Skip to content

fpm-git/contrib-helm-chart

BranchesTags
 
 

Repository files navigation

Redash

Redash is an open source tool built for teams to query, visualize and collaborate.

Introduction

This chart bootstraps a Redash deployment on a Kubernetes cluster using the Helm package manager.

This is a contributed project developed by volunteers and not officially supported by Redash.

Current chart version is 3.0.1

Prerequisites

  • At least 3 GB of RAM available on your cluster
  • Kubernetes 1.19+ - chart is tested with latest 3 stable versions
  • Helm 3 (Helm 2 depreciated)
  • PV provisioner support in the underlying infrastructure

Installing the Chart

To install the chart with the release name my-release, add the chart repository:

$ helm repo add redash https://getredash.github.io/contrib-helm-chart/

Create a values file with required secrets (store this securely!):

$ cat > my-values.yaml <<- EOM
redash:
  cookieSecret: $(openssl rand -base64 32)
  secretKey: $(openssl rand -base64 32)
postgresql:
  postgresqlPassword: $(openssl rand -base64 32)
redis:
  password: $(openssl rand -base64 32)
EOM

Install the chart:

$ helm upgrade --install -f my-values.yaml my-release redash/redash

The command deploys Redash on the Kubernetes cluster in the default configuration. The configuration section and and default values.yaml lists the parameters that can be configured during installation.

Tip: List all releases using helm list

Uninstalling the Chart

To uninstall/delete the my-release deployment:

$ helm delete my-release

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following table lists the configurable parameters of the Redash chart and their default values.

