Getting Started

This tutorial guides you through setting up and configuring a self-hosted Mission Control environment.

Prerequisites

To install and run Mission Control you need the following:

• Kubernetes 1.26+ with an Ingress Controller
• cert-manager.io or an existing TLS secret for ingress
• 1 - 2 CPUs and 6-8GB of Memory (2-4GB if using an external DB)
• Persistent Volumes with 20GB+ of storage or an external postgres database
• (Optional) prometheus operator
• (Optional) SMTP Server (For sending notifications and invites)

---

1. Choose a routable DOMAIN for Mission Control

   See Ingress for more options on configuring the ingress including generating certs with cert-manager

   See Local Testing for testing using a kind or minikube without a routable domain

2. Install Mission Control

   tip

   If you are installing on EKS and plan to scrape AWS resources use the method described in EKS instead

   Helm

   helm repo add flanksource https://flanksource.github.io/charts 
   helm repo update
   helm install mission-control flanksource/mission-control \
    --set global.ui.host=DOMAIN \
    -n mission-control --create-namespace \
    --wait 

   Flux

   apiVersion: v1
   kind: Namespace
   metadata:
     name: mission-control
   ---
   apiVersion: source.toolkit.fluxcd.io/v1beta1
   kind: HelmRepository
   metadata:
     name: flanksource
     namespace: mission-control
   spec:
     interval: 5m0s
     url: https://flanksource.github.io/charts
   ---
   apiVersion: helm.toolkit.fluxcd.io/v2beta1
   kind: HelmRelease
   metadata:
     name: mission-control
     namespace: mission-control
   spec:
     chart:
       spec:
         chart: mission-control
         sourceRef:
           kind: HelmRepository
           name: flanksource
           namespace: mission-control
         interval: 1m
     values:
     
      global.ui.host: DOMAIN
   See values.yaml

3. Login @ https://DOMAIN/

   The default username is admin@local and the password can be retrieved with:

   kubectl get secret  mission-control-admin-password \
     -n mission-control \
     --template='{{.data.password | base64decode}}'
   

Optional Steps

3Configure Email (SMTP)

An SMTP server is required for sending notifications, approvals, user invites and password resets.

The format of connection_uri is smtp|smtps://USER:PASS@host:PORT[?param=value]

Use smtps for implicit TLS sessions or smtp for explicit StartTLS/cleartext sessions.

Parameter	Description	Default
disable_starttls	When using smtp scheme, set to true to allow cleartext sessions or false to enforce StartTLS	false
skip_ssl_verify	Set to true to allow self-signed TLS certificates or false to enforce certificate verification. Applies to both implicit and explicit TLS sessions	false

values.yaml
kratos:
  kratos:
    config:
      courier:
        smtp:
          connection_uri: # smtp://user:pass@localhost:25
          from_address: noreply@
          from_name: Mission Control
          # These headers will be passed in the SMTP conversation
          # e.g. when using the AWS SES SMTP interface for cross-account sending.
          headers: {}
          # Identifier used in the SMTP HELO/EHLO command.
          # Some SMTP relays require a unique identifier.
          local_name: ""

See also HTTP Webhooks for sending emails.

4Single Sign On

See SSO

5External Database

See Database to configure an external database such as AWS RDS or Google Cloud SQL, or to optimize the bundled PostgreSQL settings.