Special thanks to Kanadaj from the #self-hosted channel on the sentry discord who helped me with a lot of the servers I hadn't used before
This is customized in a number of ways, so you'll probably want/need to change things, but it's working for me and I just set it up from scratch again, so I thought I'd share.
I wanted a highly available postgresql server, so I went with this operator: https://github.com/zalando/postgres-operator
Because I had my own postgres server already I used that.
I had weird issues (likely stemming from not knowing what I was doing) with the included clickhouse and zookeeper, so I set up my own.
The zookeeper is just a statefulset, clickhouse uses this operator: https://operatorhub.io/operator/clickhouse
To generate a new password for click house use this:
PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-'
The clickhouse password should be updated by you, but this is what is in the config:
- writer password: Cd9Sow5R
- writer password sha256 hex: 9805dc31f357e8bef91cf6e5bbb080f7ae1747a9b1f981a3f987f4b9aefe4658
- reader password: W13qXQQQ
- reader password sha256 hex: 7da094325cc2d9e3a61cdc1982403b9797485623616f528919c59e6d827e37a2
I'm using local-hostpath
as my storageClass which uses openebs to allocate space on the node's filesystem.
That won't work for anything shared but is ideal for anything with built-in replication to avoid unneeded
network activity and latency from putting things on the network that don't need to be
At the time of writing this (Mar 21, 2023) the released helm chart doesn't yet support sentry 23.3.0 quite; there are some pull requests which will fix that, they just aren't released yet. I forked it and used my own here: https://github.com/taxilian/sentry-k8s-charts/tree/develop/sentry
Then to install:
git clone <path to chart> sentry-k8s-charts
helm upgrade -n sentry --create-namespace --install sentry ./sentry-k8s-charts/sentry -f sentry-values.yaml
To actually have this be highly available the redis cluster needs to be updated; currently it is not. It seems sentry doesn't support redis-sentinel but there is a project around that I've used which will proxy to sentinel so you can access it like a regular redis server and it will redirect you to the right one -- I'll set that up one of these days.