Mainflux can be easily deployed on Kubernetes platform by using Helm Chart from offical Mainflux DevOps GitHub repository.


  • Kubernetes - install it or have access to a cluster
  • kubectl - locally installed and configured
  • Helm v3
  • Stable Helm repository installed
  • Nginx Ingress Controller

Kubectl is official Kubernetes command line client, follow this instructions to install it.

Regaqrding the cluster control with kubectl, defualt config .yaml file should be ~/.kube/config, so if you have another one (for example one downloaded from DO), it should be renamed.

Installing Helm v3 on Linux:

curl >
chmod 700

Verify it's installed:

helm version

Add stable chart repository:

helm repo add stable

Deploying Mainflux#

Get Helm charts from Mainflux DevOps GitHub repository:

git clone
cd devops/charts/mainflux

Update the on-disk dependencies to mirror Chart.yaml:

helm dependency update

If you didn't already have namespace created you should do it with:

kubectl create namespace mf

Deploying release named mainflux in namespace named mf is done with just:

helm install mainflux . -n mf

Mainflux is now deployed on your Kubernetes.

If Nginx Ingress Controller isn't already installed, this would install it in mf namespace:

helm install nginx-mainflux stable/nginx-ingress -n mf

Customizing installation#

You can override default values while installing with --set option. For example, if you want to specify ingress hostname and pull latest tag of users image:

helm install mainflux -n mf --set ingress.hostname='' --set users.image.tag='latest'

Or if release is already installed, you can update it:

helm upgrade mainflux -n mf --set ingress.hostname='' --set users.image.tag='latest'

The following table lists the configurable parameters and their default values.

Parameter Description Default
defaults.logLevel Log level debug
defaults.image.pullPolicy Docker Image Pull Policy IfNotPresent
defaults.image.repository Docker Image Repository mainflux
defaults.image.tag Docker Image Tag 0.10.0
nginx_internal.mtls.tls TLS secret which contains the server cert/key ''
nginx_internal.mtls.intermediate_crt Generic secret which contains the intermediate cert used to verify clients ''
ingress.enabled Should the Nginx Ingress be created true
ingress.hostname Hostname for the Nginx Ingress ''
ingress.tls.hostname Hostname of the Nginx Ingress certificate ''
ingress.tls.secret TLS secret for the Nginx Ingress '' VerneMQ memory resource request 512Mi VerneMQ memory resource limit 4Gi

All Mainflux services can have their logLevel, image.pullPolicy, image.repository and image.tag overridden. The names of the services are:

  • adapter_coap
  • adapter_http
  • mqtt.proxy
  • adapter_ws
  • things
  • ui
  • users
  • authn
  • influxdb_writer
  • infuxdb_reader