Deploy
Deploy the Edge Policy app to Kubernetes via Helm.
The chart deploys a CronJob that periodically generates filter tables from Prometheus metrics.
Step 1: Prerequisites
| Requirement | Description |
|---|---|
| Log10x License | Your license key (get one) |
| Helm | Helm CLI installed |
| kubectl | Configured to access your cluster |
| GitHub Token | Personal access token for config repo (create one) |
| Prometheus | Running instance with Edge Reporter metrics (Prometheus or Log10x managed) |
Step 2: Add Helm Repository
Verify the chart appears:
Step 3: Configure Deployment Settings
Create a new file called my-edge-policy.yaml in your working directory. This Helm values file will be used in all subsequent steps.
Step 4: Load Configuration
Load the 10x Engine config folder into the cluster using one of the methods below.
If you skip this step, the default configuration bundled with the Log10x image is used.
An init container clones your configuration repository before each CronJob run, ensuring always up-to-date configuration. Works with GitHub, GitLab, Bitbucket, or any HTTPS-accessible Git provider.
- Fork the Config Repository
- Create a branch for your configuration changes
- Edit the app configuration to match your Prometheus input and filter table output
Add to your Helm values:
config:
git:
enabled: true
url: "https://github.com/YOUR-ACCOUNT/config.git"
branch: "my-edge-policy-config" # Optional
gitToken: "YOUR-GIT-TOKEN"
For production, store the token in a Kubernetes Secret rather than in the values file.
Mount an existing PersistentVolumeClaim that contains your configuration directory. This approach works in air-gapped environments and requires no external network access.
- Create a PVC containing your configuration files (cloned from the Config Repository)
- Reference it in your Helm values:
Step 5: Configure Secrets
Store sensitive credentials in Kubernetes Secrets rather than plain files.
Important: Only add secrets for modules you've configured in your Edge Policy app configuration.
Create the secret:
kubectl create secret generic edge-policy-credentials \
--from-literal=github-token=YOUR_GITHUB_TOKEN \
--from-literal=prometheus-token=YOUR_PROMETHEUS_TOKEN
Add secret references to your my-edge-policy.yaml:
jobs:
- name: policy-job
# ... (previous config)
extraEnv:
# For Prometheus input (if authentication required)
- name: PROMETHEUS_TOKEN
valueFrom:
secretKeyRef:
name: edge-policy-credentials
key: prometheus-token
# For GitHub filter table output
- name: GH_TOKEN
valueFrom:
secretKeyRef:
name: edge-policy-credentials
key: github-token
Step 7: Verify
Check the CronJob was created:
Trigger a manual run to test:
Check pod logs for errors:
Verify no errors appear in the log file.
Quickstart Full Sample
log10xLicense: "YOUR-LICENSE-KEY-HERE"
jobs:
- name: edge-policy
runtimeName: my-first-edge-policy
schedule: "*/15 * * * *"
args:
- "@apps/edge/policy"
github:
config:
token: "YOUR-GITHUB-TOKEN"
repo: "YOUR-ACCOUNT/REPO-NAME"
branch: "my-edge-policy-config"
extraEnv:
- name: GH_TOKEN
valueFrom:
secretKeyRef:
name: edge-policy-credentials
key: github-token