Version 2023.3

This manual covers the installation of Gradle Enterprise into a single host.

Time to completion: 60 minutes

Before Installation

Gradle Enterprise is a Kubernetes-based application, distributed as a Helm chart. Helm is a package manager for Kubernetes applications.

The standalone installation of Gradle Enterprise described in this manual involves installing the K3s lightweight Kubernetes distribution onto a host, then using Helm to install Gradle Enterprise in the K3s instance on that host.

Helm manages all Gradle Enterprise components.

For instructions on installing Gradle Enterprise on a host without public network connectivity, see Airgap Installation.

Prerequisites

1. A Gradle Enterprise License

If you have purchased Gradle Enterprise or started a trial, you should already have a license file called gradle-enterprise.license. Otherwise, you may request a Gradle Enterprise trial license.

Host Requirements

This section outlines the host requirements for the installation.

1. Operating system

We focus our support efforts on Ubuntu 18.04/20.04/22.04, RHEL 8.4/8.5/8.6, and Debian 11. Gradle Enterprise is expected to work on most modern Linux systems.

2. K3s

K3s needs several ports to be accessible from the host.

Protocol Port

TCP

6443

TCP

10250

UDP

8472

While these ports don’t need to be accessible from outside the host machine, K3s may access them using a different network interface or non-localhost IP.

RHEL / CentOS

There are some additional requirements for RHEL or CentOS installations. You must disable the nm-cloud-setup.service and nm-cloud-setup.timer services.

Disabling firewalld is recommended, too. If you can’t, ensure that the ports mentioned above are accessible and enable IP address masquerading. This can be done with the following command:

$ firewall-cmd --add-masquerade --permanent
For more details on IP address masquerading, see RedHat’s docs.
For more details on the RHEL / CentOS requirements, see K3s’s docs.

3. CPU & Memory

The minimum installation requirements are:

  • Quad-core 2GHz or better CPU (amd64 architecture)

  • 32 GB free RAM

4. Database

By default, Gradle Enterprise stores its data in a PostgreSQL database that is run as part of the application itself, with data being stored in a directory mounted on its host machine.

Gradle Enterprise installations have two database options:

  1. An embedded database that is highly dependent on disk performance.

  2. A user-managed database that is compatible with PostgreSQL 12, 13, or 14.

Using PGBouncer with a user managed database is not supported.

5. Storage

In addition to the database, Gradle Enterprise needs some storage capacity for configuration files, logs, build cache artifacts, and database backups. These storage requirements apply regardless of which type of database you use, although the necessary size varies based on the database type. To simplify managing disk space, Gradle recommends mounting a different persistent storage volume for Gradle Enterprise data, logs, and backups. See Storage settings in the Standalone Helm Chart Configuration Guide for configuration details.

The recommended minimum capacities for the persistent volumes are:

Description Size in GB

Data

250

Backups

250

Logs

10

If you are producing many Build Scans in a day (> 1GB) or intend to retain Build Scans for long periods of time (30 days+) you may want to consider provisioning more storage.

If your storage class does not allow expanding volumes, you should also consider preparing for future data growth by adding additional disk capacity upfront.

Capacity

The minimum capacity required for the Gradle Enterprise installation directory when configured to use the embedded database is 250 GB.

The minimum capacity required for the Gradle Enterprise installation directory when configured to use a user-managed database case is 30 GB.

It is recommended to create a specific volume for the installation directory to avoid consuming the space required for Gradle Enterprise, and to ensure at least 10% of the volume’s space is free at all times.

The following are additional disk capacity requirements:

Location Storage Size

/tmp [1]

1 GB

/var/lib/rancher/k3s [1]

30 GB

1 These are not particularly performance sensitive.

Performance

For production workloads, storage volumes should exhibit SSD-class disk performance of at least 3000 IOPS (input/output operations per second). Most NFS based storage or desktop-class, non-SSD disk drives do not provide this level of performance.

Disk performance has a significant impact on Gradle Enterprise performance.

Object storage

Gradle Enterprise administrators can store Build Scan data in an object storage service, such as Amazon S3, Google Cloud Platform, and Microsoft Azure. This can help performance in high-traffic installations by reducing the load on the database. Object storage services offer performance and cost advantages compared to database storage. If you deploy Gradle Enterprise to a cloud provider or have an available internal S3-compatible object store, Gradle recommends using object-based storage for your installation. See Build Scan object storage in the Gradle Enterprise Administration Manual for a description of the benefits and limitations.

