Skip to main content
Version: master

Install Loft With Helm

Loft can be installed directly via Helm, in fact, even when following the recommend installation procedure in the Getting Started Guide the Loft CLI is actually using Helm to install Loft!

Managing the Loft installation with Helm directly can be a great way to "GitOps" your Loft installation, by using ArgoCD or other GitOps tools to manage the Loft deployment via Helm and appropriate Helm values. This section outlines the basics of installing and managing Loft with Helm, and should serve as a solid starting point for managing Loft in a GitOps fashion as well!

Simple Installation

The most basic Loft installation via Helm looks like any other Helm install command and can be seen below:

helm upgrade [RELASE NAME] loft --install \
  --repo https://charts.loft.sh/ \
  --namespace loft \
  --create-namespace

Loft Values

As with most Helm charts, the Loft chart supports many user configurable values to modify the installation. You can find the Loft chart in the Loft public repository here. The values.yaml file in the chart repository contains the default values, as well as many comments showing optional values and some additional information.

Users can copy the default values file and modify it to suite their deployment needs, or create a new YAML file containing only the desired values settings. An example values file myvalues. yaml is outlined below.

config:
  audit:
    enabled: true
  loftHost: loft.mytld.com

ingress:
  enabled: true
  host: loft.mytld.com

Values files can then be passed to the Helm upgrade command:

helm upgrade loft loft --install \
  --repo https://charts.loft.sh/ \
  --namespace loft \
  --create-namespace \
  --values myvalues.yaml

You can provide multiple values files if desired by specifying additional filenames after the --values flag. This can be handy if you like to break up the values sections into different files.

Helm has many additional flags, and other ways to pass values, as always, its a great idea to check out the Helm docs to stay up to date on Helm!

Loft Configuration

The Loft Configuration options (as seen in the Loft UI Admin > Config section) are configurable via Loft Helm values just like any other deployment options. These values are set under the config section of the chart values, you can see the available configuration options in the Configuration Section of the docs here.

While all configuration settings are optional, it is always recommended to deploy Loft with the loftHost configuration set. This config option tells Loft what its own publicly resolvable hostname is and is necessary for some integrations, including ArgoCD, and SSO.

The Loft Agent

Every connected cluster in a Loft environment, including the "management" cluster that Loft is deployed in, must have a Loft Agent deployed. This agent pod handles reconciliation of cluster scoped (as in not Loft instance wide) resources.

By default, the Loft pod will also launch an embedded Loft Agent in the cluster you are deploying Loft into. This is usually a desirable behavior since Loft requires the Agent to be present in all clusters. Sometimes, however, admins wish to manage the installation of the Loft Agent themselves, either by installing it explicitly, or by installing it via GitOps tooling. In this situation, it is possible to disable the Agent deployment by setting the DISABLE_AGENT environment variable to "true". This can be accomplished in the env section of the Loft values:

env:
  DISABLE_AGENT: true

It is also possible to tell Loft not to install Agents into individual clusters -- this can be accomplished by setting the loft.sh/cluster-ignore-agent Annotation of the Cluster resource to "true" for any clusters that Loft should not manage the Agent deployment on.

Loft Agent Is Required!

The Loft Agent is required for every connected cluster in a Loft deployment, this includes the cluster Loft itself is deployed into. If you are disabling the agent deployment via one of the mechanism described above, make sure you are still getting an Agent installed into every connected cluster by some other means!

If you are electing to manage the Agent installation on a connected cluster yourself, you can install the Agent directly using Helm.

Loft Agent Values

As with the primary Loft chart, the Loft Agent chart exposes values that can be configured by an administrator to suite their needs. As with the primary Loft deployment, the Agent chart and values can be seen in the public repository here.

If you have deployed Loft with the default behavior of not disabling the Agent deployment, you can still provide values to influence the deployment of the Agent itself. This can be accomplished by providing any valid Agent values in the agentValues section of the Loft chart values. These values are received by the Loft deployment and used when deploying the Agent pods! Below is an example of the Loft values agentValues section.

agentValues:
  securityContext:
    enabled: true

Administrators can also provide Agent values for specific clusters by setting the loft. sh/agent-values Annotation of a specific cluster object. These values will always override any values provided in the parent Loft chart.