Chart version: 0.1.16
Api version: v1
App version: 1.0.6
A Helm chart for Rookout Data-On-Prem component on Kubernetes
Chart Type
Set me up:
helm repo add center
Install Chart:
helm install datastore center/rookout/datastore
Versions (0)

Rookout data-on-prem

To set up the Rookout data-on-prem solution, contact us at


The Rookout data-on-prem solution allows you to store your Rookout data on-premises, while still using the standard Rookout web UI.

Installation using helm

helm repo add rookout
helm repo update
helm install --name my-release rookout/datastore --set datastore.serverMode=<YOUR_TLS_MODE> --set datastore.loggingToken=<YOUR_ORGANIZATION_TOKEN>

Installation without helm

If you’re not using helm with your kubernetes cluster, you’ll still be able to install the datastore. Helm will be needed to be installed locally just to create the yaml file from the templates.

  1. Install helm locally:
  2. Clone this repository and cd charts/datastore
  3. run helm template . --set datastore.serverMode=<YOUR_TLS_MODE> --set datastore.loggingToken=<YOUR_ORGANIZATION_TOKEN> --name=rookout > rookout-datastore.yaml
  4. A generation of the yamls will be piped right to a single yaml file called rookout-datastore.yaml
  5. Run kubectl apply -f rookout-datastore.yaml

Server Modes

The data-on-prem solution runs with one of 3 modes (datastore.serverMode):

  • TLS - (opens port 443) If you have your own certificate that resides also for your teammates browser, you will need can configmap with the certificare (key “cert.pem”) and supply the configmapName, with that the key to the cert in a secret (key “key.pem”) and supply the secretName.

  • AUTOTLS - (opens port 443 + 80) If you don’t want to user your own certificate, this mode will fetch a certificate automaticllay using LetsEncrypt. As a prerequisites you must set a hostname in an valid DNS for the data-on-prem’s external IP and set that hostname in datastore.autoTlsDomain for the certificate to vouche for that hostname.

  • PLAIN - (open port 80) if you want to use your own ingress and enforce SSL validation not on application-level, you can set to this mode and configure your own ingress to receive requests at port 443 and direct with to the data-on-prem on port 80.


Parameter Description
datastore.serverMode Can have only 3 values: AUTOTLS, TLS, PLAIN
datastore.logging.enabled Whether logs should be sent to Rookout
datastore.loggingToken Your organization token. This is the same token as that used by the Rookout SDK.
datastore.autoTlsDomain Only when using AUTOLS mode, the domain name the server will request a certificate for using LetsEncrypt.
datastore.tlsKeySecretName Only when using TLS mode, Secret name which has a key named “key.pem” whose value is the private key
datastore.tlsCertificateConfigmapName Only when using TLS mode, Configmap name which has a key named “cert.pem” whose value is the certificate
datastore.labels Additional labels for the Deployment
service.type The component’s service type, further explaination here
service.loadBalancerIP Only when using loadBalancer as service type, that’s an external IP that you can set for your component, further explaination here
service.annotations Annotations for the datastore k8s service Name
podAnnotations Annotations for the datastore k8s pod
pvc.storageClassName the persistentVolumeClaim’s storageClassName, defaults to nil
pvc.volumeSize the persistentVolumeClaim’s requested volume size, defaults to 10Gi