1. Home
  2. Docs
  3. Infrastructure
  4. Unleash (Feature Flags)

Unleash (Feature Flags)

Unleash is a feature flag service, that is also provided by GitLab. GitLab is currently open sourcing the feature flags feature, and when it arrives in GitLab.com we will not need to host our own Unleash.

Unleash on Kubernetes

We deploy Unleash on our Kubernetes DO Singapore cluster. It requires PostgreSQL which can be set up as DigitalOcean Managed PostgreSQL database (unfortunately its CA is not publicly trusted). Unfortunately nimrodshn/unleash-helm is no longer maintained so we deploy Unleash manually.

PostgreSQL Preparation and Secrets

Workaround: Until unleash PR #585 is accepted, we use PostgreSQL helm chart instead of Managed DigitalOcean.

helm repo add bitnami https://charts.bitnami.com/bitnami
helm install postgresql bitnami/postgresql --set persistence.size=1Gi

Create PostgreSQL instance (if not exists), create user “unleash”, then create the database “unleash” with that user.

CREATE USER unleash PASSWORD '***';
GRANT unleash TO doadmin;
CREATE DATABASE unleash OWNER unleash;

Save the JDBC URL secret in Kubernetes as unleash with keys postgresql-url.

apiVersion: v1
kind: Secret
metadata:
  name: unleash
data:
  postgresql-url: *BASE64 ENCODED postgres:// URL*
kubectl apply -f unleash-secret.yaml

Deploy Unleash DaemonSet

Ideally we could add CA certificate using Kubernetes ConfigMap, but this doesn’t work for Node.js. 🙁

Make the deployment unleash-server.yaml:

apiVersion: apps/v1
# https://www.magalix.com/blog/kubernetes-daemonsets-101
# https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
kind: DaemonSet
metadata:
  name: unleash-server-daemonset
spec:
  selector:
    matchLabels:
      app: unleash-server
  template:
    metadata:
      labels:
        app: unleash-server
    spec:
      hostNetwork: true
      containers:
        - name: unleash-server
          image: unleashorg/unleash-server:latest
          imagePullPolicy: IfNotPresent
          ports:
            - protocol: TCP
              name: http
              containerPort: 4242
          env:
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: NODE_ENV
              value: 'production'
              # value: 'development'
            - name: DATABASE_URL
              #value: postgres://postgres:unleash@unleash-db.default/postgres
              valueFrom:
                secretKeyRef:
                  name: unleash
                  key: postgresql-url
          resources:
            limits:
              memory: 100Mi
            requests:
              memory: 100Mi
      nodeSelector:
        kubernetes.io/hostname: pool-2gb-3ng5e

Open Firewall for Unleash only for our app server: (since Unleash is by default unsecured)

doctl compute firewall create --name unleash --inbound-rules "protocol:tcp,ports:4242,address:54.208.38.215" --tag-names=k8s:84a39cbd-ecbe-4dfd-86ea-2bc789ca5198

You can also add the Kubernetes cluster. For administration purposes, you may open the firewall temporarily for your own IP address.

Check DaemonSets:

kubectl get daemonset -o wide

Now you can manage feature toggles:

Unleash Client Libraries

https://docs.gitlab.com/ee/user/project/operations/feature_flags.html#client-libraries

Was this article helpful to you? Yes No

How can we help?