This repository provides a Helm Chart for Kellnr, the Rust registry for self-hosting crates.
Add the Kellr helm repository which contains Kellnr:
# Add repository
helm repo add kellnr https://kellnr.github.io/helm
# Update to latest version
helm repo update
For a list of possible configuration flags see below: Configuration
To install a minimal Kellnr installation with in-memory storage run the command below. The in-memory storage variant is useful for testing but not recommended for production as all data (crates, users, …) will be lost if the container restarts.
helm install kellnr kellnr/kellnr --set kellnr.apiAddress="kellnr.example.com"
For a persistent Kellnr instance, a PersistentVolumeClaim (PVC) is needed. The helm chart can create a PersistentVolumeClaim and PersistentVolume (PV), if you don’t have one already.
# Use an existing PersistentStorage (storage_name) to get a PersistentStorageClaim.
# The storage class can be overwritten with "pvc.storageClassName" and defaults to "manual".
helm install kellnr kellnr/kellnr \
--set pvc.enabled=true --set pvc.name="storage_name" \
--set kellnr.apiAddress="kellnr.example.com"
# Create a new PersistentVolume and a corresponding claim. The host path e.g. "/mnt/kellnr" has to exists before the PV is created.
helm install kellnr kellnr/kellnr \
--set pv.enabled=true --set pv.path="/mnt/kellnr" \
--set pvc.enabled=true \
--set kellnr.apiAddress="kellnr.example.com"
For information about the Cargo setup and default values, see the official Kellnr documentation.
Upgrade Kellnr by updating the Helm repository and applying the latest version.
# Update helm repositories
helm repo update
# Upgrade Kellnr
helm upgrade kellnr kellnr/kellnr
All settings can be set with the --set name=value flag on helm install. Some settings are required and have to be provided other are recommended for security reasons.
Basic settings to configure Kellnr.
| Setting | Required | Description | Default |
|---|---|---|---|
| kellnr.apiAddress | Yes | Address (IP or hostname) where Kellnr is reachable | |
| kellnr.adminPwd | Recommended | Password of the admin user used by the web-ui. The password can be changed anytime in the UI. | kellnr |
| kellnr.adminToken | Recommended | Token used by Cargo for the admin user. The token can be changed anytime in the UI. | Zy9HhJ02RJmg0GCrgLfaCVfU6IwDfhXD |
| kellnr.apiProtocol | No | Protocol where Kellnr is reachable. Either http or https. | http |
| kellnr.logLevel | No | Set the log level. Has to be one of trace, debug, info, warn, error. | info |
| kellnr.logLevelRocket | No | Set the log level for the Rocket web framework. Has to be one of trace, debug, info, warn, error. | warn |
| kellnr.logFormat | No | Set the log format. Has to be one of compact, pretty, json | compact |
| kellnr.cratesIoProxy | No | Enable crates.io proxy mode to cache crates in Kellnr. The crates.io index takes ~10GB of storage + storage for all cached crates. | false |
| kellnr.cratesIoNumThreads | No | Number of threads used to update the crates.io index. | 10 |
| kellnr.rustdocAutoGen | No | Enable automatic rustdoc generation for uploaded crates. | true |
| kellnr.cacheSize | No | Number of crates cached in-memory to decrease disk I/O. If set to 0 the cache is disabled. |
1000 |
| kellnr.maxCrateSize | No | Max. allowed upload size for crates in MB. | 100 |
| kellnr.maxDocsSize | No | Max. allowed upload size for crate docs in MB. | 100 |
| kellnr.gitIndex | No | Enable or disable the git index. Needed for cargo < 1.7.0. Recommended to disable if you use an up to date cargo version. | true |
| kellnr.authRequired | No | Enable or disable authentication on pull. | false |
Settings to configure the web-ui/API endpoint service and the crate index service.
| Setting | Required | Description | Default |
|---|---|---|---|
| service.api.type | No | Type of the service that exports the API and web-ui endpoint. | ClusterIP |
| service.api.port | No | Port of the service that exports the API and web-ui endpoint. | 80 |
| service.api.port_proxy | No | If a proxy is used in front of Kellnr, specify the port of the proxy here. If no proxy is used, set to service.api.port value. |
80 |
| service.index.type | No | Type of the service that exports the crate index. | NodePort |
| service.index.port | No | Internal port of the service that exports the crate index. | 9418 |
| service.index.nodePort | No | External port of the service that exports the crate index. | 30418 |
Setting to configure the ingress route for the web-ui and API.
