Running PhotoPrism with Kubernetes¶
For advanced users only. This guide is maintained by the community and may contain inaccurate or incomplete advice. You can contribute by clicking to send a pull request with your changes.
Running PhotoPrism on a Kubernetes cluster is straightforward.
At a minimum, you can just define a Kubernetes Service and a StatefulSet and be up and running.
For more real-world usage, you'll probably want to at least include persistent storage,
and possibly some Ingress rules for exposing PhotoPrism outside your cluster.
For those familiar with Helm, a PhotoPrism Helm chart is available.
Once you've got PhotoPrism deployed, you can exec into the running container and photoprism import your photos.
Here's an example of a YAML file that creates the following Kubernetes objects:
NamespaceServiceexposing PhotoPrism on port 80StatefulSetwith persistent NFS volumesSecretwhich stores the database DSN and admin passwordIngressrule for a Kubernetes ingress controller- Annotations for a Kubernetes
Certificate Manager
apiVersion: v1
kind: Namespace
metadata:
name: photoprism
---
apiVersion: v1
kind: Secret
metadata:
name: photoprism-secrets
namespace: photoprism
stringData:
PHOTOPRISM_ADMIN_PASSWORD: <your admin password here>
PHOTOPRISM_DATABASE_DSN: username:password@tcp(db-server-address:3306)/dbname?charset=utf8mb4,utf8&parseTime=true
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: photoprism
namespace: photoprism
spec:
selector:
matchLabels:
app: photoprism
serviceName: photoprism
replicas: 1
template:
metadata:
labels:
app: photoprism
spec:
containers:
- name: photoprism
image: photoprism/photoprism:latest
env:
- name: PHOTOPRISM_DEBUG
value: "true"
- name: PHOTOPRISM_DATABASE_DRIVER
value: mysql
- name: PHOTOPRISM_HTTP_HOST
value: 0.0.0.0
- name: PHOTOPRISM_HTTP_PORT
value: "2342"
# Load database DSN & admin password from secret
envFrom:
- secretRef:
name: photoprism-secrets
optional: false
ports:
- containerPort: 2342
name: http
volumeMounts:
- mountPath: /photoprism/originals
name: originals
- mountPath: /photoprism/import
name: import
- mountPath: /photoprism/storage
name: storage
readinessProbe:
httpGet:
path: /api/v1/status
port: http
volumes:
- name: originals
nfs:
path: /originals
# readOnly: true # Disables import and upload!
server: my.nas.host
- name: import
nfs:
path: /import
server: my.nas.host
- name: storage
nfs:
path: /storage
server: my.nas.host
---
apiVersion: v1
kind: Service
metadata:
name: photoprism
namespace: photoprism
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
selector:
app: photoprism
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
# For nginx ingress controller:
kubernetes.io/ingress.class: nginx
# Default is very low so most photo uploads will fail:
nginx.ingress.kubernetes.io/proxy-body-size: "512M"
# If using cert-manager:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/tls-acme: "true"
name: photoprism
namespace: photoprism
spec:
rules:
- host: photoprism.my.domain
http:
paths:
- backend:
service:
name: photoprism
port:
name: http
path: /
pathType: Prefix
tls:
- hosts:
- photoprism.my.domain
secretName: photoprism-cert
To run this locally, you can use minikube or a similar local cluster deployer.
Once your cluster is up and running with your kubectl commands. Simply copy the above YAML
markup to a file, make the necessary changes, and use the kubectl CLI command to deploy:
kubectl create -f photoprism.yaml
If you prefer to use helm, see p80n/photoprism-helm.