Self-Hosted Neurelo Gateways
Last updated
Last updated
This guide shows you how to install the Neurelo Gateway within your existing network & compute infrastructure. If you are new to Neurelo, we recommend to follow the getting started guides for an introduction to the Neurelo platform and core concepts.
Self-Hosting a Neurelo Gateway is currently an enterprise-only feature, so before proceeding please ensure that your organization’s subscription tier is up-to-date. For new customers wishing to self-host Neurelo, please contact us for details.
Neurelo’s Gateways use the client-registration pattern to make the` installation & maintenance process of Neurelo Gateways simple for cluster administrators. This means that only two fields, an “id” and “secret” are necessary to configure a Neurelo Gateway.
The values for the Gateway client id & secret fields can be generated from the Neurelo Dashboard via the following process:
Navigate to the "Gateways" option by clicking the Org Selector at bottom left of your dashboard
Register a new Gateway
Complete the “Create Gateway” form. The Gateway Domain should be the domain which you would like to expose your Neurelo Gateway to listen for HTTPS API requests on.
The Neurelo Gateway Kubernetes Operator uses webhooks to inject implicit default values during mutations on Runner Custom Resource Definitions. The webhook protocol is HTTPS and Neurelo depends on Cert Manager to issue self-signed certificates. A default cert-manager installation in the cert-manager namespace is sufficient.
The default one-line installation, copied from the official cert-manager documentation, satisfies this requirement.
For self-hosted deployments, Neurelo maintains TAR archives for Helm via download from the Neurelo UI. This section explains the Neurelo TAR archives and how to use them. Neurelo Helm charts are not distributed through a chart repo or chart museum at the moment.
Download the chart from the Neurelo UI
Extract the values.yaml file from the archive for modification
Using your text editor of choice, edit the values.yaml and replace the client.id and client.secret properties with your Gateway’s client credentials
Install the Neurelo Gateway helm chart into your desired namespace, neurelo in the example below
INSTALLATION FAILED: Internal error occurred: failed calling webhook "webhook.cert-manager.io": failed to call webhook during Helm installation
This error is caused because the self-signed certificate requested by the Custom Resource operator of the Neurelo Gateway was unable to be requested. Typically this suggests that the Cert Manager dependency is not installed or is not accessible to the Neurelo Gateway.
If Cert Manager is not installed, please follow these instructions for installing an un-opinionated, default instance in your cluster.
If Cert Manager is installed in the cert-manager namespace, please check the RBAC policy that Cert Manager is deployed with to ensure that self-signed cluster-internal certificates are able to be requested from within the namespace which you are attempting to deploy your Neurelo Gateway into.
If you still experience issues, please contact support@neurelo.com with your Cert Manager installation details.
