Self Hosting ComputeSDK

Learn how to self-host ComputeSDK in your own infrastructure.

ComputeSDK can be self-hosted in your own infrastructure using Kubernetes and Helm. This guide will walk you through the setup process, including licensing and configuration.

Prerequisites

  • Kubernetes cluster (v1.19+)
  • Helm v3 installed
  • kubectl configured with cluster access
  • SSL certificates for your domains
  • ComputeSDK license key

Installation Steps

1. Add the Helm Repository

helm repo add computesdk https://charts.computesdk.com
helm repo update

2. Configure values.yaml

Create a values.yaml file to configure your ComputeSDK installation. Here’s a complete example:

# Basic Configuration
environment: production
clusterName: my-cluster

# Domain Configuration
domains:
  api: api.yourdomain.com
  preview: preview.yourdomain.com

# SSL Configuration
ssl:
  enabled: true
  # Choose either 'manual'
  provider: manual
  # For manual certificates:
  certificates:
    api:
      secretName: computesdk-api-tls
    preview:
      secretName: computesdk-preview-tls

# License Configuration
license:
  key: YOUR_LICENSE_KEY

# Environment Variables
env:
  COMPUTE_SDK_API_URL: "https://api.yourdomain.com"
  COMPUTE_SDK_PREVIEW_DOMAIN: "preview.yourdomain.com"
  COMPUTE_SDK_LICENSE_KEY: "${LICENSE_KEY}"
  # Add any additional environment variables here

3. Install ComputeSDK

Install the Helm chart using your configuration:

helm install computesdk computesdk/computesdk -f values.yaml

Environment Variables

ComputeSDK requires several environment variables for proper operation. These can be configured in your values.yaml:

VariableDescriptionRequired
COMPUTE_SDK_API_URLYour API domain URLYes
COMPUTE_SDK_PREVIEW_DOMAINDomain for preview environmentsYes
COMPUTE_SDK_LICENSE_KEYYour ComputeSDK license keyYes

SSL Configuration

Before configuring SSL, ensure your DNS records are properly configured. You’ll need to:

  1. Point your API domain (api.yourdomain.com) to your Kubernetes cluster’s ingress controller or load balancer IP address
  2. Point your preview domain (preview.yourdomain.com) to the same IP address

You can configure SSL in two ways:

Use your existing certificates or preferred certificate provider:

  1. Create Kubernetes secrets with your certificates:
# For API domain
kubectl create secret tls computesdk-api-tls \
  --cert=path/to/api-cert.pem \
  --key=path/to/api-key.pem

# For preview domain
kubectl create secret tls computesdk-preview-tls \
  --cert=path/to/preview-cert.pem \
  --key=path/to/preview-key.pem
  1. Configure in values.yaml:
ssl:
  enabled: true
  provider: manual
  certificates:
    api:
      secretName: computesdk-api-tls
    preview:
      secretName: computesdk-preview-tls

2. cert-manager

Alternatively, you can use cert-manager if you prefer automatic certificate management:

  1. Install cert-manager:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml
  1. Configure in values.yaml:
ssl:
  enabled: true
  provider: cert-manager
  certManager:
    clusterIssuer: letsencrypt-prod

License Key

The license key is a required component for self-hosted installations. There are two ways to configure it:

  1. Direct in values.yaml:
license:
  key: YOUR_LICENSE_KEY
  1. As a Kubernetes Secret:
kubectl create secret generic computesdk-license \
  --from-literal=license-key=YOUR_LICENSE_KEY

Then reference it in your values.yaml:

license:
  existingSecret: computesdk-license
  existingSecretKey: license-key

Validation and Testing

After installation, verify your deployment:

  1. Check all pods are running:
kubectl get pods -l app=computesdk
  1. Verify the API is accessible:
curl https://api.yourdomain.com/health
  1. Test license validation:
kubectl logs -l app=computesdk-api

Troubleshooting

Common issues and solutions:

License Issues

  • Verify the license key is correctly set in environment variables
  • Check API logs for license validation errors
  • Ensure your license key is valid for self-hosted installations

Connection Issues

  • Verify SSL certificates are properly configured
  • Check DNS records for API and preview domains
  • Ensure network policies allow required connections

Resource Issues

  • Monitor resource usage with kubectl top pods
  • Adjust resource limits in values.yaml if needed
  • Check for pod evictions or OOM kills

Upgrading

To upgrade your ComputeSDK installation:

  1. Update the Helm repository:
helm repo update
  1. Upgrade the installation:
helm upgrade computesdk computesdk/computesdk -f values.yaml

Security Best Practices

  1. Network Security

    • Enable network policies
    • Use private container registries
    • Implement proper ingress controls

  2. Access Control

    • Use RBAC policies
    • Limit service account permissions
    • Regular audit of access patterns

  3. Resource Management

    • Set appropriate resource limits
    • Configure pod disruption budgets
    • Monitor resource usage