Version 2023.3

This manual covers the installation of Gradle Enterprise into a single host.

Time to completion: 60 minutes

Before Installation

Gradle Enterprise is a Kubernetes-based application, distributed as a Helm chart. Helm is a package manager for Kubernetes applications.

The standalone installation of Gradle Enterprise described in this manual involves installing the K3s lightweight Kubernetes distribution onto a host, then using Helm to install Gradle Enterprise in the K3s instance on that host.

Helm manages all Gradle Enterprise components.

For instructions on installing Gradle Enterprise on a host without public network connectivity, see Airgap Installation.

Prerequisites

1. A Gradle Enterprise License

If you have purchased Gradle Enterprise or started a trial, you should already have a license file called gradle-enterprise.license. Otherwise, you may request a Gradle Enterprise trial license.

Host Requirements

This section outlines the host requirements for the installation.

1. Operating system

We focus our support efforts on Ubuntu 18.04/20.04/22.04, RHEL 8.4/8.5/8.6, and Debian 11. Develocity is expected to work on most modern Linux systems.

2. K3s

K3s needs several ports to be accessible from the host.

Protocol Port

TCP

6443

TCP

10250

UDP

8472

While these ports don’t need to be accessible from outside the host machine, K3s may access them using a different network interface or non-localhost IP.

RHEL / CentOS

There are some additional requirements for RHEL or CentOS installations. You must disable the nm-cloud-setup.service and nm-cloud-setup.timer services.

Disabling firewalld is recommended, too. If you can’t, ensure that the ports mentioned above are accessible and enable IP address masquerading. This can be done with the following command:

$ firewall-cmd --add-masquerade --permanent
For more details on IP address masquerading, see RedHat’s docs.
For more details on the RHEL / CentOS requirements, see K3s’s docs.

3. CPU & Memory

The minimum installation requirements are:

  • Quad-core 2GHz or better CPU (amd64 architecture)

  • 16 GB free RAM

4. Database

By default, Develocity stores its data in a PostgreSQL database that is run as part of the application itself, with data being stored in a directory mounted on its host machine.

Develocity installations have two database options:

  1. An embedded database that is highly dependent on disk performance.

  2. A user-managed database that is compatible with PostgreSQL 12, 13, or 14.

Using PGBouncer with a user managed database is not supported.

5. Storage

In addition to the database, Develocity needs some storage capacity for configuration files, logs, build cache artifacts, and database backups. These storage requirements apply regardless of which type of database you use, although the necessary size varies based on the database type. To simplify managing disk space, Gradle recommends mounting a different persistent storage volume for Develocity data, logs, and backups. See Storage settings in the Standalone Helm Chart Configuration Guide for configuration details.

The recommended minimum capacities for the persistent volumes are:

Description Size in GB

Data

250

Backups

250

Logs

10

If you are producing many Build Scans in a day (> 1GB) or intend to retain Build Scans for long periods of time (30 days+) you may want to consider provisioning more storage.

If your storage class does not allow expanding volumes, you should also consider preparing for future data growth by adding additional disk capacity upfront.

Capacity

The minimum capacity required for the Develocity installation directory when configured to use the embedded database is 250 GB.

The minimum capacity required for the Develocity installation directory when configured to use a user-managed database case is 30 GB.

It is recommended to create a specific volume for the installation directory to avoid consuming the space required for Develocity, and to ensure at least 10% of the volume’s space is free at all times.

The following are additional disk capacity requirements:

Location Storage Size

/tmp [1]

1 GB

/var/lib/rancher/k3s [1]

30 GB

1 These are not particularly performance sensitive.

Performance

For production workloads, storage volumes should exhibit SSD-class disk performance of at least 3000 IOPS (input/output operations per second). Most NFS based storage or desktop-class, non-SSD disk drives do not provide this level of performance.

Disk performance has a significant impact on Develocity performance.

Object storage

Develocity administrators can store Build Scan data in an object storage service, such as Amazon S3, Google Cloud Platform, and Microsoft Azure. This can help performance in high-traffic installations by reducing the load on the database. Object storage services offer performance and cost advantages compared to database storage. If you deploy Develocity to a cloud provider or have an available internal S3-compatible object store, Gradle recommends using object-based storage for your installation. See Build Scan object storage in the Develocity Administration Manual for a description of the benefits and limitations.