Values

Key Type Default Description
adhocWorker.affinity object {} Affinity for ad-hoc worker pod assignment ref
adhocWorker.env object {"QUEUES":"queries","WORKERS_COUNT":2} Redash ad-hoc worker specific environment variables.
adhocWorker.nodeSelector object {} Node labels for ad-hoc worker pod assignment ref
adhocWorker.podAnnotations object {} Annotations for adhoc worker pod assignment ref
adhocWorker.podLabels object {} Labels for adhoc worker pod assignment ref
adhocWorker.podSecurityContext object {} Security contexts for ad-hoc worker pod assignment ref
adhocWorker.replicaCount int 1 Number of ad-hoc worker pods to run
adhocWorker.resources string nil Ad-hoc worker resource requests and limits ref
adhocWorker.securityContext object {}
adhocWorker.tolerations list [] Tolerations for ad-hoc worker pod assignment ref
adhocWorker.volumeMounts list [] VolumeMounts for ad-hoc worker pod assignment ref
adhocWorker.volumes list [] Volumes for ad-hoc pod worker assignment ref
env object {"PYTHONUNBUFFERED":0} Redash global environment variables - applied to both server and worker containers.
externalPostgreSQL string nil External PostgreSQL configuration. Configure the externalPostgreSQL connection URL (e.g. postgresql://user:pass@host:5432/database)
externalPostgreSQLSecret object {} Read external PostgreSQL configuration from a secret. This should point at a secret file with a single key which specifies the connection string.
externalRedis string nil External Redis configuration. Configure the externalRedis connection URL (e.g. redis://user:pass@host:6379/database).
externalRedisSecret object {} Read external Redis configuration from a secret. This should point at a secret file with a single key which specifies the connection string.
fullnameOverride string ""
genericWorker.affinity object {} Affinity for generic worker pod assignment ref
genericWorker.env object {"QUEUES":"periodic,emails,default","WORKERS_COUNT":1} Redash generic worker specific environment variables.
genericWorker.nodeSelector object {} Node labels for generic worker pod assignment ref
genericWorker.podAnnotations object {} Annotations for generic worker pod assignment ref
genericWorker.podLabels object {} Labels for generic worker pod assignment ref
genericWorker.podSecurityContext object {} Security contexts for generic worker pod assignment ref
genericWorker.replicaCount int 1 Number of generic worker pods to run
genericWorker.resources string nil Generic worker resource requests and limits ref
genericWorker.securityContext object {}
genericWorker.tolerations list [] Tolerations for generic worker pod assignment ref
genericWorker.volumeMounts list [] VolumeMounts for generic worker pod assignment ref
genericWorker.volumes list [] Volumes for generic worker pod assignment ref
hookInstallJob.affinity object {} Affinity for scheduled worker pod assignment ref
hookInstallJob.nodeSelector object {} Node labels for scheduled worker pod assignment ref
hookInstallJob.podAnnotations object {} Annotations for scheduled worker pod assignment ref
hookInstallJob.podSecurityContext object {} Security contexts for scheduled worker pod assignment ref
hookInstallJob.resources string nil Scheduled worker resource requests and limits ref
hookInstallJob.securityContext object {}
hookInstallJob.tolerations list [] Tolerations for server pod assignment ref
hookInstallJob.ttlSecondsAfterFinished int 600 ttl for install job ref
hookUpgradeJob.affinity object {} Affinity for scheduled worker pod assignment ref
hookUpgradeJob.nodeSelector object {} Node labels for scheduled worker pod assignment ref
hookUpgradeJob.podAnnotations object {} Annotations for scheduled worker pod assignment ref
hookUpgradeJob.podSecurityContext object {} Security contexts for scheduled worker pod assignment ref
hookUpgradeJob.resources string nil Scheduled worker resource requests and limits ref
hookUpgradeJob.securityContext object {}
hookUpgradeJob.tolerations list [] Tolerations for server pod assignment ref
hookUpgradeJob.ttlSecondsAfterFinished int 600 ttl for install job ref
image.pullPolicy string "IfNotPresent"
image.repository string "redash/redash" Redash image name used for server and worker pods
image.tag string "10.0.0.b50363" Redash image tag
imagePullSecrets list [] Name(s) of secrets to use if pulling images from a private registry
ingress.annotations object {} Ingress annotations configuration
ingress.enabled bool false Enable ingress controller resource
ingress.hosts list [{"host":"chart-example.local","paths":[]}] Ingress resource hostnames and path mappings
ingress.ingressClassName string "" Sets the ingress controller class name to use.
ingress.pathType string "Prefix" How ingress paths should be treated.
ingress.tls list [] Ingress TLS configuration