Gradle Enterprise is not compatible with network-based storage solutions due to limitations of latency and data consistency.
Disk performance has a significant impact on Gradle Enterprise performance.

6. Network Connectivity

Gradle Enterprise requires network connectivity for periodic license validation.

An installation of Gradle Enterprise will not start if it cannot connect to both registry.gradle.com and harbor.gradle.com.

It is strongly recommended that production installations of Gradle Enterprise are configured to use HTTPS with a trusted certificate.

Verify that your DNS points to your Gradle Enterprise instance.

ge.example.com A 12.34.56.78

You should verify that your DNS record works correctly before installing Gradle Enterprise by running dig ge.example.com or ping ge.example.com in a console window.

For Airgap installations, you will need a temporary machine that can access the internet to download installation files. You will need to transfer those files from the machine to your Gradle Enterprise host of choice.

Installation

In this section you will install Gradle Enterprise on your host.

For those installing Gradle Enterprise on a host without public network connectivity, please follow the Airgap installation instructions.

1. Copy Files

Makes sure that your Gradle license file and your Helm values file are available on your host machine.

2. Install K3s

Install K3s and make it available to the current user:

$ curl -sfL https://get.k3s.io | sh -
$ sudo chown $UID /etc/rancher/k3s/k3s.yaml
$ mkdir -p "${HOME}/.kube"
$ ln -sf /etc/rancher/k3s/k3s.yaml "${HOME}/.kube/config"

Verify that you can interact with the K3s cluster:

$ kubectl get ns

The expected output should be similar to this:

NAME                STATUS   AGE
default             Active   1h
kube-system         Active   1h
kube-public         Active   1h
kube-node-lease     Active   1h
For more information on K3s installation, see the K3s Quick-Start Guide and K3s Installation.

3. Install Helm

Gradle Enterprise requires Helm version 3.5.x (or later) to install.

It is recommended to use the latest version available as this will have all known security vulnerabilities addressed. This document describes the maximum version skew supported between Helm and Kubernetes.

For more information on installing Helm (including alternate installation approaches), see Installing Helm.

Install Helm with the following command:

$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

Verify that helm is installed and working:

$ helm version

version.BuildInfo{Version:"v3.13.3", GitCommit:"c8b948945e52abba22ff885446a1486cb5fd3474", GitTreeState:"clean", GoVersion:"go1.21.5"}

4. Prepare a Helm values file

Installation options for Gradle Enterprise are depicted in a Helm values file.

Follow the instructions in the Standalone Helm Chart Configuration Guide and return to this document with a complete values.yaml file.

5. Install the Helm chart

Gradle Enterprise is distributed from the Gradle Enterprise Helm repository.

Add the Gradle Enterprise Helm repository to your Helm installation and fetch its contents into the local cache:

$ helm repo add gradle https://helm.gradle.com/
$ helm repo update gradle

Verify that the Gradle Enterprise chart is accessible:

$ helm search repo gradle-enterprise

This will report the latest versions available for the two Gradle Enterprise charts:

NAME                               	CHART VERSION	APP VERSION	DESCRIPTION
gradle/gradle-enterprise           	2023.3.4        2023.3.4    Official Gradle Enterprise chart for Kubernetes cluster installations
gradle/gradle-enterprise-standalone	2023.3.4        2023.3.4    Official Gradle Enterprise chart for standalone installations
This guide covers installation of the gradle-enterprise-standalone chart. Installation of the gradle-enterprise chart is covered in the Self-Hosted Kubernetes Installation Guide.

6. Install Gradle Enterprise

Install Gradle Enterprise by running:

$ helm install \
    --create-namespace --namespace gradle-enterprise \(1)
    ge-standalone \(2)
    gradle/gradle-enterprise-standalone \(3)
    --values values.yaml \(4)
    --set-file global.license.file=./gradle-enterprise.license (5)
1 This example uses gradle-enterprise as the namespace, but it can be a custom name. If you use a custom name, update all other example commands accordingly.
2 This is the Helm release name. It is used by Helm to identify the Gradle Enterprise installation.
3 The Gradle Enterprise chart to install, in this case, gradle/gradle-enterprise-standalone.
To install a specific version, use --version 2023.3.4.
4 The Helm values file with configuration values, including items such as the hostname.
5 The Gradle Enterprise license file (if not already included in values file).