Develocity is not compatible with network-based storage solutions due to limitations of latency and data consistency.
Disk performance has a significant impact on Gradle Enterprise performance.

6. Network Connectivity

Develocity requires network connectivity for periodic license validation.

An installation of Develocity will not start if it cannot connect to both registry.gradle.com and harbor.gradle.com.

It is strongly recommended that production installations of Develocity are configured to use HTTPS with a trusted certificate.

Verify that your DNS points to your Develocity instance.

ge.example.com A 12.34.56.78

You should verify that your DNS record works correctly before installing Develocity by running dig ge.example.com or ping ge.example.com in a console window.

For Airgap installations, you will need a temporary machine that can access the internet to download installation files. You will need to transfer those files from the machine to your Gradle Enterprise host of choice.

Helm Configuration

Installation options for Grade Enterprise are depicted in a Helm values file.

Follow the instructions in the Standalone Helm Chart Configuration Guide and return to this document with a complete values.yaml file.

Installation

In this section you will install Gradle Enterprise on your host.

For those installing Gradle Enterprise on a host without public network connectivity, please follow the Airgap installation instructions.

1. Copy Files

Makes sure that your Gradle license file and your Helm values file are available on your host machine.

2. Install K3s

Install K3s and make it available to the current user:

$ curl -sfL https://get.k3s.io | sh -
$ sudo chown $UID /etc/rancher/k3s/k3s.yaml
$ mkdir -p "${HOME}/.kube"
$ ln -sf /etc/rancher/k3s/k3s.yaml "${HOME}/.kube/config"

Verify that you can interact with the K3s cluster:

$ kubectl get ns

The expected output should be similar to this:

NAME                STATUS   AGE
default             Active   1h
kube-system         Active   1h
kube-public         Active   1h
kube-node-lease     Active   1h
For more information on K3s installation, see the K3s Quick-Start Guide and K3s Installation.

3. Install Helm

Develocity requires Helm version 3.5.x (or later) to install.

It is recommended to use the latest version available as this will have all known security vulnerabilities addressed. This document describes the maximum version skew supported between Helm and Kubernetes.

For more information on installing Helm (including alternate installation approaches), see Installing Helm.

Install Helm with the following command:

$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

Verify that helm is installed and working:

$ helm version

The expected output should be similar to this:

version.BuildInfo{Version:"v3.11.1", GitCommit:"293b50c65d4d56187cd4e2f390f0ada46b4c4737", GitTreeState:"clean", GoVersion:"go1.19.1"}

4. Install the Helm chart

Develocity is distributed from the Develocity Helm repository.

Add the Develocity Helm repository to your Helm installation and fetch its contents into the local cache:

$ helm repo add gradle https://helm.gradle.com/
$ helm repo update gradle

Verify that the Develocity chart is accessible:

$ helm search repo gradle-enterprise

This will report the latest versions available for the two Develocity charts:

NAME                               	CHART VERSION	APP VERSION	DESCRIPTION
gradle/gradle-enterprise           	2023.3.4        2023.3.4    Official Develocity chart for Kubernetes cluster installations
gradle/gradle-enterprise-standalone	2023.3.4        2023.3.4    Official Develocity chart for standalone installations
This guide covers installation of the gradle-enterprise-standalone chart. Installation of the gradle-enterprise chart is covered in the Self-Hosted Kubernetes Installation Guide.

5. Install Gradle Enterprise

Install Develocity by running:

$ helm install \
    --create-namespace --namespace develocity \(1)
    ge-standalone \(2)
    gradle/gradle-enterprise-standalone \(3)
    --values values.yaml \(4)
    --set-file global.license.file=./develocity.license (5)
1 This example uses gradle-enterprise as the namespace, but it can be a custom name. If you use a custom name, update all other example commands accordingly.
2 This is the Helm release name. It is used by Helm to identify the Develocity installation.
3 The Develocity chart to install, in this case, gradle/gradle-enterprise-standalone.
To install a specific version, use --version 2023.3.4.
4 The Helm values file with configuration values, including items such as the hostname.
5 The Develocity license file (if not already included in values file).