nameOverride string ""
redash.additionalDestinations string "" REDASH_ADDITIONAL_DESTINATIONS value. Comma-separated list of non-default alert destinations to be enabled.
redash.additionalQueryRunners string "" REDASH_ADDITIONAL_QUERY_RUNNERS value. Comma-separated list of non-default query runners to be enabled.
redash.adhocQueryTimeLimit string None REDASH_ADHOC_QUERY_TIME_LIMIT value. Time limit for adhoc queries (in seconds).
redash.alertsDefaultMailSubjectTemplate string ({state}) {alert_name} REDASH_ALERTS_DEFAULT_MAIL_SUBJECT_TEMPLATE value. Subject used for email alert notifications. {state} and {alert_name} are the only available variables..
redash.allowScriptsInUserInput string false REDASH_ALLOW_SCRIPTS_IN_USER_INPUT value. Disable sanitization of text input, allowing full html.
redash.authType string api_key REDASH_AUTH_TYPE value. May be either api_key or hmac. implemented here.
redash.bigqueryHttpTimeout string 600 REDASH_BIGQUERY_HTTP_TIMEOUT value. Http timeout for the bigquery query runner.
redash.blockedDomains string "qq.com" REDASH_BLOCKED_DOMAINS value. Comma separated of email domains that cannot create user accounts.
redash.cookieSecret string "" REQUIRED REDASH_COOKIE_SECRET value. Required. used for various cryptographic features of the web server. read more about how redash uses secret keys [here]({% link _kb/open-source/admin-guide/secrets.md %}). Stored as a Secret value.
redash.corsAccessControlAllowCredentials string false REDASH_CORS_ACCESS_CONTROL_ALLOW_CREDENTIALS value.
redash.corsAccessControlAllowHeaders string Content-Type REDASH_CORS_ACCESS_CONTROL_ALLOW_HEADERS value.
redash.corsAccessControlAllowOrigin string "" REDASH_CORS_ACCESS_CONTROL_ALLOW_ORIGIN value.
redash.corsAccessControlRequestMethod string GET, POST, PUT REDASH_CORS_ACCESS_CONTROL_REQUEST_METHOD value.
redash.dashboardRefreshIntervals string 60,300,600,1800,3600,43200,86400 REDASH_DASHBOARD_REFRESH_INTERVALS value. Comma-separated list of integer seconds that will be allowed for dashboard refresh.
redash.dateFormat string DD/MM/YY REDASH_DATE_FORMAT value. Moment.js format to be used throughout the web application.
redash.disablePublicUrls string "false" REDASH_DISABLE_PUBLIC_URLS value. Whether to disable access to public urls.
redash.disabledQueryRunners string "" REDASH_DISABLED_QUERY_RUNNERS value. Comma-separated list of query runners that will not appear in redash.
redash.enabledDestinations string ”,”.join(default_destinations) REDASH_ENABLED_DESTINATIONS value. Comma-separated list of alert destinations to be enabled (e.g. redash.destinations.email,redash.destinations.slack ).
redash.enabledQueryRunners string ”,”.join(default_query_runners) REDASH_ENABLED_QUERY_RUNNERS value. Comma-separated list of query runners to be enabled (e.g. redash.query_runner.pg,redash.query_runner.mysql).
redash.enforceHttps string false REDASH_ENFORCE_HTTPS value. This is passed to flask-talisman.
redash.eventReportingWebhooks string "" REDASH_EVENT_REPORTING_WEBHOOKS value. Comma-separated list of webhook urls that to which events will be forwarded.
redash.featureAllowCustomJsVisualizations string false REDASH_FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS value. Enable the custom visualization option. this appears as a sub-type of "chart" visualizations in the ui..
redash.featureAutoPublishNamedQueries string true REDASH_FEATURE_AUTO_PUBLISH_NAMED_QUERIES value. Automatically publish a new query after its name is changed from "new query".
redash.featureDisableRefreshQueries string false REDASH_FEATURE_DISABLE_REFRESH_QUERIES value. Disable scheduled query execution.
redash.featureShowPermissionsControl string false REDASH_FEATURE_SHOW_PERMISSIONS_CONTROL value. Enable experimental multiple owners support.
redash.featureShowQueryResultsCount string true REDASH_FEATURE_SHOW_QUERY_RESULTS_COUNT value. Disable/enable showing count of query results in status.
redash.googleClientId string "" REDASH_GOOGLE_CLIENT_ID value. The client id to use for google login, be sure to set a client secret as well.
redash.googleClientSecret string "" REDASH_GOOGLE_CLIENT_SECRET value. The client secret to use for google login, be sure to set a client id as well. Stored as a Secret value.
redash.host string "" REDASH_HOST value. The url host used in emails sent to users (invites, alerts, notifications) etc..
redash.invitationTokenMaxAge string 60 _ 60 _ 24 * 7 REDASH_INVITATION_TOKEN_MAX_AGE value. An integer number of seconds after which an invitation link will expire.
redash.jobExpiryTime string 3600 * 12 REDASH_JOB_EXPIRY_TIME value. Ttl in seconds for jobs placed in queue. if a job is not picked up by a worker within this ttl it will expire..
redash.jwtAuthAlgorithms string HS256,RS256,ES256 REDASH_JWT_AUTH_ALGORITHMS value.
