4.4 KiB
Requirements
This section covers the internal system requirements as well as external service requirements for productive use.
- tl;dr
- Hardware
- Kubernetes
- Ingress controller
- Volume provisioner
- Certificate management
- External services
- Deployment
tl;dr
openDesk is a Kubernetes only solution and requires an existing Kubernetes (K8s) cluster.
- K8s cluster >= 1.24, CNCF Certified Kubernetes distribution
- Domain and DNS Service
- Ingress controller (supported are nginx-ingress, HAProxy)
- Helm >= v3.9.0
- Helmfile >= v0.157.0
- HelmDiff >= 3.6.0
- Volume provisioner supporting RWO (read-write-once)
- Certificate handling with cert-manager
Hardware
The following minimal requirements are thought for initial evaluation deployment:
| Spec | Value |
|---|---|
| CPU | 8 Cores of x64 or x86 CPU (ARM is not supported yet) |
| RAM | 16 GB, recommended 32 GB |
| Disk | HDD or SSD, >10 GB |
Kubernetes
Any self-hosted or managed K8s cluster >= 1.24 listed in CNCF Certified Kubernetes distributions should be supported.
The deployment is tested against kubespray based clusters.
Note: The deployment is not tested against OpenShift.
Ingress controller
The deployment is intended to use only over HTTPS via a configured FQDN, therefor it is required to have a proper configured ingress controller deployed.
Maintained controllers:
Volume provisioner
Initial evaluation deployment requires a ReadWriteOnce volume provisioner. For local deployment a local- or hostPath-
provisioner is sufficient.
Note: Some components requiring a
ReadWriteManyvolume provisioner for distributed mode or scaling.
Certificate management
This deployment leverages cert-manager to generate valid certificates. This is optional, but a secret containing a valid TLS certificate is required.
Only Certificate resources will be deployed, the cert-manager including its CRD must be installed prior to this or
openDesk certificate management disabled.
External services
Evaluation the openDesk deployment does not require any external service to start, but features may be limited.
| Group | Type | Version | Tested against |
|---|---|---|---|
| Cache | Memcached | 1.6.x |
Memcached |
| Redis | 7.x.x |
Redis | |
| Database | MariaDB | 10.x |
MariaDB |
| PostgreSQL | 15.x |
PostgreSQL | |
| Mail Transfer Agent | Postfix | ||
| PKI/CI (S/MIME) | |||
| Security | AntiVirus/ICAP | ClamAV | |
| Storage | K8s ReadWriteOnce | Ceph / Cloud specific | |
| K8s ReadWriteMany | Ceph / NFS | ||
| Object Storage | MinIO | ||
| Voice | TURN | Coturn |
Deployment
The deployment of each individual component is Helm based. The 35+ Helm charts are configured and templated via Helmfile to provide a streamlined deployment experience.
Helmfile requires HelmDiff to compare desired against deployed state.