Install PMM Server with Helm on Kubernetes clusters¶

Helm is the package manager for Kubernetes. You can find Percona Helm charts in our GitHub repository.

Prerequisites¶

Helm v3
Supported cluster according to Supported Kubernetes and Supported Helm versions
Storage driver with snapshot support (for backups)

Storage requirements¶

Different Kubernetes platforms offer varying capabilities.

To use PMM in production:

ensure your platform provides storage drivers supporting snapshots for backups
consult your provider about Kubernetes and Cloud storage capabilities

Deployment best practices¶

For optimal monitoring:

Separate PMM Server from monitored systems by either:
- using separate Kubernetes clusters for monitoring and databases
- configuring workload separation through node configurations, affinity rules, and label selectors
Enable high availability to ensure continuous monitoring during node failures

Installation PMM Server on your Kubernetes cluster¶

Create the required Kubernetes secret and deploy PMM Server using Helm:

Create Kubernetes secret to set up pmm-admin password:

cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Secret
metadata:
  name: pmm-secret
  labels:
    app.kubernetes.io/name: pmm
type: Opaque
data:
# base64 encoded password
# encode some password: `echo -n "admin" | base64`
  PMM_ADMIN_PASSWORD: YWRtaW4=
EOF

Get admin password:

kubectl get secret pmm-secret -o jsonpath='{.data.PMM_ADMIN_PASSWORD}' | base64 --decode

Add the Percona repository and deploy PMM Server with default settings and your secret. See configuration parameters for customization. See configuration parameters for customization.

helm repo add percona https://percona.github.io/percona-helm-charts/
helm install pmm \
--set secret.create=false \
--set secret.name=pmm-secret \
--version ^1.4.0 \
percona/pmm

Verify the deployment, listing all releases: helm list.

Configure PMM Server¶

View available parameters¶

Check the list of available parameters in the PMM Helm chart documentation. You can also list the default parameters by either:

check values.yaml file in our repository
run the chart definition: helm show values percona/pmm

Set configuration values¶

Configure PMM Server using either command-line arguments or a YAML file:

using command-line arguments:

helm install pmm \
--set secret.create=false --set secret.name=pmm-secret \
--set service.type="NodePort" \
    percona/pmm

using a .yaml configuration file:

helm show values percona/pmm > values.yaml

Change credentials¶

Important

Helm cannot modify application credentials after deployment.

Credential changes after deployment require either:

redeploying PMM Server with new persistent volumes
using PMM’s built-in administrative tools

PMM environment variables¶

Add environment variables for advanced operations (like custom init scripts) using the pmmEnv property:

pmmEnv:
PMM_ENABLE_UPDATES: "1"

SSL certificates¶

PMM comes with self-signed SSL certificates, ensuring a secure connection between the client and server. However, since these certificates are not issued by a trusted authority, you may encounter a security warning when connecting to PMM.

To enhance security, you have two options:

Configure custom certificates:

certs:
  name: pmm-certs
  files:
    certificate.crt: <content>
    certificate.key: <content>
    ca-certs.pem: <content>
    dhparam.pem: <content>

Use Ingress controller with TLS See PMM network configuration for details.