df311eeb03
* Enhance ToolJet deployment documentation for version 3.16.0-LTS - Updated Google Cloud Run setup to clarify architecture and environment variables. - Improved Kubernetes setup documentation for AKS, EKS, GKE, and general Kubernetes, emphasizing the need for two separate PostgreSQL databases. - Revised OpenShift deployment instructions to include detailed environment variable configurations and deployment steps. - Added system requirements for PostgreSQL and Redis, specifying recommended versions and minimum specifications. - Included warnings about database naming conflicts and critical configurations for successful deployment. * Enhance upgrade documentation for ToolJet LTS version - Added critical backup reminder for PostgreSQL instance before upgrading. - Clarified database requirements, emphasizing the need for two separate database names (PG_DB and TOOLJET_DB). - Included deployment flexibility options for database hosting. - Updated installation notes to specify that the upgrade guide is only for existing installations. - Improved formatting and clarity in various setup guides (Azure, DigitalOcean, Docker, ECS, Google Cloud Run, Kubernetes, OpenShift). * Enhance deployment documentation for ToolJet on various platforms, including AWS AMI, Azure Container Apps, AWS ECS, Google Cloud Run, Kubernetes (AKS, EKS, GKE), and Openshift. Updated warnings and notes regarding PostgreSQL database setup and ToolJet AI features. * Enhance deployment documentation for ToolJet LTS version 3.16.0 by updating backup instructions, removing redundant version requirements, and clarifying Redis configuration for external instances. * Refine deployment documentation for ToolJet by removing redundant environment variable references and adding notes on securing Redis passwords across various platforms including AWS AMI, Docker, Google Cloud Run, Kubernetes (AKS, EKS, GKE), and OpenShift. * Refine Redis configuration instructions in AWS AMI deployment documentation for clarity and formatting consistency. * Add new environment variables for bulk upload limits in deployment documentation * Refine deployment documentation for ToolJet subpath installation by improving environment variable formatting and clarifying upgrade prerequisites. * Update PostgreSQL database links in deployment documentation for consistency across ECS, Helm, Kubernetes (AKS, EKS, GKE), and OpenShift setups. * Remove warning about whitelisting ToolJet AI features from Helm deployment documentation * Refine environment variable configuration for workflow scheduling in Helm deployment documentation * formatting updates till gke * final formatting updates --------- Co-authored-by: rudrapratik30 <pratik104agrawal@gmail.com>
10 KiB
| id | title |
|---|---|
| kubernetes-gke | Kubernetes (GKE) |
Deploying ToolJet on Kubernetes (GKE)
:::info You should setup a PostgreSQL database manually to be used by ToolJet. You can find the system requirements here.
ToolJet runs with built-in Redis for multiplayer editing and background jobs. When running separate worker containers or multi-pod setup, an external Redis instance is required for job queue coordination.
:::warning
To use ToolJet AI features in your deployment, make sure to whitelist https://api-gateway.tooljet.com and https://python-server.tooljet.com in your network settings.
:::
Follow the steps below to deploy ToolJet on a GKE Kubernetes cluster.
-
Create an SSL certificate.
curl -LO https://tooljet-deployments.s3.us-west-1.amazonaws.com/kubernetes/GKE/certificate.yamlChange the domain name to the domain/subdomain that you wish to use for ToolJet installation.
-
Reserve a static IP address using
gcloudcligcloud compute addresses create tj-static-ip --global -
Create k8s deployment
curl -LO https://tooljet-deployments.s3.us-west-1.amazonaws.com/kubernetes/GKE/deployment.yamlConfigure all required environment variables in the
deployment.yaml:Application Configuration
TOOLJET_HOST=<Endpoint url> LOCKBOX_MASTER_KEY=<generate using openssl rand -hex 32> SECRET_KEY_BASE=<generate using openssl rand -hex 64>Database 1: Application Database (PG_DB)
This database stores ToolJet's core application data including users, apps, and configurations.
PG_USER=<username> PG_HOST=<postgresql-database-host> PG_PASS=<password> PG_DB=tooljet_production # Must be a unique database name (do not reuse across deployments)Database 2: ToolJet Database (TOOLJET_DB)
ToolJet Database is a built-in feature that allows you to build apps faster and manage data with ease. Learn more about this feature here.
TOOLJET_DB=tooljet_db # Must be a unique database name (separate from PG_DB and not shared) TOOLJET_DB_HOST=<postgresql-database-host> TOOLJET_DB_USER=<username> TOOLJET_DB_PASS=<password>:::warning Critical:
TOOLJET_DBandPG_DBmust be different database names. Using the same database for both will cause deployment failure. :::Why does ToolJet require two databases?
ToolJet requires two separate database names for optimal functionality:
- PG_DB (Application Database): Stores ToolJet's core application data including user accounts, application definitions, permissions, and configurations
- TOOLJET_DB (Internal Database): Stores ToolJet Database feature data including internal metadata and tables created by users within the ToolJet Database feature
This separation ensures data isolation and optimal performance for both application operations and user-created database tables.
