Skip to main content
Version: Next

HA Cluster Setup

You can run three Dgraph Alpha servers and three Dgraph Zero servers in a highly available cluster setup. For a highly available setup, start the Dgraph Zero server with --replicas 3 flag, so that all data is replicated on three Alpha servers and forms one Alpha group. You can install a highly available cluster using Helm charts.

Before you begin

  • Install kubectl.
  • Ensure that you have a production-ready Kubernetes cluster with atleast three worker nodes running in a cloud provider of your choice.
  • Install Helm.
  • (Optional) To run Dgraph Alpha with TLS, see TLS Configuration.

Installing a highly available Dgraph cluster using Helm

  1. Verify that you are able to access the nodes in the Kubernetes cluster:

    kubectl get nodes

    An output similar to this appears:

      NAME                                          STATUS   ROLES    AGE   VERSION
     <aws-ip-hostname>.<region>.compute.internal   Ready    <none>   1m   v1.15.11-eks-af3caf
     <aws-ip-hostname>.<region>.compute.internal   Ready    <none>   1m   v1.15.11-eks-af3caf
     <aws-ip-hostname>.<region>.compute.internal   Ready    <none>   1m   v1.15.11-eks-af3caf

    After your Kubernetes cluster is up and running, you can use of the Dgraph Helm chart to install a highly available Dgraph cluster

  2. Add the Dgraph helm repository::

    helm repo add dgraph https://charts.dgraph.io

  3. Install the chart with <RELEASE-NAME>:

    helm install <RELEASE-NAME> dgraph/dgraph

    You can also specify the version using:

       helm install <RELEASE-NAME> dgraph/dgraph --set image.tag="{{< version >}}"

    When configuring the Dgraph image tag, be careful not to use latest or main in a production environment. These tags may have the Dgraph version change, causing a mixed-version Dgraph cluster that can lead to an outage and potential data loss.

    An output similar to this appears:

    NAME: <RELEASE-NAME>
    LAST DEPLOYED: Wed Feb  1 21:26:32 2023
    NAMESPACE: default
    STATUS: deployed
    REVISION: 1
    TEST SUITE: None
    NOTES:
    1. You have just deployed Dgraph, version 'v21.12.0'.

       For further information:
        * Documentation: https://dgraph.io/docs/
        * Community and Issues: https://discuss.dgraph.io/   
    2. Get the Dgraph Alpha HTTP/S endpoint by running these commands.
       export ALPHA_POD_NAME=$(kubectl get pods --namespace default --selector "statefulset.kubernetes.io/pod-name=<RELEASE-NAME>-dgraph-alpha-0,release=<RELEASE-NAME>-dgraph" --output jsonpath="{.items[0].metadata.name}")
       echo "Access Alpha HTTP/S using http://localhost:8080"
       kubectl --namespace default port-forward $ALPHA_POD_NAME 8080:8080

      NOTE: Change "http://" to "https://" if TLS was added to the Ingress, Load Balancer, or Dgraph Alpha service.

  4. Get the name of the Pods in the cluster using kubectl get pods:

       NAME                          READY   STATUS    RESTARTS   AGE
      <RELEASE-NAME>-dgraph-alpha-0   1/1     Running   0          4m48s
      <RELEASE-NAME>-dgraph-alpha-1   1/1     Running   0          4m2s
      <RELEASE-NAME>-dgraph-alpha-2   1/1     Running   0          3m31s
      <RELEASE-NAME>-dgraph-zero-0    1/1     Running   0          4m48s
      <RELEASE-NAME>-dgraph-zero-1    1/1     Running   0          4m10s
      <RELEASE-NAME>-dgraph-zero-2    1/1     Running   0          3m50s

  5. Get the Dgraph Alpha HTTP/S endpoint by running these commands:

        export ALPHA_POD_NAME=$(kubectl get pods --namespace default --selector "statefulset.kubernetes.io/pod-name=<RELEASE-NAME>-dgraph-alpha-0,release=<RELEASE-NAME>-dgraph" --output jsonpath="{.items[0].metadata.name}")
        echo "Access Alpha HTTP/S using http://localhost:8080"
        kubectl --namespace default port-forward $ALPHA_POD_NAME 8080:8080

Deleting the resources from the cluster

  1. Delete the Helm deployment using:

      helm delete my-release

  2. Delete associated Persistent Volume Claims:

    kubectl delete pvc --selector release=my-release

Dgraph configuration files

You can create a Dgraph Config files for Alpha server and Zero server with Helm chart configuration values, <MY-CONFIG-VALUES>. For more information about the values, see the latest configuration settings.

