Enterprise Edition Installation Guide
Deploy OpenObserve Enterprise Edition as a Highly Available (HA) installation using Helm.
This guide explains how to deploy OpenObserve Enterprise Edition in a Kubernetes environment using Helm.
These instructions use Amazon EKS and S3 for demonstration, but the deployment works with any Kubernetes environment, such as GKE or AKS, and other object storage services such as Azure Blob, MinIO, or GCS.
For support, reach out in the Slack channel.
Architecture Overview
OpenObserve Enterprise Edition depends on several components to support scalable ingestion, search, storage, and access control:
- Object Storage, such as S3, Azure Blob, GCS, or MinIO, stores all telemetry data in Parquet format.
- PostgreSQL stores metadata such as dashboards, stream configurations, users, and the filelist table.
- NATS coordinates communication between ingestion and query nodes.
- Dex and OpenFGA enable Single Sign-On (SSO) and Role-Based Access Control (RBAC).
Installation Steps
Follow these steps to install OpenObserve Enterprise Edition:
Prerequisites
Before you begin, ensure that the following are available:
- An active AWS account with permissions to create EKS clusters, S3 buckets, IAM roles, and policies.
- AWS CLI installed and configured using the
aws configure
command.
Step 1: Create a Kubernetes Cluster Using eksctl
Cluster Setup: This step sets up the Kubernetes cluster using Amazon EKS. You can use any other Kubernetes service instead of EKS.
- Download the cluster configuration file:
- Open
o2-eks.yaml
and update theCLUSTER_NAME
. - Run the following command to create the cluster:
After this step, you have a working Kubernetes cluster. The platform does not need to be Amazon EKS. You can use Google Kubernetes Engine (GKE), Azure Kubernetes Service (AKS), or any other distribution.
Step 2: Install Helm
Deployment Tool: Helm is a tool that simplifies application deployment in Kubernetes by using reusable configuration templates called charts.
For installation instructions, see the Helm Installation Guide.
Step 3: Create an S3 Bucket and IAM Role
Object Storage and IAM Access: This step configures a storage bucket and IAM role that OpenObserve will use to write log data to S3.
- Download and prepare the script:
- Open
bucket.sh
and update theCLUSTER_NAME
variable to match your cluster ou created in Step 1. - Run the script:
Make a note of the following:
- Bucket name
- IAM role ARN
These values are required for the Helm chart configuration in later steps.
You can verify the bucket and IAM role in the AWS Console. You should see the S3 bucket and a role named OpenObserveRole.
Step 4: Download the OpenObserve Helm Values File
Deployment Configuration: This file contains the configurable parameters that control how OpenObserve will be deployed.
Download the values file using:
Step 5: Update the values.yaml
Configuration
Helm Chart Configurations: This step configures access credentials, storage, and platform-specific settings before deploying OpenObserve.
- Add the IAM role for the service account
Under the
serviceAccount
section, add the IAM role ARN: - Configure the object storage provider
Under the config section, set the S3 provider, bucket name, and region:
Valid values for
ZO_S3_PROVIDER
includes3
,azure
,minio
, andgcs
. Example configurations for Azure and MinIO are available in the samevalues.yaml
file. - Set up root user credentials Under the auth section, define login credentials for the root user:
- Enable RBAC and SSO To enable role-based access control and single sign-on, add the following configuration: For more inforamtion, refer to the RBAC and SSO guides.
Note
The NATS coordinator service is deployed automatically by the OpenObserve Helm chart. You do not need to install or configure it separately.
Step 6: Install PostgreSQL Using CloudNativePG
Metadata Storage: OpenObserve uses PostgreSQL to store metadata such as dashboards, stream configurations, users, and the filelist table.
If you are not using Amazon RDS, install the CloudNativePG operator using the following command:
Step 7: Create a gp3
Storage Class
Local Buffering: This storage class enables local disk buffering before telemetry data is stored in S3.
Create the gp3
storage class using:
kubectl apply -f https://raw.githubusercontent.com/openobserve/eks-openobserve/main/gp3_storage_class.yaml
kubectl get sc
.
This command works with all Kubernetes environments. The gp3
class is specific to Amazon EBS.
Step 8: Add the OpenObserve Helm Repository
Chart Repository: This repository contains the official Helm chart for deploying OpenObserve.
Step 9: Deploy OpenObserve Using Helm
Deployment: This step installs OpenObserve into your Kubernetes cluster using the Helm chart.
- Create the namespace:
- Deploy OpenObserve:
After installation, the output displays akubectl port-forward
command. Run that command and then openhttp://localhost:<port>
in your browser, replacing<port>
with the actual port number shown.
OpenObserve is now running in your Kubernetes cluster. Log in using the root user credentials configured in Step 5 to start using OpenObserve.
Note
OpenObserve also provides an Infrastructure as Code (IAC) workflow using Terraform or OpenTofu. This streamlines the deployment of Amazon Elastic Kubernetes Service (EKS) and OpenObserve in HA mode. It enables teams to quickly provision and manage OpenObserve infrastructure in Amazon EKS using prebuilt, flexible modules. To explore this option, visit the openobserve-eks-iac repository.