7. Start Gradle Enterprise

At this point, it should be possible to see the Helm release installed:

$ helm --namespace gradle-enterprise list
NAME         	NAMESPACE        	REVISION	UPDATED                                	STATUS  	CHART                                	APP VERSION
ge-standalone	gradle-enterprise	1       	2023-11-20 03:01:58.704019291 +0000 UTC	deployed	gradle-enterprise-standalone-2023.3.4  	2023.3.4

You can inspect the status of the Gradle Enterprise pods:

$ kubectl --namespace gradle-enterprise get pods
NAME                                               READY   STATUS    RESTARTS   AGE
gradle-enterprise-operator-76694c949d-md5dh        1/1     Running   0          84m
gradle-monitoring-5545d7d5d8-lpm9x                 1/1     Running   0          84m
gradle-proxy-0                                     1/1     Running   0          83m
gradle-database-65d975cf8-dk7kw                    2/2     Running   0          83m
gradle-enterprise-app-0                            1/1     Running   0          83m
gradle-metrics-cfcd8f7f7-zqds9                     1/1     Running   0          83m
gradle-test-distribution-broker-6fd84c6988-x6jvw   1/1     Running   0          83m
gradle-build-cache-node-57b9bdd46d-2txf5           1/1     Running   0          84m
gradle-keycloak-0                                  1/1     Running   0          83m

Gradle Enterprise has a /ping endpoint, which can be used to verify network connectivity with Gradle Enterprise.

Connectivity to Gradle Enterprise installation can be tested by running the following command on machines which need to connect to Gradle Enterprise:

$ curl -sw \\n --fail-with-body --show-error https://«gradle-enterprise-host»/ping

It should return SUCCESS.

Once all pods have a status of Running and the system is up and connected, you can interact with Gradle Enterprise by visiting its URL in a web browser (i.e. the hostname).

gradle enterprise

Gradle Enterprise is installed and running. Head over to the Post Installation section for next steps.

Airgap Installation

In an airgap installation, the container images are preloaded into K3s. Helm is then configured so that no attempt is made to pull images from the outside world.

Airgap installations require a specific entitlement on your license. Please contact Gradle if you need an Airgap-enabled license.

Airgap installation involves downloading files, transferring them, installing supporting software, and running helm install.

When installing Gradle Enterprise, follow the installation manual for that version as the steps may have changed. See Gradle Enterprise releases for information about the available versions.

We recommend you save all the files into a single transfer directory, so that it is easy to transfer to the host where you are installing Gradle Enterprise. For example:

$ mkdir gradle-enterprise-files && cd gradle-enterprise-files

1. Download required files

a. Download K3s

Use the compatability matrix to identify the latest version of K3s supported by your version of Develocity.

Download the K3s images, binary, and install script:

$ curl -LO https://github.com/k3s-io/k3s/releases/«k3s-version»/download/k3s
$ curl -LO \
  https://github.com/k3s-io/k3s/releases/«k3s-version»/download/k3s-airgap-images-amd64.tar.gz
$ curl -L -o install_k3s.sh https://get.k3s.io

If you are running Red Hat Enterprise Linux with SELinux enabled, download the K3s policy package:

SELinux policy package download

Lookup the latest version of the K3s SELinux Policy package:

$ K3S_SELINUX_DOWNLOAD_URL=$(curl -s https://api.github.com/repos/k3s-io/k3s-selinux/releases/latest | jq -r '.assets[] | select( .name | endswith("el8.noarch.rpm") ) | .browser_download_url') && echo $K3S_SELINUX_DOWNLOAD_URL
You can view the versions available and find the download links on the K3s SELinux releases page.

Then download it:

$ curl -L -o k3s-selinux.el8.noarch.rpm $K3S_SELINUX_DOWNLOAD_URL

b. Download Helm

Use the compatability matrix to identify the latest version of Helm supported by your version of Develocity.

