Install Terraform Enterprise with Helm
We recommend that developers have a deep understanding of Kubernetes before deploying Terraform Enterprise to a production Kubernetes environment.
Kubernetes deployments have different operational and observability considerations than traditional deployments, and external service dependencies should be deployed outside the cluster and scale reliably to accommodate Terraform Enterprise workloads. Refer to Architectures for other deployment options.
Note: For exisiting Terraform Enterprise users with Replicated deployments, refer to Migrating to Flexible Deployment Options.
1. Requirements
- Before installing, ensure you meet the shared requirements for all flexible deployment methods and the requirements for Kubernetes deployments.
2. Pull image
Log in to the Terraform Enterprise container image registry.
Pull the Terraform Enterprise image from the registry.
Create a custom namespace.
Create an image pull secret in
<TFE_NAMESPACE>
to fetch theterraform-enterprise
container from the<DOCKER_REGISTRY_URL>
. This URL can beimages.releases.hashicorp.com
, or your internal container registry. If you are usingimages.releases.hashicorp.com
, useterraform
as the<DOCKER_REGISTRY_USERNAME>
parameter in the command below, together with--docker-password=$(cat /path/to/terraform.hclic)
Add the Hashicorp helm registry:
Render the
terraform-enterprise
chart with your custom values file<OVERRIDES_FILE>
(such astmp/overrides.yaml
).
3. Install the application
Install
terraform-enterprise
, this step can take several minutes.Inspect
terraform-enterprise
pods to verify their successful start.If the Terraform Enterprise pod(s) fail to start, refer to Kubernetes Troubleshooting.
By default, Terraform Enterprice installs a load balancer service. Retrieve the external IP address of this service.
Other configurations, such as ingress controllers, are discussed in Optional configuration.
Set up a DNS record that points to your external IP address to enable routing to your
<TFE_HOSTNAME>
. A DNS address is required to communicate with Terraform Enterprise, and it is managed outside of Kubernetes and the Terraform Enterprise helm chart or application.Validate the readiness of the Terraform Enterprise application by querying the health check endpoint.
4. Create initial admin user
Provision your first administrative user and start using Terraform Enterprise.
5. Optional configuration
Custom ingress
The Terraform Enterprise Helm Chart supports an optional ingress resource with the Ingress controller.
To enable this, add values for the ingress section in the custom values file (e.g., /tmp/overrides.yaml
).
This example values file demo how to enable ingress configuration.
To setup with Nginx:
- Install the nginx controller in a different namespace.
- Deploy Terraform Enterprise with Ingress configured in your values file.
- Get the address from the ingress resource like so: