Set up your environment with the Hosted GitOps Runtime to leverage Codefresh GitOps capabilities.

Codefresh is responsible for the _availability of Hosted GitOps Runtimes_.<br>

The Argo CD applications created in Hosted GitOps Runtimes are the customer's responsibility. Codefresh Support is happy to assist as needed.

{: .table .table-bordered .table-hover}

| Item| Requirement|

| --------------| --------------|

|Kubernetes cluster| Server version 1.18 and higher to which to deploy applications|

|Git provider| {::nomarkdown}<ul><li>GitHub</li><!---<li>GitLab Cloud</li>--><li>Bitbucket Cloud</li><li>Gerrit</li></ul>{:/}|

|Kubernetes cluster| Server version 1.18|

|Target Kubernetes clusters| {::nomarkdown} <ul><li>At least one target cluster to which to deploy Argo CD applications. <br>The actual number of target clusters depends on package sizing.</li><li>Must have public access from Internet</li></ul>{:/}|

|Argo CD managed CRDs (Custom Resource Definitions)| Between 300 and 400 CRDs|

|Git provider| {::nomarkdown}<ul><li>GitHub</li><!---<li>GitLab Cloud</li>--><li>Bitbucket Cloud (contact Support)</li><li>Gerrit (contact Support)</li></ul>{:/}|

|Git repo for manifests| Up to 100MB|

|CMP (Cloud Management Platform) plugins| Only for Enterprise customers|

For a comparison between Hosted and Hybrid GitOps Runtimes, see[Hosted vs. Hybrid GitOps]({{site.baseurl}}/docs/installation/installation-options/#hosted-vshybrid-gitops).

If you have not provisioned a Hosted GitOps Runtime, Codefresh presents you with the setup instructions in the**Home** dashboard.

Connect your Hosted GitOps Runtime to a Git provider for Codefresh to create the required Git repos.

**Authorize access**

Based on the Git provider you select, you need to authorize access through OAuth or access token, and then select the Git organizations or accounts in which to create the required Git repos.

Based on the Git provider you select, you need to authorize access through OAuth oranaccess token, and then select the Git organizations or accounts in which to create the required Git repos.

**Git organizations/accounts**

Only authorized organizations are displayed in the list. To authorize organizations for the Codefresh application in GitHub, see[Authorize organizations/projects]({{site.baseurl}}/docs/administration/account-user-management/hosted-authorize-orgs/).

The CLI-based installation for Hybrid GitOps is considered legacy. We will deprecate this installation mode permanently in the coming months.<br>

You can migrate existing CLI-based GitOps Runtimes to Helm-based ones, as described in[Migrating GitOps Runtimes from CLI to Helm]({{site.baseurl}}/docs/installation/gitops/migrate-cli-runtimes-helm/).

This article walks you through the process of installing Hybrid GitOps Runtimes in your Codefresh accounts using Helm charts. You can install a single GitOps Runtime on a cluster. To install additional Runtimes in the same account, each account must be on a different cluster. Every Runtime within your account must have a unique name.

For Hosted GitOps Runtimes, see[Hosted GitOps Runtime Setup]({{site.baseurl}}/docs/installation/gitops/hosted-runtime/).

**Installation options for GitOps Runtimes**

There are two options for Hybrid GitOps Runtime installation via Helm, each catering to specific use cases:

***Clean cluster installation with only GitOps Runtime**

***Additional GitOps Runtime installation**

If you have already installed a GitOps Runtime in your account and want to install additional Runtimes on different clusters within the same account, you can continue with a[simplified installation](#install-additional-gitops-runtimes-in-account) from the Codefresh UI, or use[Terraform](/install-gitops-runtime-via-terraform).

When installing additional GitOps Runtimes, Git provider, Shared Configuration Repository, and the repository for the Helm chart, for example, are not required, as they have been already set up for your account.

Avoid changing the Argo CD password using the`argocd-initial-admin-secret` via the Argo CD UI. Doing so can cause system instability and disrupt the Codefresh platform.

title:"Installation options"

description:"UnderstandCodefresh installation options"

description:"Understanddifferent installation options supported by Codefresh"

group:installation

redirect_from:

-/docs/administration/installation-security/

toc:true

The Codefresh platform supportsthreedifferent installation options, all compliant with[SOC2 - Type2](https://us.aicpa.org/interestareas/frc/assuranceadvisoryservices/aicpasoc2report){:target="\_blank"}.

The Codefresh platform supports different installation options for Codefresh pipelines and Codefresh GitOps, all compliant with[SOC2 - Type2](https://us.aicpa.org/interestareas/frc/assuranceadvisoryservices/aicpasoc2report){:target="\_blank"}.