Download the Helm binary:

$ curl -L -o helm-linux-amd64.tar.gz https://get.helm.sh/helm-v«helm-version»-linux-amd64.tar.gz
You can see all available Helm releases on the Helm releases page.

c. Download install bundle

Save your Gradle Enterprise license to the transfer directory as gradle-enterprise.license.

Download and verify the airgap bundle:

$ curl -LOJd @gradle-enterprise.license \
    https://registry.gradle.com/airgap/gradle-enterprise-standalone-2023.3.4-bundle.tar.gz
$ curl -LOJd @gradle-enterprise.license \
    https://registry.gradle.com/airgap/gradle-enterprise-standalone-2023.3.4-bundle.tar.gz.sha256
$ sha256sum -c gradle-enterprise-standalone-2023.3.4-bundle.tar.gz.sha256

If checksum verification fails, check the contents of the downloaded files for error messages. If the error message indicates that your license is invalid/expired/not airgap enabled, you will need to request an updated license file by contacting your customer success representative.

Instead of running the above curl commands, you can download the airgap bundle by navigating to https://registry.gradle.com/airgap in your browser and following the instructions on the page.

2. Prepare a Helm values file

Installation options for Gradle Enterprise are depicted in a Helm values file.

Follow the instructions in the Standalone Helm Chart Configuration Guide and return to this document with a complete values.yaml file.

Before transferring files to your host, make sure your Helm values file is updated in your transfer directory.

3. Transfer files

Check that the transfer directory contains the following files (additional files are fine):

  • k3s-airgap-images-amd64.tar.gz

  • k3s

  • install_k3s.sh

  • k3s-selinux.el8.noarch.rpm (only if you are running SELinux)

  • helm-linux-amd64.tar.gz

  • gradle-enterprise.license

  • values.yaml

  • gradle-enterprise-standalone-2023.3.4-bundle.tar.gz

  • Optional: SSL certificates

Once you’ve verified that you have the required files, transfer them to the host where you are installing Gradle Enterprise.

4. Install K3s

Follow these instructions on the host where you are installing Gradle Enterprise with your transferred files present in the current directory.

If you are running Red Hat Enterprise Linux with SELinux enabled, first install the necessary policy packages:

SELinux Policy installation

  1. Install the container-selinux package. This is a package that can be found in Red Hat Enterprise Linux’s default repository. Install this package on the airgapped server just like you would install any other package. If your organization has an internal mirror of the Red Hat package repositories, you can run:

    $ sudo yum install -y container-selinux

  2. Install the K3s SELinux Policy package you downloaded:

    $ sudo yum install -y k3s-selinux.el8.noarch.rpm

Then install and set up K3s:

  1. Install K3s and make it available to the current user:

    $ sudo mkdir -p /var/lib/rancher/k3s/agent/images/ && \
  sudo cp k3s-airgap-images-amd64.tar.gz /var/lib/rancher/k3s/agent/images/
    $ (cd /var/lib/rancher/k3s/agent/images/ && sudo gunzip -f k3s-airgap-images-amd64.tar.gz)
    $ sudo cp k3s /usr/local/bin && sudo chmod a+rx /usr/local/bin/k3s
    $ sudo chmod a+rx ./install_k3s.sh && INSTALL_K3S_SKIP_DOWNLOAD=true ./install_k3s.sh
    $ sudo chown $UID /etc/rancher/k3s/k3s.yaml && \
  mkdir -p "${HOME}/.kube" && \
  ln -sf /etc/rancher/k3s/k3s.yaml "${HOME}/.kube/config"

  2. Verify that you can interact with the K3s cluster:

    $ kubectl get ns

NAME                STATUS   AGE
default             Active   1h
kube-system         Active   1h
kube-public         Active   1h
kube-node-lease     Active   1h

5. Install Helm

Follow these instructions on the host where you are installing Gradle Enterprise with your transferred files present in the current directory.

To install Helm:

$ tar -zxvf helm-linux-amd64.tar.gz && sudo mv linux-amd64/helm /usr/local/bin/helm

Verify that helm is installed and working:

$ helm version

version.BuildInfo{Version:"v3.13.3", GitCommit:"c8b948945e52abba22ff885446a1486cb5fd3474", GitTreeState:"clean", GoVersion:"go1.21.5"}

6. Install Gradle Enterprise

Follow these instructions on the host where you are installing Gradle Enterprise with your transferred files present in the current directory.

