Kubernetes Deployment

Mezite ships a Helm chart for deploying to Kubernetes at deploy/helm/mezite/ in the repository.

Prerequisites

  • Kubernetes 1.27+
  • Helm 3.12+
  • A PostgreSQL 16 instance (managed or self-hosted)

Installation

Install with Helm bash 
# Install from the local chart in the repository
helm install mezite ./deploy/helm/mezite/ \
  --namespace mezite \
  --create-namespace \
  --set database.host=postgres \
  --set database.password=secret \
  --set proxy.publicAddr=mezite.example.com:443 \
  --set caKeyPassphrase=change-me

values.yaml

Key configuration options in deploy/helm/mezite/values.yaml:

values.yaml (key fields) yaml 
replicas: 2

image:
  repository: ghcr.io/leonardaustin/mezite
  tag: latest
  pullPolicy: IfNotPresent

clusterName: mezite

# Database connection. For an externally-managed PostgreSQL (RDS, Aurora,
# CloudSQL), set database.external.enabled=true and provide the connection
# details under database.external.*.
database:
  host: postgres
  port: 5432
  name: mezite
  user: mezite
  password: ""
  sslmode: require
  external:
    enabled: false
    host: ""
    port: 5432
    name: ""
    user: ""
    sslmode: require
    existingSecret: ""  # K8s secret name with a 'password' key

# CA signing-key passphrase (required for production).
caKeyPassphrase: ""

proxy:
  publicAddr: ""        # LB hostname clients connect to
  maxConnsPerIP: 100

# Service ports. ClusterIP by default; expose via an Ingress, Gateway,
# or LB Service per your platform conventions.
service:
  type: ClusterIP
  ports:
    https: 3080
    ssh: 3023
    tunnel: 3024
    grpc: 3025

persistence:
  enabled: true
  size: 10Gi
  accessMode: ReadWriteOnce
  storageClass: ""

resources:
  requests:
    cpu: 100m
    memory: 128Mi
  limits:
    cpu: "1"
    memory: 512Mi

log:
  level: info
  format: json

PostgreSQL Setup

The Helm chart does not bundle PostgreSQL — point database.* at an existing instance. For tests or trial installs, the Bitnami PostgreSQL chart works well:

Example: deploy PostgreSQL with Helm bash 
helm install pg bitnami/postgresql \
  --namespace mezite \
  --set auth.username=mezite \
  --set auth.password=secret \
  --set auth.database=mezite

Configuration

Override any value at install time or with a custom values file:

Custom values file bash 
helm install mezite ./deploy/helm/mezite/ \
  --namespace mezite \
  --create-namespace \
  -f my-values.yaml

Scaling

The auth and proxy services share a single Deployment and are stateless (all state lives in PostgreSQL plus the persistent volume), so they can be scaled horizontally:

Scale the deployment bash 
kubectl scale deployment mezite-mezhub --replicas=3 -n mezite

Agents maintain persistent reverse tunnels to the proxy. When scaling the proxy, ensure your load balancer supports long-lived TCP connections on port 3024 (the agent tunnel port).