| Setting | Required | Description | Default |
|---|---|---|---|
| ingress.enabled | No | Enable an Kubernetes ingress route for Kellnr. | true |
| ingress.className | No | Set an ingress className. | ”” |
| ingress.annotations | No | Set ingress annotations. | {} |
| ingress.tls.secretName | No | Set the secret name for a TLS certificate | kellnr-cert-secret |
Settings to configure a TLS certificate with cert-manager. Important If you use Kellnr with TLS,
make sure to set kellnr.apiProtocol to https.
| Setting | Required | Description | Default |
|---|---|---|---|
| certificate.enabled | No | Enable automatic TLS certificate generation with cert-mananger. | false |
| certificate.secretName | No | The name of the certificate secret which an ingress can refer to. | kellnr-cert-secret |
| certificate.issuerRef.kind | No | The kind of the certificate issuer, e.g. ClusterIssuer, or Issuer | ClusterIssuer |
| certificate.issuerRef.name | Yes (if enabled) | The name of the certificate issuer e.g. cert-manager | ”” |
Besides the option of using a certificate to secure the access to Kellnr, you can import a certificate into Kellnr which it will trust as a root certificate.
Kellnr needs to trust it’s own root certificate to be able to generate Rustdocs automatically!
If you use a self-signed certificate that is not trusted by default, you can import it into Kellnr on application startup.
| Setting | Required | Description | Default |
|---|---|---|---|
| importCert.enabled | No | Enable the import of a root certificate to trust | false |
| importCert.useExisting | No | If you have an existing ConfigMap that contains a certificate, set this flag to true, else a new ConfigMap is created. | false |
| importCert.configMapName | No | Set the name of the created or existing ConfigMap to use. | “kellnr-cert” |
| importCert.volumeName | No | The volume name under which the ConfigMap is mounted into the pod. | “kellnr-cert-storage” |
| importCert.certificate | No | The certificate to trust in the standard PEM format. See example below. | ”” |
Example for importCert.certificate:
importCert:
enabled: true
certificate: |
—–BEGIN CERTIFICATE—–
MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
…
jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
—–END CERTIFICATE—–
You can set DNS servers for Kellnr which should be used instead of the default one.
Kellnr needs to be able to resolve it’s own domain name, to be able to generate Rustdocs automatically.
| Setting | Required | Description | Default |
|---|---|---|---|
| dns.enabled | No | Enable an additional dnsPolicy | false |
| dns.dnsPolicy | No | Set the dnsPolicy | “None” |
| dns.dnsConfig.nameservers | No | List of nameservers to use. | - “” |
| dns.dnsConfig.searches | No | List of searches to use. | - “” |
A PersistentVolume can be created for Kellnr to hold all stored data.
| Setting | Required | Description | Default |
|---|---|---|---|
| pv.enabled | No | Enable a PersistentVolume to store the data from Kellnr | false |
| pv.name | No | Name of the PersistentVolume | kellnr |
| pv.storageClassName | No | storageClassName of the PersistentVolume | manual |
| pv.storage | No | Size of the storage. | 5Gi |
| pv.path | Yes (if enabled) | Host path to the storage. Needs to exists before the PV is created | ”” |
A PersistentVolumeClaim can be used by Kellnr to hold all stored data.
| Setting | Required | Description | Default |
|---|---|---|---|
| pvc.enabled | No | Enable a PersistentVolumeClaim to store the data from Kellnr | false |
| pvc.name | No | Name of the PersistentVolumeClaim | kellnr |
| pvc.storageClassName | No | storageClassName of the PersistentVolumeClaim | manual |
| pvc.storage | No | Size of the storage. | 5Gi |
For a full set of possible variables see: values.yaml
If the Helm Chart does not work for you for any reason or you need a feature, feel free to create a Github issue.
Run the following steps to release a new version of the chart.
appVersion in Chart.yaml to the current image version.version in Chart.yaml.main/master branch.