Install Gradle Enterprise:

$ tar zxvf gradle-enterprise-standalone-2023.3.4-bundle.tar.gz
$ sudo k3s ctr images import gradle-enterprise-standalone-2023.3.4-images.tar (1)
1 This command imports the images into K3s. 
$ helm install \
    --create-namespace --namespace gradle-enterprise \ (1)
    ge-standalone \ (2)
    gradle-enterprise-standalone-2023.3.4.tgz \
    --values values.yaml \ (3)
    --set-file global.license.file=./gradle-enterprise.license (4)
1 This example uses gradle-enterprise as the namespace, but it can be a custom name. If you use a custom name, update all other example commands accordingly.
2 This is the Helm release name. It is used by Helm to identify the Gradle Enterprise installation.
3 The Helm values file with configuration values, including items such as the hostname.
4 The Gradle Enterprise license file (if not already included in values file).

7. Start Gradle Enterprise

You can see the status of Gradle Enterprise starting up by examining its pods.

$ kubectl --namespace gradle-enterprise get pods
NAME                                              READY   STATUS              RESTARTS   AGE
gradle-enterprise-operator-76694c949d-md5dh       1/1     Running             0          39s
gradle-monitoring-5545d7d5d8-lpm9x                1/1     Running             0          39s
gradle-database-65d975cf8-dk7kw                   0/2     Init:0/2            0          39s
gradle-build-cache-node-57b9bdd46d-2txf5          0/1     Init:0/1            0          39s
gradle-proxy-0                                    0/1     ContainerCreating   0          39s
gradle-metrics-cfcd8f7f7-zqds9                    0/1     Running             0          39s
gradle-test-distribution-broker-6fd84c6988-x6jvw  0/1     Init:0/1            0          39s
gradle-keycloak-0                                 0/1     Pending             0          39s
gradle-enterprise-app-0                           0/1     Pending             0          39s

Eventually the pods should all report as Running:

$ kubectl --namespace gradle-enterprise get pods
NAME                                               READY   STATUS    RESTARTS   AGE
gradle-enterprise-operator-76694c949d-md5dh        1/1     Running   0          4m
gradle-monitoring-5545d7d5d8-lpm9x                 1/1     Running   0          4m
gradle-proxy-0                                     1/1     Running   0          3m
gradle-database-65d975cf8-dk7kw                    2/2     Running   0          3m
gradle-enterprise-app-0                            1/1     Running   0          3m
gradle-metrics-cfcd8f7f7-zqds9                     1/1     Running   0          3m
gradle-test-distribution-broker-6fd84c6988-x6jvw   1/1     Running   0          3m
gradle-build-cache-node-57b9bdd46d-2txf5           1/1     Running   0          4m
gradle-keycloak-0                                  1/1     Running   0          3m

Once all pods have a status of Running and the system is up and connected, you can interact with it by visiting its URL in a web browser (i.e. the hostname).

8. Cleanup

It is recommended to remove the following files after installation:

  • k3s-airgap-images-amd64.tar.gz

  • k3s

  • install_k3s.sh

  • k3s-selinux.el8.noarch.rpm

  • helm-linux-amd64.tar.gz

  • gradle-enterprise-standalone-2023.3.4-bundle.tar.gz

  • gradle-enterprise-standalone-2023.3.4.tgz

  • gradle-enterprise-standalone-2023.3.4-images.tar

Once Gradle Enterprise has been installed, files used during installation are not required at runtime and can be removed if desired. However, the following files may be useful to preserve, as they may aid in future upgrades or maintenance:

  • Helm values files

  • SSL certificates

  • Gradle Enterprise license

Care should be applied when handling these files as they may be considered sensitive.

Congratulations Gradle Enterprise is installed and running.

Post-Installation

Many features of Gradle Enterprise, including access control, database backups, and Build Scan retention can be configured in Gradle Enterprise, once it is running. Consult the Gradle Enterprise Administration guide to learn more.

For instructions on how to start using Gradle Enterprise in your builds, consult the Getting Started with Gradle Enterprise guide.