{% include image.html

lightbox="true"

%}

***Hybrid Runner**

The Runner installation is the hybrid installation mode for Codefresh pipelines. The Codefresh UI runs in the Codefresh cloud, and the builds run on customer premises. The Runner combines flexibility with security, and is optimal for Enterprise customers looking for a "behind-the-firewall" solution.

See[Hybrid Runner](#hybrid-runner).

***On-Premises**

On-Premises installation is for customers who want full control over their environments. Both the UI and the builds run on the Kubernetes cluster in an environment fully managed by you as our customer.

While Codefresh can still help with maintenance of the On-Premises platform, we would recommend the Hybrid Runner as it combines flexibility without compromising on security.

While Codefresh can still help with maintenance of the On-Premises platform, we would recommend the Hybrid Runnerinstallation for Codefresh piplinesas it combines flexibility without compromising on security.

See[On-premises](#on-premises).

**Codefresh GitOps installation options**

***GitOps**

GitOps installation is a full-featured solution for application deployments and releases powered by the Argo Project. Codefresh uses Argo CD, Argo Workflows, Argo Events, and Argo Rollouts, extended with unique functionality and features essential for enterprise deployments.

GitOps installations support Hosted and Hybrid options.

See[GitOps](#gitops).

GitOps is a full-featured solution for application deployments and releases powered by the Argo Project. Codefresh uses Argo CD, Argo Workflows, Argo Events, and Argo Rollouts, extended with unique functionality and features essential for enterprise deployments.

GitOps supports Hosted and Hybrid Runtime installation options.

See[GitOps](#gitops).

Cloud Builds for Codefresh pipelines are disabled for all accounts by default.

Account admins can request Codefresh to enable Cloud Builds for an account. There is no manual action required except to click on the Enable Cloud Builds button as shown below. The timeframe for the response is up to 24 hours.<br>

The Hybrid Runner installation is for organizations who want their source code to live within their premises, or have other security constraints. For implementation details, see[[Runner installation behind firewalls]({{site.baseurl}}/docs/installation/behind-the-firewall).

The UI runs on Codefresh infrastructure, while the builds happen in a Kubernetes cluster in the customer's premises.

For customers who want full control, Codefresh also offers on-premises installation. Both the UI and builds run on a Kubernetes cluster fully managed by the customer.

For customers who want full control over Codefresh pipelines, Codefresh also offers on-premises installation option. Both the UI and builds run on a Kubernetes cluster fully managed by the customer.

See[Codefresh On-Prem Installation & Configuration]({{site.baseurl}}/docs/installation/codefresh-on-prem).

Codefresh GitOpsalsosupports SaaS and hybrid installation options:

Codefresh GitOps supports SaaS and hybrid installation options for GitOps Runtimes. For the main differences between Hosted and Hybrid GitOps, see[Hosted vs. Hybird GitOps]({{site.baseurl}}/docs/installation/installation-options/#hosted-vshybrid-gitops).

The SaaS version of GitOps, Hosted GitOps has Argo CD installed in the Codefresh cluster.

Hosted GitOps Runtime is installed and provisionedin a Codefresh cluster, and managed by Codefresh.

TheHosted GitOps Runtime is installed and provisionedon a Codefresh cluster, and managed by Codefresh.

Hosted environments are full-cloud environments, where all updates and improvements are managed by Codefresh, with zero-maintenance overhead for you as the customer.

Currently, you can add one Hosted GitOps Runtime per account.

For the architecture, see[Hosted GitOps Runtime architecture]({{site.baseurl}}/docs/installation/runtime-architecture/).

The hybrid version of GitOps, has Argo CD installed in the customer's cluster.

Hybrid GitOps is installed in the customer's cluster, and managed by the customer.

TheHybrid GitOps Runtime is optimal for organizations with security constraints, wanting to manage CI/CD operations within their premises. Hybrid GitOps strikes the perfect balance between security, flexibility, and ease of use. Codefresh maintains and manages most aspects of the platform, apart from installing and upgrading Hybrid GitOps Runtimes which are managed by the customer.

TheHybrid GitOps Runtime is installed in the customer's cluster, and managed by the customer.

Hybrid GitOps is optimal for organizations with security constraints, wanting to manage CI/CD operations within their premises. Hybrid GitOps strikes the perfect balance between security, flexibility, and ease of use. Codefresh maintains and manages most aspects of the platform, apart from installing and upgrading Hybrid GitOps Runtimes which are managed by the customer.

