Advanced Orchestrated container deployment (Helm)
Deploy CARTO Self-hosted using Kubernetes and Helm
Last updated
Was this helpful?
Deploy CARTO Self-hosted using Kubernetes and Helm
Last updated
Was this helpful?
To deploy CARTO Self-Hosted on Kubernetes, you need:
A CARTO Self-Hosted installation package containing your environment configuration and a license key. The package has two YAML files: carto-secrets.yaml
and carto-values.yaml
If you don't have it yet, you can ask for it at .
A domain you own, to which you can add a DNS record.
A Kubernetes cluster. To create a cluster, see documentation on , , and . This cluster must fit our hardware and software for Kubernetes.
A working installation of kubectl. To install kubectl, see documentation on , , and .
A working on version 3.6.0 or later.
installed to run the preflight checks
Type this command to add the helm repository
Search for the repo to confirm you can access the carto chart.
Create a file customizations.yaml
with the domain name you want to use
Create the secret with both passwords:
Edit customizations.yaml
:
user: The carto user to be created. It will be created with the previous admin user.
user-password: The new password to be created.
database: The database to be created.
In some scenarios, an SSL connection to the external database is required. In that case, you should add to customizations.yaml
:
Mutual TLS connections between the external database and the APIs are not supported, so client certificates can't be configured on your external database
CARTO Self-hosted platform needs access to some storage buckets to save some resources needed by the platform. These buckets are in charge of storing assets such as imported datasets, map snapshots and custom markers.
You can create and use your own storage buckets in any of the following supported storage providers:
Before installing CARTO Self-Hosted, you can use preflight checks to validate your configuration. Keep iterating until all checks pass—this ensures that your environment is fully prepared for installation.
Use the following command to run the preflight checks:
The previous command performs validation checks to ensure that your customizations.yaml file is correctly configured for installing the CARTO platform and that you're infrastructure is ready to host a CARTO Self-Hosted installation.
Once the checks are complete, you will see the following output in your terminal:
If you encounter any issues during the preflight checks, verify the following:
PostgreSQL Configuration: Ensure your PostgreSQL credentials are correctly set up and that the database is accessible from your cluster.
By addressing these areas, you can resolve common setup issues and proceed with a smooth installation.
Use the following command to install CARTO in your Kubernetes cluster.
After installing CARTO, verify you have the required pods running by running the following command (It can take up to 5 minutes to have everything running):
Once all the services are running, verify the installation by port forwarding to localhost
. Execute the following:
Add to your /etc/hosts
the domain you will use:
echo "127.0.0.1 my.domain.com" >> /etc/hosts
The first step here is to make the router accessible using a LoadBalancer
. This provides an externally-accessible IP address that we will later configure our DNS.
Add to customizations.yaml
based on the cloud you are using:
After that, upgrade the cluster:
Get the EXTERNAL-IP of your CARTO Self-Hosted deployment with this command:
At this point, you need to configure a DNS record that points my.domain.com to the EXTERNAL-IP (34.136.204.51).
Use your own TLS certificate
By default, the package generates a self-signed certificate with a validity of 365 days.
If you want to add your own certificate you need to create a secret:
Edit customizations.yaml
:
Apply the changes:
In order to verify CARTO Self Hosted was correctly installed, and it's functional, we recommend performing the following checks:
Sign in to your Self Hosted, create a user and a new organization.
Go to the Connections
page, in the left-hand menu, create a new connection to one of the available providers.
Go to the Data Explorer
page, click on the Upload
button right next to the Connections
panel. Import a dataset from a local file.
Go back to the Maps
page, and create a new map.
In this new map, add a new layer from a table using the connection created in step 3.
Create a new layer from a SQL Query to the same table. You can use a simple query like:
Create a new layer from the dataset imported in step 4.
Make the map public, copy the sharing URL and open it in a new incognito window.
Go back to the Maps
page, and verify your map appears there, and the map thumbnail represents the latest changes you made to the map.
Congrats! Once you've configured your custom buckets, you should have a production-ready deployment of CARTO Self-Hosted at https://my.domain.com
To fully leverage CARTO's capabilities you need to gain access to the Analytics Toolbox functions. This step is crucial to fully leverage CARTO's capabilities. Please refer to the documentation of your data warehouse provider for detailed instructions:
The following standard commands of kubectl could be used to debug possible issues that might arise:
kubectl logs
and kubectl describe
The container workspace-migrations (included at the pod carto-workspace-api-*) will be responsible for creating a new user carto_worskpace_admin and a database carto_workspace.
To debug possible errors with the connection of the external database you might need to check the logs of this container:
At this point, we are setting up the configuration of the . You need to provide a PostgreSQL user with full permission on a logical database.
If you're installing in EKS and you'd like to use EKS Pod Identity to authenticate to your RDS PostgreSQL database, follow .
And in order to configure them, there is a available that you should follow to complete the Self-Hosted configuration process.
External Proxy: If using an , confirm that it is correctly configured for connecting to external domains.
Egress Requirements: Check that your environment meets the necessary for CARTO Self-Hosted.
Storage Configuration: Verify that your are correctly set up and that the provided credentials are valid.
The entry point to the CARTO Self-Hosted is through the router
service. By default, it is configured in ClusterIP
mode, and it's only accessible in your machine with ).
If you'd like to enable the onboarding experience and the Data Observatory features, follow the or contact .
For further assistance check our page.