This is a basic set of resources to get Mattermost 4.3.x+ running on Google Kubernetes Engine with Let's Encrypt. This guide assumes you already have a working Kubernetes Engine cluster setup.
- Clone the repo:
$ git clone https://github.com/admiralobvious/gcloud-kubernetes-mattermost.git && cd gcloud-kubernetes-mattermost
- Set the username and password for the PostgreSQL database:
$ kubectl create secret generic postgres-creds --from-literal=username=<yourusername> --from-literal=password=<yourpassword>
- Edit any Mattermost config you want in
config.template.json
and then set the username and password for the PostgreSQL database by editing the following line:
"postgres://<yourusername>:<yourpassword>@mattermost-pg:5432/mattermost?sslmode=disable&connect_timeout=10"
- Create the ConfigMap:
$ kubectl create configmap mattermost-config --from-file=./config.template.json
- Create persistent disks for PostgreSQL and Mattermost assets:
$ gcloud compute disks create "mattermost-postgres" --size "20GB" --type "pd-ssd"
$ gcloud compute disks create "mattermost-assets" --size "20GB" --type "pd-ssd"
- Create the PostgreSQL deployment and service:
$ kubectl create -f mattermost-pg-deployment.yaml
$ kubectl create -f mattermost-pg-service.yaml
- Create the Mattermost deployment and service:
$ kubectl create -f mattermost-app-deployment.yaml
$ kubectl create -f mattermost-app-service.yaml
- TLS and domain name:
Caddy is used as a reverse proxy for its Automatic HTTPS and Let's Encrypt support. It assumes you're using googlecloud
for the DNS challenge but you can use any other DNS providers supported by Caddy.
You will want to edit the Caddyfile
and replace mm.example.com
with your own domain and <[email protected]>
in the Dockerfile
with your own email address. If you're using googlecloud
you will also want to replace the content of credentials.json
with the content a Google service account key that has DNS Administrator
permissions.
- Build and push the Caddy reverse proxy container:
$ docker build -t gcr.io/<project_id>/mattermost-lb .
$ gcloud docker -- push gcr.io/<project_id>/mattermost-lb:latest
- Create the reverse proxy deployment and the load-balancer service (make sure you change the
<project_id>
in the deployment file:
$ kubectl create -f mattermost-lb-deployment.yaml
$ kubectl create -f mattermost-lb-service.yaml
- Grab the External IP to update your DNS:
$ kubectl get svc
The GCLB Ingress currently does not support (and probably never will) load-balancing WebSockets which Mattermost requires.
Based on: https://github.com/AcalephStorage/kubernetes-mattermost