6. Start Gradle Enterprise

At this point, it should be possible to see the Helm release installed:

$ helm --namespace gradle-enterprise list
NAME         	NAMESPACE        	REVISION	UPDATED                                	STATUS  	CHART                                	APP VERSION
ge-standalone	gradle-enterprise	1       	2023-11-20 03:01:58.704019291 +0000 UTC	deployed	gradle-enterprise-standalone-2023.3.4  	2023.3.4

You can inspect the status of the Gradle Enterprise pods:

$ kubectl --namespace gradle-enterprise get pods
NAME                                               READY   STATUS    RESTARTS   AGE
gradle-enterprise-operator-76694c949d-md5dh        1/1     Running   0          84m
gradle-monitoring-5545d7d5d8-lpm9x                 1/1     Running   0          84m
gradle-proxy-0                                     1/1     Running   0          83m
gradle-database-65d975cf8-dk7kw                    2/2     Running   0          83m
gradle-enterprise-app-0                            1/1     Running   0          83m
gradle-metrics-cfcd8f7f7-zqds9                     1/1     Running   0          83m
gradle-test-distribution-broker-6fd84c6988-x6jvw   1/1     Running   0          83m
gradle-build-cache-node-57b9bdd46d-2txf5           1/1     Running   0          84m
gradle-keycloak-0                                  1/1     Running   0          83m

Gradle Enterprise has a /ping endpoint, which can be used to verify network connectivity with Gradle Enterprise.

Connectivity to Gradle Enterprise installation can be tested by running the following command on machines which need to connect to Gradle Enterprise:

$ curl -sw \\n --fail-with-body --show-error https://«gradle-enterprise-host»/ping

It should return SUCCESS.

Once all pods have a status of Running and the system is up and connected, you can interact with Gradle Enterprise by visiting its URL in a web browser (i.e. the hostname).

gradle enterprise

Gradle Enterprise is installed and running. Head over to the Post Installation section for next steps.

Airgap Installation

In an airgap installation, the container images are preloaded into K3s. Helm is then configured so that no attempt is made to pull images from the outside world.

Airgap installations require a specific entitlement on your license. If you need an Airgap-enabled license, please contact your customer success representative.

1. Overview

Airgap installation involves downloading files, transferring them, installing supporting software, and running helm install.

When installing Develocity, follow the installation manual for that version as the steps may have changed. See Develocity releases for information about the available versions.

We recommend you save all the files into a single transfer directory, so that it is easy to transfer to the host where you are installing Develocity. For example:

$ mkdir gradle-enterprise-installation-files && cd gradle-enterprise-installation-files

2. Download K3s

Please make note of the checksums provided in the k3s release page. The checksums can be found under Assets/sha256sum-amd64.txt for the release that you are planning to use.

To get the name of the release, please execute the following command:

$ curl -s https://api.github.com/repos/k3s-io/k3s/releases/latest | jq -r '.tag_name'

Then you can download and verify the K3s images, binary, and install script:

$ curl -LO https://github.com/k3s-io/k3s/releases/latest/download/k3s
$ curl -LO https://github.com/k3s-io/k3s/releases/latest/download/k3s-airgap-images-amd64.tar.gz
$ curl -L -o install_k3s.sh https://get.k3s.io
$ echo "<sha 256 checksum of 'k3s'> k3s" | sha256sum -c
$ echo "<sha 256 checksum of 'k3s-airgap-images-amd64.tar.gz'>  k3s-airgap-images-amd64.tar.gz" | sha256sum -c

If you are running Red Hat Enterprise Linux with SELinux enabled, you will also need to download and verify the K3s SELinux Policy package:

$ curl -L -o k3s-selinux.el8.noarch.rpm https://github.com/k3s-io/k3s-selinux/releases/download/v1.2.stable.2/k3s-selinux-1.2-2.el8.noarch.rpm
$ echo "e949fde3e0255c6b5ce3f52db4277897882ed1664e87bfcf5122df5e96559340  k3s-selinux.el8.noarch.rpm" | sha256sum -c

3. Download Helm

Download and verify the Helm binary:

$ curl -L -o helm-linux-amd64.tar.gz https://get.helm.sh/helm-v3.11.1-linux-amd64.tar.gz
$ echo "0b1be96b66fab4770526f136f5f1a385a47c41923d33aab0dcb500e0f6c1bf7c  helm-linux-amd64.tar.gz" | sha256sum -c

4. Download Bundle

Save your Develocity license to the transfer directory as develocity.license.

