Install Chef 360 Platform in a Bring Your Own Kubernetes (BYOK) deployment

This guide covers installing Chef 360 Platform Server on your own Kubernetes cluster with internet connectivity. In a standard Bring Your Own Kubernetes (BYOK) installation, Chef 360 Platform can access external resources during installation and operation. Chef 360 Platform provides the application components and orchestration, allowing you to use your existing Kubernetes infrastructure and operational practices.

This guide focuses on managed Kubernetes platforms—such as Amazon EKS, Azure AKS, and Red Hat OpenShift—covering cluster prerequisites, storage configuration, and a streamlined installation process.

Prerequisites

Before you begin, review the BYOK system requirements.

You need the following:

A Chef 360 Platform authorization code
A valid Chef 360 Platform license
Access to Chef 360 Platform Enterprise Portal—contact your customer representative for access to the portal.

You need the following applications installed on your workstation:

kubectl
Helm v3 or later
preflight and support-bundle kubectl plugins

Deploy Chef 360 Platform on your Kubernetes cluster

To deploy Chef 360 Platform, complete the following steps in order:

Configure your cluster
Install Chef 360 Platform
Verify the installation

Configure your cluster

To prepare your cluster for installation, follow these steps:

Configure kubectl to connect to your target cluster, then verify that all nodes are Ready:
```
kubectl get nodes
kubectl get pods -A
```
All nodes must show Ready status and all control plane components must show Running status.
Verify that your cluster has a default StorageClass:
```
kubectl get storageclass
```
Look for the (default) annotation next to your desired storage class. Ensure exactly one StorageClass is marked as default—multiple defaults can cause persistent volume claim (PVC) binding failures.
If no default StorageClass exists or you need to change it, run the following command:
```
kubectl patch storageclass <STORAGE_CLASS_NAME> \
  -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
```
The following table lists recommended storage classes for common platforms:
Platform Recommended StorageClass Performance tier
Amazon EKS gp3 or gp2 General purpose SSD
Azure AKS managed-csi or default Standard SSD
OpenShift gp2 or platform-specific Platform-specific
Optional: For cloud platforms that require load balancer configuration, set up external access according to your platform’s requirements. See the network requirements.
Optional: For Tiered and Hyperscaled HA deployments, label nodes to control how Chef 360 Platform components are scheduled:
```
kubectl label node <NODE_ID> <LABEL_KEY>=<LABEL_VALUE>
```

Platform	Recommended StorageClass	Performance tier
Amazon EKS	`gp3` or `gp2`	General purpose SSD
Azure AKS	`managed-csi` or `default`	Standard SSD
OpenShift	`gp2` or platform-specific	Platform-specific

Install Chef 360 Platform

To install Chef 360 Platform on your cluster, follow these steps:

Configure Helm to access Chef 360 Platform registries:
```
export USERNAME="<USERNAME>"
export PASSWORD="<AUTHORIZATION_CODE>"
```
Replace:
- <USERNAME> with your username. For example, email@example.com.
- <AUTHORIZATION_CODE> with your authorization code.
Log in to the Chef 360 Platform registry:
```
helm registry login registry.chef360.chef.io \
  --username "$USERNAME" \
  --password "$PASSWORD"
```
Get your installation commands from the Chef 360 Platform Enterprise Portal.
Sign in to the Chef 360 Platform Enterprise Portal to get your customer-specific installation commands. The portal provides the following values for your installation:
- Channel: <CHANNEL>
- Version: <VERSION>
- Registry: oci://registry.chef360.chef.io/chef-360/
Download a Helm values YAML file from the list below that matches your deployment requirements:
- Basic configuration: For simple deployments, development, or testing environments.
- Complete configuration: For production deployments requiring external storage, logging, and TLS.
In the Helm values YAML file that you downloaded, replace the following placeholders:
- <FQDN> with your domain name or IP address. For example, chef360.example.com or 192.0.2.0.
- <TENANT_SLUG> with a unique tenant identifier. For example, company-dev-01.
- <ORGANIZATION_NAME> with your organization name. For example, ExampleOrganization.
- <ADMIN_EMAIL> with the administrator email address. For example, admin@example.com.
- <FIRST_NAME> with the admin user’s first name. For example, John.
- <LAST_NAME> with the admin user’s last name. For example, Doe.
- <SMTP_USERNAME> with the SMTP authentication username. For example, noreply@example.com.
- <SMTP_PASSWORD> with the SMTP authentication password. For example, smtp-password.
- <SENDER_EMAIL> with the email sender address. For example, chef360@example.com.
- <STORAGE_CLASS> with the Kubernetes StorageClass name. For example, gp3 or gp2 on Amazon EKS.
- <CHEF_360_PLATFORM_LICENSE> with your base64-encoded Chef 360 Platform license.
- Optional: <ROOT_CA_CERTIFICATE> (complete configuration only) with your root CA certificate if you’re using a private CA for TLS.

Run preflight checks to verify that your cluster meets the requirements:

helm template oci://registry.chef360.chef.io/chef-360/<CHANNEL>/chef-360 \
  --version <VERSION> -f <HELM_VALUES_YAML_FILE> | kubectl preflight -

Install Chef 360 Platform:

helm install infrastructure-crds oci://registry.chef360.chef.io/chef-360/<CHANNEL>/infrastructure-crds \
  --version 0.1.0 && \
helm install chef-360 oci://registry.chef360.chef.io/chef-360/<CHANNEL>/chef-360 \
  --version <VERSION> -f <HELM_VALUES_YAML_FILE>

Use the following commands to monitor your deployment:

Watch pod status in real time:
```
kubectl get pods -w
```

Check for recent cluster events:

kubectl get events --sort-by=.metadata.creationTimestamp

Verify your installation

After installation completes, verify that Chef 360 Platform is running correctly:

Check that all pods are running:
```
kubectl get pods -n <NAMESPACE>
```
Replace <NAMESPACE> with the namespace where you installed Chef 360 Platform.
A healthy installation shows:
- All pods in Running or Completed status
- No pods in CrashLoopBackOff or ImagePullBackOff states
- Restart counts at 0 or low
Confirm that all persistent volume claims (PVCs) are bound:
```
kubectl get pvc -n <NAMESPACE>
```
Replace <NAMESPACE> with the namespace where you installed Chef 360 Platform.
Verify the following:
- All PVCs show Bound status
- PVCs are bound to persistent volumes (PVs) through the default StorageClass
- Storage requests match expected sizes
Confirm that you’re receiving email notifications from the Chef 360 Platform notification system.
Verify that the tenant is accessible through the web UI by navigating to your configured domain and port.

Troubleshooting

The following section describes how to diagnose issues with a running deployment.

Diagnose issues with a running deployment

To diagnose issues with a running Chef 360 Platform deployment, generate a support bundle that captures a comprehensive snapshot of your cluster:

kubectl support-bundle

The support bundle is a compressed file that contains:

Cluster information and logs
Pod status and configurations
Network and storage details
Chef 360 Platform specific diagnostics

Next steps

After you install Chef 360 Platform:

Enroll nodes to begin managing your infrastructure
Install CLI tools for command-line management
Configure node management settings
Explore administration features for user and organization management