redash.jwtAuthAudience string "" REDASH_JWT_AUTH_AUDIENCE value.
redash.jwtAuthCookieName string "" REDASH_JWT_AUTH_COOKIE_NAME value.
redash.jwtAuthHeaderName string "" REDASH_JWT_AUTH_HEADER_NAME value.
redash.jwtAuthIssuer string "" REDASH_JWT_AUTH_ISSUER value.
redash.jwtAuthPublicCertsUrl string "" REDASH_JWT_AUTH_PUBLIC_CERTS_URL value.
redash.jwtLoginEnabled string false REDASH_JWT_LOGIN_ENABLED value.
redash.ldapBindDn string None REDASH_LDAP_BIND_DN value.
redash.ldapBindDnPassword string "" REDASH_LDAP_BIND_DN_PASSWORD value. Stored as a Secret value.
redash.ldapCustomUsernamePrompt string LDAP/AD/SSO username: REDASH_LDAP_CUSTOM_USERNAME_PROMPT value.
redash.ldapDisplayNameKey string displayName REDASH_LDAP_DISPLAY_NAME_KEY value.
redash.ldapEmailKey string mail REDASH_LDAP_EMAIL_KEY value.
redash.ldapLoginEnabled string false REDASH_LDAP_LOGIN_ENABLED value.
redash.ldapSearchDn string REDASH_SEARCH_DN REDASH_LDAP_SEARCH_DN value.
redash.ldapSearchTemplate string (cn=%(username)s) REDASH_LDAP_SEARCH_TEMPLATE value.
redash.ldapUrl string None REDASH_LDAP_URL value.
redash.limiterStorage string REDIS_URL REDASH_LIMITER_STORAGE value. Mapped directly to flask-limiter's storage_uri..
redash.logLevel string INFO REDASH_LOG_LEVEL value. Logging messages which are less severe than level will be ignored. read more about python logging here.
redash.mailAsciiAttachments string false REDASH_MAIL_ASCII_ATTACHMENTS value.
redash.mailDefaultSender string None REDASH_MAIL_DEFAULT_SENDER value.
redash.mailMaxEmails string None REDASH_MAIL_MAX_EMAILS value.
redash.mailPassword string None REDASH_MAIL_PASSWORD value. Stored as a Secret value.
redash.mailPort string 25 REDASH_MAIL_PORT value.
redash.mailServer string localhost REDASH_MAIL_SERVER value.
redash.mailUseSsl string false REDASH_MAIL_USE_SSL value.
redash.mailUseTls string false REDASH_MAIL_USE_TLS value.
redash.mailUsername string None REDASH_MAIL_USERNAME value.
redash.multiOrg string false REDASH_MULTI_ORG value. Whether to enable multi-org mode. note: multi-org mode is not documented or supported at this time.
redash.passwordLoginEnabled string true REDASH_PASSWORD_LOGIN_ENABLED value. Toggle to allow password login. often disabled if google login, saml, ldap, or remote_user_login are enabled..
redash.proxiesCount string 1 REDASH_PROXIES_COUNT value. Passed to werkzeug's proxyfix to make sure we get the right referral address even behind proxies like nginx..
redash.queryRefreshIntervals string 60, 300, 600, 900, 1800, 3600, 7200, 10800, 14400, 18000, 21600, 25200, 28800, 32400, 36000, 39600, 43200, 86400, 604800, 1209600, 2592000 REDASH_QUERY_REFRESH_INTERVALS value. Comma-separated list of integer seconds that will be allowed for scheduled query refresh.
redash.queryResultsCleanupCount string 100 REDASH_QUERY_RESULTS_CLEANUP_COUNT value. The number of results to cleanup during each call to cleanup_query_results.
redash.queryResultsCleanupEnabled string true REDASH_QUERY_RESULTS_CLEANUP_ENABLED value. Whether the job to cleanup unused query results should run automatically.
redash.queryResultsCleanupMaxAge string 7 REDASH_QUERY_RESULTS_CLEANUP_MAX_AGE value. Integer number of days, past which a query result may be cleaned up if it is not referenced by another query..
redash.remoteUserHeader string X-Forwarded-Remote-User REDASH_REMOTE_USER_HEADER value. Name of header to use if redash_remote_user_login_enabled is true.
redash.remoteUserLoginEnabled string false REDASH_REMOTE_USER_LOGIN_ENABLED value. Enables the use of an externally-provided and trusted remote user via an http header. the "user" must be an email address. more details.
redash.samlEntityId string "" REDASH_SAML_ENTITY_ID value.
redash.samlMetadataUrl string "" REDASH_SAML_METADATA_URL value.
redash.samlNameidFormat string "" REDASH_SAML_NAMEID_FORMAT value.
redash.samlSchemeOverride string "" REDASH_SAML_SCHEME_OVERRIDE value. This setting will allow you to override the saml auth url scheme that gets constructed by flask. this is a useful feature if, for example, you're behind a proxy protocol enabled tcp load balancer (aws elb that terminates ssl) and your nginx proxy or similar adds a x-forwarded-proto of http even though your redash url for saml auth is https..
redash.scheduledQueryTimeLimit string None REDASH_SCHEDULED_QUERY_TIME_LIMIT value. Time limit for scheduled queries (in seconds).
redash.schemaRunTableSizeCalculations string false REDASH_SCHEMA_RUN_TABLE_SIZE_CALCULATIONS value. Enable showing the size of each table in the schema browser..
redash.schemasRefreshSchedule string 30 REDASH_SCHEMAS_REFRESH_SCHEDULE value. How often to refresh the data source schemas (in minutes).