{% include

max-width="70%"

%}

For more information on Hybrid GitOps, see[Hybrid GitOps Runtime requirements]({{site.baseurl}}/docs/installation/gitops/hybrid-gitops-helm-installation/#minimum-system-requirements) and[Hybrid GitOps Runtime Runtime installation]({{site.baseurl}}/docs/installation/gitops/hybrid-gitops-helm-installation/).

For more information on Hybrid GitOps, see[Hybrid GitOps Runtime requirements]({{site.baseurl}}/docs/installation/gitops/hybrid-gitops-helm-installation/#minimum-system-requirements) and[Hybrid GitOps Runtime Runtime installation]({{site.baseurl}}/docs/installation/gitops/hybrid-gitops-helm-installation/).

The table below highlights the main differences between Hosted and Hybrid GitOps.

The table below highlights the main differencesin functionality and resourcesbetween Hosted and Hybrid GitOps.

{: .table .table-bordered .table-hover}

| GitOps Functionality|Feature| Hosted| Hybrid|

|Feature|Functionality| Hosted| Hybrid|

| --------------| --------------|---------------| ---------------|

| Runtime| Installation| Provisioned by Codefresh| Provisioned by customer|

|| Runtime cluster| Managed by Codefresh| Managed by customer|

|| Number per account| Oneruntime| Multipleruntimes, one per cluster|

||External cluster|Managed by customer|Managed by customer|

|| Number per account| OneRuntime| MultipleRuntimes, one per cluster|

||Target cluster| {::nomarkdown}<ul><li>Managed by customer</li><li>Number supported depends on package size and can range from 5 to 20 or higher</li><li>Network access: Public access from internet</li></ul>{:/}| {::nomarkdown}<ul><li>Managed by customer</li><li>Any number</li><li>Network access: Public or private access</li></ul>{:/}|

|| Upgrade| Managed by Codefresh| Managed by customer|

|| Uninstall| Managed by customer| Managed by customer|

|Resources|Argo CD managed CRDs (Custom Resource Definitions)| Between 300 and 400 CRDs|Unlimited|

||Mono Git repo for manifests| Max size up to 100MB| Unlimited|

|| CMP (Cloud Management Platform) plugins|Only for Enterprise customers|N/A|

| Argo CD|| Codefresh cluster| Customer cluster|

| CI Ops| Delivery Pipelines|Not supported| Supported|

||Workflows| Not supported| Supported|

||Workflow Templates| Not supported| Supported|

| CD Ops|Applications| Supported| Supported|

| CD Ops|Applications|{::nomarkdown}<ul><li>Deployment supported only on target clusters</li><li>Self-healing interval: 90 seconds<br>See <ahref="https://argo-cd.readthedocs.io/en/stable/user-guide/auto_sync/#automatic-self-healing">Argo CD automatic self-healing</a></li></ul> {:/}| {::nomarkdown}<ul><li>Deployment supported on both in-cluster and target clusters</li><li>Self-healing interval: 5 seconds (Argo CD default)<br>See <ahref="https://argo-cd.readthedocs.io/en/stable/user-guide/auto_sync/#automatic-self-healing">Argo CD automatic self-healing</a></li></ul> {:/}|

||Image enrichment| Supported| Supported|

|| Rollouts| Supported| Supported|

|Integrations|| Supported| Supported|

|Dashboards|Home| Hostedruntime and deployments|Runtimes, deployments, Delivery Pipelines|

|Dashboards|Home| HostedRuntime and deployments|Runtimes, deployments, Delivery Pipelines|

||DORA metrics| Supported|Supported|

||Applications| Supported|Supported|

||GitOps Apps| Supported|Supported|

||GitOps Environments| Supported|Supported|

||GitOps Products| Supported|Supported|

Codefresh Runner and GitOps environments can co-exist giving you the best of both worlds.

{: .table .table-bordered .table-hover}

| Characteristic | Hybrid Runner | OnPremise | GitOps

| Characteristic | Hybrid Runner | OnPremises | GitOps

| --------------| ----------------------------|-------------------------| ----------------|

| Managed by| Codefresh and customer| Customer| Codefresh and customer|

| UI runs on| Public cloud| Private cluster| Public cloud|

[Architecture]({{site.baseurl}}/docs/installation/runtime-architecture/)

[Add Git Sources to GitOps Runtimes]({{site.baseurl}}/docs/installation/gitops/git-sources/)

[Shared ConfigurationRepositorysitory]({{site.baseurl}}/docs/installation/gitops/shared-configuration)

[Shared ConfigurationRepository]({{site.baseurl}}/docs/installation/gitops/shared-configuration)