Deployment Flexibility:
- Same PostgreSQL instance (recommended for most use cases): Create both databases within a single PostgreSQL server
- Separate PostgreSQL instances (optional, for scale): Host each database on different PostgreSQL servers based on your performance and isolation requirements
PostgREST Configuration (Required)
PostgREST provides the REST API layer for ToolJet Database. These variables are mandatory:
PGRST_HOST=localhost:3001 PGRST_LOG_LEVEL=info PGRST_DB_PRE_CONFIG=postgrest.pre_config PGRST_SERVER_PORT=3001 PGRST_JWT_SECRET=<generate using openssl rand -hex 32> PGRST_DB_URI=postgres://TOOLJET_DB_USER:TOOLJET_DB_PASS@TOOLJET_DB_HOST:5432/TOOLJET_DB:::tip Use
openssl rand -hex 32to generate a secure value forPGRST_JWT_SECRET. PostgREST will refuse authentication requests if this parameter is not set. ::::::info For additional environment variables, refer to our environment variables documentation. If there are self signed HTTPS endpoints that ToolJet needs to connect to, make sure that
NODE_EXTRA_CA_CERTSenvironment variable is set to the absolute path containing the certificates. You can use kubernetes secrets to mount the certificate file onto the containers. ::: -
Create k8s service
curl -LO https://tooljet-deployments.s3.us-west-1.amazonaws.com/kubernetes/GKE/service.yaml -
Create k8s ingress
curl -LO https://tooljet-deployments.s3.us-west-1.amazonaws.com/kubernetes/GKE/ingress.yamlChange the domain name to the domain/subdomain that you wish to use for ToolJet installation.
-
Apply YAML configs
kubectl apply -f certificate.yaml, deployment.yaml, service.yaml, ingress.yaml
:::info It might take a few minutes to provision the managed certificates. Managed certificates documentation. :::
You will be able to access your ToolJet installation once the pods, service and the ingress is running.
:::info Note on ToolJet Database: ToolJet Database is a built-in feature that allows you to build apps faster and manage data with ease. Learn more about this feature here. :::
Workflows
ToolJet Workflows allows users to design and execute complex, data-centric automations using a visual, node-based interface. This feature enhances ToolJet's functionality beyond building secure internal tools, enabling developers to automate complex business processes.
:::info For users migrating from Temporal-based workflows, please refer to the Workflow Migration Guide. :::
Enabling Workflow Scheduling
To activate workflow scheduling, set the following environment variables in your ToolJet deployment:
# Worker Mode (required)
# Set to 'true' to enable job processing
# Set to 'false' or unset for HTTP-only mode (scaled deployments)
WORKER=true
# Workflow Processor Concurrency (optional)
# Number of workflow jobs processed concurrently per worker
# Default: 5
TOOLJET_WORKFLOW_CONCURRENCY=5
Environment Variable Details:
- WORKER (required): Enables job processing. Set to
trueto activate workflow scheduling - TOOLJET_WORKFLOW_CONCURRENCY (optional): Controls the number of workflow jobs processed concurrently per worker instance. Default is 5 if not specified
:::warning External Redis Requirement: When running separate worker containers or multiple instances, an external stateful Redis instance is required for job queue coordination. The built-in Redis only works when the server and worker are in the same container instance (single instance deployment). :::
Deploying Redis for Workflows
Deploy a stateful Redis instance using the following example configuration:
kubectl apply -f https://tooljet-deployments.s3.us-west-1.amazonaws.com/kubernetes/redis-stateful.yaml
Built-in Redis vs External Redis
ToolJet images include a built-in Redis instance for development. When deploying workflows in production, you must update your deployment configuration to use the external stateful Redis:
Change REDIS_HOST from localhost to redis-service in your deployment YAML:
- name: REDIS_HOST
value: redis-service # Changed from localhost
- name: REDIS_PORT
value: "6379"
This example deployment creates:
- A StatefulSet with persistent storage for Redis
- A headless Service for stable network identity
- ConfigMap with production-ready Redis configuration
- A Secret for optional password authentication
:::info
Update the redis-secret in the Redis deployment YAML with a secure password before deploying to production.
This is an example configuration that you can customize to your needs. However, AOF (Append Only File) persistence and maxmemory-policy noeviction are critical settings that must be maintained for BullMQ job queue reliability.
:::
After deploying Redis, configure ToolJet to connect to it using these environment variables in your deployment:
REDIS_HOST=redis-service.default.svc.cluster.local
REDIS_PORT=6379
REDIS_PASSWORD=your-secure-redis-password-here # Match the password in redis-secret
Optional Redis Configuration:
REDIS_USERNAME=- Redis username (ACL)REDIS_DB=0- Redis database number (default: 0)REDIS_TLS=false- Enable TLS/SSL (set to 'true')
Note: Ensure that these environment variables are added to your Kubernetes deployment configuration (e.g., in your deployment.yaml file or Kubernetes secret). For additional environment variables, refer to our environment variables documentation.
Upgrading to the Latest LTS Version
:::info If this is a new installation of the application, you may start directly with the latest version. This upgrade guide is only for existing installations. :::
New LTS versions are released every 3-5 months with an end-of-life of atleast 18 months. To check the latest LTS version, visit the ToolJet Docker Hub page. The LTS tags follow a naming convention with the prefix LTS- followed by the version number, for example tooljet/tooljet:ee-lts-latest.
Prerequisites for Upgrading
:::warning Critical: Backup Your PostgreSQL Instance
Before starting the upgrade process, perform a comprehensive backup of your PostgreSQL instance to prevent data loss. Your backup must include both required databases:
- PG_DB (Application Database) - Contains users, apps, and configurations
- TOOLJET_DB (Internal Database) - Contains ToolJet Database feature data
Ensure both databases are included in your backup before proceeding with the upgrade. :::
- Users on versions earlier than v2.23.0-ee2.10.2 must first upgrade to this version before proceeding to the latest LTS version.
- ToolJet 3.0+ Requirement: Deploying ToolJet Database is mandatory from ToolJet 3.0 onwards. For information about breaking changes, see the ToolJet 3.0 Migration Guide.
---
Need Help?
- Reach out via our Slack Community
- Or email us at support@tooljet.com
- Found a bug? Please report it via GitHub Issues