System requirements
Kubernetes, database, and network requirements for a self-hosted Scalekit deployment.
You will confirm that your Kubernetes cluster, databases, and network meet the requirements for a self-hosted deployment. This helps you avoid installation failures and costly production issues later.
Prepare Kubernetes
Section titled “Prepare Kubernetes”| Requirement | Value |
|---|---|
| Kubernetes version | 1.27 or later |
| Helm version | 3.12 or later |
kubectl | Configured with cluster access |
Any managed Kubernetes service works (GKE, EKS, AKS, or a self-managed cluster).
Scalekit supports two ingress options. Use one, not both:
- Kubernetes Gateway API (recommended for cloud clusters): requires a GatewayClass installed on your cluster
- Nginx Ingress (for local or Minikube deployments): requires the nginx ingress controller
For Gateway API, common GatewayClasses:
| Provider | GatewayClass |
|---|---|
| GKE | gke-l7-global-external-managed (built-in) |
| Istio | istio |
| Envoy Gateway | eg |
On GKE, the Gateway controller is enabled by default. For other clusters, install the Gateway API CRDs and a compatible controller before deploying Scalekit.
Prepare PostgreSQL
Section titled “Prepare PostgreSQL”Scalekit requires three separate databases on PostgreSQL 15 or later. These can all live on the same PostgreSQL instance.
| Database | Used by |
|---|---|
scalekit | Core auth service |
webhooks | Webhook delivery |
openfga | Authorization engine (if enabled) |
Create a dedicated user with full privileges on each database. Scalekit runs migrations automatically on install and upgrade.
Prepare Redis
Section titled “Prepare Redis”| Requirement | Value |
|---|---|
| Version | 6.2 or later |
Scalekit uses Redis for session storage, token caching, and background job queues. Redis does not need persistence enabled, but enabling RDB snapshots is recommended for production.
Set up email (SMTP)
Section titled “Set up email (SMTP)”Scalekit sends transactional email for password resets, magic links, and user invitations. You need an SMTP provider configured before first run.
Supported providers with first-class integration: Postmark, SendGrid. Any SMTP server works with the OTHER provider type.
Size your nodes
Section titled “Size your nodes”| Resource | Production (per node) |
|---|---|
| CPU | 4 vCPUs |
| RAM | 8 GB |
The Scalekit Deployment defaults to 2 replicas with autoscaling up to 20. Each replica includes all sidecar containers. Tune replicaCount and HPA settings in your values.yaml.
Configure network and DNS
Section titled “Configure network and DNS”Set up DNS
Section titled “Set up DNS”A wildcard DNS record pointing to your Gateway’s external IP is required. You set this up after the deployment is running (see Install Scalekit).
Set up TLS
Section titled “Set up TLS”HTTPS is required. Manage certificates through your cloud provider’s certificate manager (for example, GCP Certificate Manager) and reference it via a Gateway annotation. cert-manager is also supported. Add the appropriate annotation to gateway.annotations in your values.yaml.
Access the container registry
Section titled “Access the container registry”Scalekit container images are hosted on a private container registry. You receive the registry server URL and credentials through the Scalekit distribution portal as part of onboarding. The registry token is stored as a Kubernetes image pull secret (artifact-registry-secret) during setup.
Next step
Section titled “Next step”Once your infrastructure is ready, the Configure your deployment page will help you prepare the values.yaml that drives your deployment.