Download and verify the airgap bundle:

$ curl -LOJd @develocity.license https://registry.gradle.com/airgap/gradle-enterprise-standalone-2023.3.4-bundle.tar.gz
$ curl -LOJd @develocity.license https://registry.gradle.com/airgap/gradle-enterprise-standalone-2023.3.4-bundle.tar.gz.sha256
$ sha256sum -c gradle-enterprise-standalone-2023.3.4-bundle.tar.gz.sha256

If checksum verification fails, check the contents of the downloaded files for error messages. If the error message indicates that your license is invalid/expired/not airgap enabled, you will need to request an updated license file by contacting your customer success representative.

Instead of running the above curl commands, you can download the airgap bundle by navigating to https://registry.gradle.com/airgap in your browser and following the instructions on the page.

5. Download Helm Values File

Download and verify the example Helm values file:

$ curl -L -o example.values.yaml https://docs.gradle.com/enterprise/helm-standalone-installation/values-2023.3/gradle-enterprise-standalone-values-2023.3.yaml
$ curl -L -o example.values.yaml.sha256 https://docs.gradle.com/enterprise/helm-standalone-installation/values-2023.3/gradle-enterprise-standalone-values-2023.3.yaml.sha256
$ echo "$(cat example.values.yaml.sha256)  example.values.yaml" | sha256sum -c

6. Update the Values File

Before transferring files to your host, make sure your Helm values file from the Helm Configuration is updated in your transfer directory.

You can use the example values.yaml file from the previous section to check for any missing configuration.

7. Transfer Files

Check that the transfer directory contains the following files (additional files are fine):

  • k3s-airgap-images-amd64.tar.gz

  • k3s

  • install_k3s.sh

  • k3s-selinux.el8.noarch.rpm (only if you are running SELinux)

  • helm-linux-amd64.tar.gz

  • develocity.license

  • values.yaml

  • gradle-enterprise-standalone-2023.3.4-bundle.tar.gz

  • Optional: SSL certificates

Once you’ve verified that you have the required files, transfer them to the host where you are installing Develocity.

8. Install K3s

Follow these instructions on the host where you are installing Develocity with your transferred files present in the current directory.

  1. If you are running Red Hat Enterprise Linux with SELinux enabled:

    1. Install the container-selinux package. This is a package that can be found in Red Hat Enterprise Linux’s default repository. Install this package on the airgapped server just like you would install any other package. If your organization has an internal mirror of the Red Hat package repositories, you can run:

      $ sudo yum install -y container-selinux
    2. Install the K3s SELinux Policy package:

      $ sudo yum install -y k3s-selinux.el8.noarch.rpm
  2. Install K3s and make it available to the current user:

    $ sudo mkdir -p /var/lib/rancher/k3s/agent/images/
    $ sudo cp k3s-airgap-images-amd64.tar.gz /var/lib/rancher/k3s/agent/images/
    $ (cd /var/lib/rancher/k3s/agent/images/ && sudo gunzip -f k3s-airgap-images-amd64.tar.gz)
    $ sudo cp k3s /usr/local/bin
    $ sudo chmod a+rx /usr/local/bin/k3s
    $ sudo chmod a+rx ./install_k3s.sh
    $ INSTALL_K3S_SKIP_DOWNLOAD=true ./install_k3s.sh
    $ sudo chown $UID /etc/rancher/k3s/k3s.yaml
    $ mkdir -p "${HOME}/.kube"
    $ ln -sf /etc/rancher/k3s/k3s.yaml "${HOME}/.kube/config"
  3. Verify that you can interact with the K3s cluster:

    $ kubectl get ns

    The expected output should be similar to this:

    NAME                STATUS   AGE
    default             Active   1h
    kube-system         Active   1h
    kube-public         Active   1h
    kube-node-lease     Active   1h

9. Install Helm

Follow these instructions on the host where you are installing Develocity with your transferred files present in the current directory.