redash.secretKey string "" REQUIRED REDASH_SECRET_KEY value. Secret key used for data encryption. Stored as a Secret value.
redash.sentryDsn string "" REDASH_SENTRY_DSN value.
redash.sqlAlchemyEnablePoolPrePing string true SQLALCHEMY_ENABLE_POOL_PRE_PING value, controls whether the database connection that's in the pool will be checked by pinging before being used or not. See https://docs.sqlalchemy.org/en/13/core/pooling.html#sqlalchemy.pool.Pool.params.pre_ping
redash.staticAssetsPath string ”../client/dist/” REDASH_STATIC_ASSETS_PATH value. Directory that contains all front-end assets. relative to the ./redash directory.
redash.statsdHost string 127.0.0.1 REDASH_STATSD_HOST value. Host for statsd daemon.
redash.statsdPort string 8125 REDASH_STATSD_PORT value. Port for statsd daemon.
redash.statsdPrefix string redash REDASH_STATSD_PREFIX value. Prefix for metrics sent to statsd daemon.
redash.statsdUseTags string false REDASH_STATSD_USE_TAGS value. Whether to use tags in statsd metrics (influxdb’s format).
redash.throttleLoginPattern string 50/hour REDASH_THROTTLE_LOGIN_PATTERN value. The flask-limiter string pattern used to rate limit requests to the /login route..
redash.versionCheck string true REDASH_VERSION_CHECK value. Toggle whether to periodically check if a newer version of redash is available..
redash.webWorkers string 4 REDASH_WEB_WORKERS value. How many processes will gunicorn spawn to handle web requests.
scheduledWorker.affinity object {} Affinity for scheduled worker pod assignment ref
scheduledWorker.env object {"QUEUES":"scheduled_queries,schemas","WORKERS_COUNT":1} Redash scheduled worker specific environment variables.
scheduledWorker.nodeSelector object {} Node labels for scheduled worker pod assignment ref
scheduledWorker.podAnnotations object {} Annotations for scheduled worker pod assignment ref
scheduledWorker.podLabels object {} Labels for scheduled worker pod assignment ref
scheduledWorker.podSecurityContext object {} Security contexts for scheduled worker pod assignment ref
scheduledWorker.replicaCount int 1 Number of scheduled worker pods to run
scheduledWorker.resources string nil Scheduled worker resource requests and limits ref
scheduledWorker.securityContext object {}
scheduledWorker.tolerations list [] Tolerations for scheduled worker pod assignment ref
scheduledWorker.volumeMounts list [] VolumeMounts for scheduled worker pod assignment ref
scheduledWorker.volumes list [] Volumes for scheduled pod worker assignment ref
scheduler.affinity object {} Affinity for scheduler pod assignment ref
scheduler.env object {} Redash scheduler specific environment variables.
scheduler.nodeSelector object {} Node labels for scheduler pod assignment ref
scheduler.podAnnotations object {} Annotations for scheduler pod assignment ref
scheduler.podLabels object {} Labels for scheduler pod assignment ref
scheduler.podSecurityContext object {} Security contexts for scheduler pod assignment ref
scheduler.resources string nil scheduler resource requests and limits ref
scheduler.securityContext object {}
scheduler.tolerations list [] Tolerations for scheduler pod assignment ref
scheduler.volumeMounts list [] VolumeMounts for scheduler pod assignment ref
scheduler.volumes list [] Volumes for scheduler pod assignment ref
server.affinity object {} Affinity for server pod assignment ref
server.env object {} Redash server specific environment variables Don't use this for variables that are in the configuration above, however.
server.httpPort int 5000 Server container port (only useful if you are using a customized image)
server.nodeSelector object {} Node labels for server pod assignment ref
server.podAnnotations object {} Annotations for server pod assignment ref
server.podLabels object {} Labels for server pod assignment ref
server.podSecurityContext object {} Security contexts for server pod assignment ref
server.replicaCount int 1 Number of server pods to run
server.resources object {} Server resource requests and limits ref
server.securityContext object {}
server.tolerations list [] Tolerations for server pod assignment ref
server.volumeMounts list [] VolumeMounts for server pod assignment ref
server.volumes list [] Volumes for server pod assignment ref
service.annotations object {} Annotations to add to the service
service.loadBalancerIP string nil Specific IP address to use for cloud providers such as Azure Kubernetes Service ref
service.port int 80 Service external port
service.type string "ClusterIP" Kubernetes Service type
serviceAccount.annotations object {} Annotations to add to the service account
serviceAccount.create bool true Specifies whether a service account should be created
serviceAccount.name string nil The name of the service account to use. If not set and create is true, a name is generated using the fullname template