  1. Open an editor of your choice and create a config file named <MY-CONFIG-VALUES>.yaml:
# <MY-CONFIG-VALUES>.yaml
alpha:
  configFile:
    config.yaml: |
      alsologtostderr: true
      badger:
        compression_level: 3
        tables: mmap
        vlog: mmap
      postings: /dgraph/data/p
      wal: /dgraph/data/w
zero:
  configFile:
    config.yaml: |
      alsologtostderr: true
      wal: /dgraph/data/zw
  1. Change to the director in which you created <MY-CONFIG-VALUES>.yaml and then install with Alpha and Zero configuration using:
helm install <RELEASE-NAME> dgraph/dgraph --values <MY-CONFIG-VALUES>.yaml

Exposing Alpha and Ratel Services

By default Zero and Alpha services are exposed only within the Kubernetes cluster as Kubernetes service type ClusterIP.

In order to expose the Alpha service and Ratel service publicly you can use Kubernetes service type LoadBalancer or an Ingress resource.

Public Internet

To use an external load balancer, set the service type to LoadBalancer.

:::noteFor security purposes we recommend limiting access to any public endpoints, such as using a white list.:::

  1. To expose Alpha service to the Internet use:
helm install <RELEASE-NAME> dgraph/dgraph --set alpha.service.type="LoadBalancer"
  1. To expose Alpha and Ratel services to the Internet use:
helm install <RELEASE-NAME> dgraph/dgraph --set alpha.service.type="LoadBalancer" --set ratel.service.type="LoadBalancer"
Private Internal Network

An external load balancer can be configured to face internally to a private subnet rather the public Internet. This way it can be accessed securely by clients on the same network, through a VPN, or from a jump server. In Kubernetes, this is often configured through service annotations by the provider. Here's a small list of annotations from cloud providers:

ProviderDocumentation ReferenceAnnotation
AWSAmazon EKS: Load Balancingservice.beta.kubernetes.io/aws-load-balancer-internal: "true"
AzureAKS: Internal Load Balancerservice.beta.kubernetes.io/azure-load-balancer-internal: "true"
Google CloudGKE: Internal Load Balancingcloud.google.com/load-balancer-type: "Internal"

As an example, using Amazon EKS as the provider.

  1. Create a Helm chart configuration values file <MY-CONFIG-VALUES>.yaml file:
# <MY-CONFIG-VALUES>.yaml
alpha:
  service:
    type: LoadBalancer
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
ratel:
  service:
    type: LoadBalancer
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
  1. To expose Alpha and Ratel services privately, use:
helm install <RELEASE-NAME> dgraph/dgraph --values <MY-CONFIG-VALUES>.yaml

Upgrading the Helm chart

You can update your cluster configuration by updating the configuration of the Helm chart. Dgraph is a stateful database that requires some attention on upgrading the configuration carefully in order to update your cluster to your desired configuration.

In general, you can use helm upgrade to update the configuration values of the cluster. Depending on your change, you may need to upgrade the configuration in multiple steps.

To upgrade to an HA cluster setup:

  1. Ensure that the shard replication setting is more than one and zero.shardReplicaCount. For example, set the shard replica flag on the Zero node group to 3,zero.shardReplicaCount=3.
  2. Run the Helm upgrade command to restart the Zero node group: 
    helm upgrade <RELEASE-NAME> dgraph/dgraph [options]
  3. Set the Alpha replica count flag. For example: alpha.replicaCount=3.
  4. Run the Helm upgrade command again: 
    helm upgrade <RELEASE-NAME> dgraph/dgraph [options]