To install Helm:

$ tar -zxvf helm-linux-amd64.tar.gz
$ sudo mv linux-amd64/helm /usr/local/bin/helm

Verify that helm is installed and working:

$ helm version

The expected output should be similar to this:

version.BuildInfo{Version:"v3.11.1", GitCommit:"293b50c65d4d56187cd4e2f390f0ada46b4c4737", GitTreeState:"clean", GoVersion:"go1.19.1"}

10. Install Gradle Enterprise

Follow these instructions on the host where you are installing Develocity with your transferred files present in the current directory.

Install Develocity:

$ tar zxvf gradle-enterprise-standalone-2023.3.4-bundle.tar.gz
$ k3s ctr images import gradle-enterprise-standalone-2023.3.4-images.tar (1)
1 This command imports the images into K3s.
$ helm install \
    --create-namespace --namespace develocity \ (1)
    ge-standalone \ (2)
    gradle-enterprise-standalone-2023.3.4.tgz \
    --values values.yaml \ (3)
    --set-file global.license.file=./develocity.license (4)
1 This example uses gradle-enterprise as the namespace, but it can be a custom name. If you use a custom name, update all other example commands accordingly.
2 This is the Helm release name. It is used by Helm to identify the Develocity installation.
3 The Helm values file with configuration values, including items such as the hostname.
4 The Develocity license file (if not already included in values file).

10. Start Gradle Enterprise

You can see the status of Gradle Enterprise starting up by examining its pods.

$ kubectl --namespace gradle-enterprise get pods
NAME                                              READY   STATUS              RESTARTS   AGE
gradle-enterprise-operator-76694c949d-md5dh       1/1     Running             0          39s
gradle-monitoring-5545d7d5d8-lpm9x                1/1     Running             0          39s
gradle-database-65d975cf8-dk7kw                   0/2     Init:0/2            0          39s
gradle-build-cache-node-57b9bdd46d-2txf5          0/1     Init:0/1            0          39s
gradle-proxy-0                                    0/1     ContainerCreating   0          39s
gradle-metrics-cfcd8f7f7-zqds9                    0/1     Running             0          39s
gradle-test-distribution-broker-6fd84c6988-x6jvw  0/1     Init:0/1            0          39s
gradle-keycloak-0                                 0/1     Pending             0          39s
gradle-enterprise-app-0                           0/1     Pending             0          39s

Eventually the pods should all report as Running:

$ kubectl --namespace gradle-enterprise get pods
NAME                                               READY   STATUS    RESTARTS   AGE
gradle-enterprise-operator-76694c949d-md5dh        1/1     Running   0          4m
gradle-monitoring-5545d7d5d8-lpm9x                 1/1     Running   0          4m
gradle-proxy-0                                     1/1     Running   0          3m
gradle-database-65d975cf8-dk7kw                    2/2     Running   0          3m
gradle-enterprise-app-0                            1/1     Running   0          3m
gradle-metrics-cfcd8f7f7-zqds9                     1/1     Running   0          3m
gradle-test-distribution-broker-6fd84c6988-x6jvw   1/1     Running   0          3m
gradle-build-cache-node-57b9bdd46d-2txf5           1/1     Running   0          4m
gradle-keycloak-0                                  1/1     Running   0          3m

Once all pods have a status of Running and the system is up and connected, you can interact with it by visiting its URL in a web browser (i.e. the hostname).

11. Cleanup

It is recommended to remove the following files after installation:

  • k3s-airgap-images-amd64.tar.gz

  • k3s

  • install_k3s.sh

  • k3s-selinux.el8.noarch.rpm

  • helm-linux-amd64.tar.gz

  • gradle-enterprise-standalone-2023.3.4-bundle.tar.gz

  • gradle-enterprise-standalone-2023.3.4.tgz

  • gradle-enterprise-standalone-2023.3.4-images.tar

Once Gradle Enterprise has been installed, files used during installation are not required at runtime and can be removed if desired. However, the following files may be useful to preserve, as they may aid in future upgrades or maintenance:

  • Helm values files

  • SSL certificates

  • Gradle Enterprise license

Care should be applied when handling these files as they may be considered sensitive.

Congratulations Gradle Enterprise is installed and running.

Post-Installation

Many features of Gradle Enterprise, including access control, database backups, and Build Scan retention can be configured in Gradle Enterprise, once it is running. Consult the Gradle Enterprise Administration guide to learn more.

For instructions on how to start using Gradle Enterprise in your builds, consult the Getting Started with Gradle Enterprise guide.