tetragon: eBPF-based security observability and runtime enforcement.
- Trivy: Kubernetes and container vulnerability scanner.
Observability
- Grafana: Visualization platform.
- Prometheus: Monitoring system.
- Loki: Log aggregation system.
- Tempo: High-scale distributed tracing backend
- Mimir: Horizontally scalable TSDB for long-term storage for Prometheus
- Alloy: The OpenTelemetry Distribution from Grafana
Storage
TODO
Troubleshooting
See the Portefaix troubleshooting guide.