Upgrading

  • See the changelog for major changes in each release
  • The project will use the semver specification for chart version numbers (chart versions will not match Redash versions, since we may need to update the chart more than once for the same Redash release)
  • Always back up your database before upgrading!
  • Schema migrations will be run automatically after each upgrade

To upgrade a release named my-release:

helm repo update
helm upgrade --reuse-values my-release redash/redash

Below are notes on manual configuration changes or steps needed for major chart version updates.

From 2.x to 3.x

  • The Redash version is updated from v8 to v10 (v9 never had a stable release)
  • The upgrade should be automatic, but please test on a staging environment first!
  • There are now additional "genericworker" and "scheduler" deployments, with associated configuration in values.yaml
  • 3.x and higher will not run with Redash v8 - if you have overriden the image you will need to update that
  • This chart now requires Kubernetes 1.19+
  • Helm 2 is now depreciated and support will be removed in a future version

From 1.x to 2.x

  • There are 3 required secrets (see above) that must now be specified in your release
  • The server.env is now depreciated (except for non-standard variables such as PYTHON_*) to allow for better management of Redash configuration and secret values - any existing configuration should be migrated to the new values

From pre-release to 1.x

  • The values.yaml structure has several changes
  • The Redash, PostgreSQL and Redis versions have all been updated
  • Due to these changes you will likely need to dump the database and reload it into a fresh install
  • The chart now has it's own repo: https://getredash.github.io/contrib-helm-chart/

License

This chart uses the Apache 2 license.

Contributing

Contributions are welcome.

About

Community maintained Redash Helm Chart

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Mustache 75.4%
  • Python 24.6%