- docs
- FlowFuse User Manuals
- Using FlowFuse
- Getting Started
- Static asset service
- Bill of Materials
- FlowFuse Concepts
- Changing the Stack
- Custom Hostnames
- Device Groups
- DevOps Pipelines
- Environment Variables
- FlowFuse Assistant
- FlowFuse File Nodes
- FlowFuse Project Nodes
- High Availability mode
- HTTP Access Tokens
- Instance Settings
- Logging
- persistent-context
- Shared Team Library
- Snapshots
- Team Broker
- Teams
- User Settings
- FlowFuse API
- Migrating a Node-RED project to FlowFuse
- Device Agent
- Device Agent
- FlowFuse Device Agent Introduction
- Quick Start
- Installation
- Register your Remote Instance
- Running the Agent
- Deploying your Flows
- Hardware Guides
- FlowFuse Cloud
- FlowFuse Cloud
- FlowFuse Self-Hosted
- Quick Start
- Installing FlowFuse
- Overview
- Configuring FlowFuse
- DNS Setup
- Docker install
- Docker from AWS Market Place
- Docker on Digital Ocean
- Add Project Stacks on Docker
- Docker Engine on Windows
- Email configuration
- First Run Setup
- FlowFuse File Storage
- Install FlowFuse on Kubernetes
- Upgrading FlowFuse
- Administering FlowFuse
- Administering FlowFuse
- Configuring Single Sign-On (SSO)
- Licensing
- Monitoring
- Telemetry
- User Management
- Support
- Community Support
- Premium Support
- Debugging Node-RED issues
- Contributing
- Contributing to FlowFuse
- Introduction
- Adding Template Settings
- API Design
- Creating debug stack containers
- Database migrations
- FlowFuse Architecture
- Local Install
- State Flows
- Device Editor
- Invite External Users
- User Login Flows
- Reset Password Flow
- Project Creation
- Instance states
- User Sign up Flow
- Team creation Flow
- Team Broker
- Working with Feature Flags
# OpenShift Install
This guide walks you through detailed set up of FlowFuse Platform on a container envoronment managed by OpenShift. Typically suited for large on premise deployments or deployment in Cloud infrastructure. By the end, you will have a fully functioning FlowFuse instance running on a OpenShift cluster.
# Checklist
# Prerequisites
Before you begin, ensure you have the following:
- Domain Name & DNS: A domain name that you own and can configure DNS settings for (explained in DNS)
- oc: To manage a OpenShift cluster you will need a copy of the
ocutility. Instructions on how to installoccan be found here - Helm: FlowFuse provides the Helm chart to manage platform deployment. Installation can be done through the instructions on their website
- OpenShift Cluster: an OpenShift cluster instance with at least two worker nodes
- Ingress Controller: An Ingress controller installed on the cluster. FlowFuse Helm chart uses the Ingress NGINX Controller by default.
- FlowFuse License: A valid FlowFuse license key is required to run on OpenShift. You can request a quote here
For a production-ready environment, we also recommend:
- Database: Prepare dedicated database on a external database server (see FAQ for more details)
- TLS Certificate: Prepare TLS certificate for your domain and configure FlowFuse platform to use it (see Enable HTTPS)
# DNS
A wildcard DNS entry will be needed to point to the domain that is used for the project instances. This will need to point to the Ingress controller.
For example if you want projects to be accessible as [instance-name].example.com
you will need to ensure that *.example.com is mapped to the IP address used by your OpenShift clusters's Ingress controller.
By default the FlowFuse application will be mapped to forge.example.com assuming that you set the domain to example.com.
Notes on how to setup DNS can be found here.
# Installing FlowFuse
# Create project in the OpenShift cluster
To maintain a clean environment, it is recommended to create a new project for the FlowFuse platform:
oc new-project flowfuse --description="FlowFuse Platform" --display-name="FlowFuse"Describe the project to get the SCC information:
oc describe project flowfuseNote the openshift.io/sa.scc.uid-range and openshift.io/sa.scc.supplemental-groups values. You will need to use these values when customizing the FlowFuse platform installation. In example, if the openshift.io/sa.scc.uid-range value is 1000710000/10000, the <project-uid> value will be 1000710000.
# Add FlowFuse Helm Repository
helm repo add flowfuse https://flowfuse.github.io/helm
helm repo update# Customize Helm Chart
All the initial configuration is handled by the Helm chart. This is done by creating a customization.yml file that will be passed to the Helm along with the chart.
To create customization.yml file with a minimal required configuration (replace example.com with your domain and <project-uid> with the value from the project description collected on project creation step):
cat <<EOF > customization.yml
forge:
entryPoint: forge.example.com
domain: example.com
https: false
localPostgresql: true
cloudProvider: openshift
podSecurityContext:
runAsUser: <project-uid>
runAsGroup: <project-uid>
fsGroup: <project-uid>
postgresql:
primary:
podSecurityContext:
fsGroup: <project-uid>
containerSecurityContext:
runAsUser: <project-uid>
EOFA full list of all the configuration options can be found in the Helm Chart README.
# Label Nodes
By default FlowFuse platform expects that worker nodes have specific labels applied. The main reason behind this approach is to separate core application components from Node-RED instances.
You will need to label at least one node to run the management application and one to run the Node-RED Projects:
List all nodes in the cluster:
oc get nodesLabel management nodes:
oc label node <management-node-name> role=managementLabel project nodes:
oc label node <projects-node-name> role=projectsTo override this behavior, you can remove the node selectors with the following entry in the customization.yml file which will mean that all pods can run on any nodes.
forge:
projectSelector:
managementSelector:# Start FlowFuse Platform
Once you have the customization.yml file created, you can install FlowFuse using our Helm chart. This will automatically create all required objects and start services:
helm upgrade --atomic --install --timeout 10m flowfuse flowfuse/flowforge -f customization.yml# First Run Setup
The first time you access the platform in your browser, it will take you through creating an administrator for the platform and other configuration options.
For more information, follow this guide.
Once you have finished setting up the admin user there are some Kubernetes specific items to consider.
# Upgrade
All technical aspects of the upgrade process of Flowfuse application running on Kubernetes and managed by Helm chart are maintained in our repository. Please refer to the Flowfuse Helm Chart documentation for more details about the upgrade process.
# Common Questions
For non-OpenShift specific questions, please refer to the main kubernetes documentation.
# I would like to use embeded MQTT broker, how can I do that?
Click to expand
The FlowFuse Helm chart provides the MQTT broker service.
To enable the MQTT broker you need to add the following to the customization.yml file (replace the <project-uid> with the value from the project description collected on project creation step):
forge:
broker:
enabled: true
podSecurityContext:
runAsUser: <project-uid>
runAsGroup: <project-uid>
fsGroup: <project-uid>Apply changes with platform startup command.
Check the FlowFuse Helm chart documentation for more details about the parameters that can be configured for the MQTT broker.
# I would like to use FlowFuse File Storage to store context data, how can I do that?
Click to expand
To enable the FlowFuse File Storage component add the following to the customization.yml file (replace the <project-uid> with the value from the project description collected on project creation step):
forge:
fileStore:
enabled: true
podSecurityContext:
runAsUser: <project-uid>
runAsGroup: <project-uid>
fsGroup: <project-uid>Apply changes with platform startup command.
Check the FlowFuse Helm chart documentation for more details about the parameters that can be configured for the File Storage.