SRExpert
HomeFeaturesRoadmapRelease NotesPricingTry NowBlogContact
Start Free
SRExpert
  • Home
  • Features
  • Roadmap
  • Release Notes
  • Pricing
  • Try Now
  • Blog
  • Contact
  • Help & Docs
  • Release notes
  • Terms & Policy
Start Free
  1. Home
  2. Blog
  3. How to Set Up SRExpert in 5 Minutes
Tutorial

How to Set Up SRExpert in 5 Minutes

Deploy SRExpert on your Kubernetes cluster in 5 minutes with Helm. Step-by-step guide covering installation, configuration, cluster integration (including behind firewalls), and team setup.

SRExpert EngineeringApril 1, 2026 · 8 min read

Why Teams Need a Unified Kubernetes Platform

Managing Kubernetes at scale means juggling kubectl, monitoring dashboards, alerting tools, security scanners, and compliance reports — often across multiple clusters. SRExpert consolidates all of that into a single self-hosted platform that runs inside your own infrastructure.

This guide walks you through the complete setup: from Helm installation to adding your first cluster. The entire process takes about 5 minutes if you already have a Kubernetes cluster running.

Prerequisites

Before you begin, make sure you have:

  • Kubernetes cluster running version 1.25 or higher (tested through 1.30)
  • kubectl configured and connected to your cluster
  • Helm v3.x installed
  • StorageClass configured for Persistent Volumes
  • Ingress Controller installed (NGINX recommended)
  • Cert-Manager recommended for automatic TLS certificates
  • Metrics Server recommended for resource monitoring

Minimum cluster resources: 2 CPU cores, 4 GB memory, 20 GB disk (recommended: 4 cores, 8 GB, 50 GB).

SRExpert runs on any Kubernetes distribution — AWS EKS, Azure AKS, GCP GKE, DigitalOcean DOKS, Linode, on-premise (kubeadm, k3s, RKE/RKE2, OpenShift), and even local environments like minikube, kind, or Docker Desktop.

Step 1: Install SRExpert via Helm

Add the Helm Repository

Fetch the latest SRExpert charts from our private registry:

helm repo add srexpert-helm https://nexus.srexpert.io/repository/srexpert-helm/
helm repo update

Create the Namespace

kubectl create namespace srexpert

Deploy the Backend

First, create a values-backend.yaml with your configuration. The most critical setting is frontendUrl — it must match the exact domain where your SRExpert frontend will be accessible:

frontendUrl: https://srexpert.yourdomain.com

This URL is used by the backend to generate links in password recovery emails, Stripe payment redirects, and team invitation links. If misconfigured, all of these will break. Make sure it uses https:// and does not include a trailing slash.

Now deploy:

helm upgrade --install srexpert-backend srexpert-helm/srexpert-backend \
  --namespace srexpert \
  -f values-backend.yaml

Wait for PostgreSQL and the backend pods to be ready before proceeding.

Deploy the Frontend

Create a values-frontend.yaml configuring your ingress:

hosts:
  - host: srexpert.yourdomain.com
    paths:
      - path: /api/v1/
        pathType: Prefix
        backend: srexpert-backend
        backendPort: 8000
      - path: /
        pathType: Prefix
tls:
  - secretName: srexpert-tls
    hosts:
      - srexpert.yourdomain.com

Deploy the frontend:

helm upgrade --install srexpert-frontend srexpert-helm/srexpert-frontend \
  --namespace srexpert \
  -f values-frontend.yaml

Verify the Installation

kubectl get pods -n srexpert
kubectl get svc -n srexpert
kubectl get ingress -n srexpert

All pods should show Running status. Your SRExpert instance is now accessible at the domain you configured in the ingress.

Persistent Volume requirements:

ComponentMinimum SizePurpose
PostgreSQL10 GiDatabase storage
Redis2 GiCache and sessions
Helm Cache5 GiChart repository caching

Check PVC status with kubectl get pvc -n srexpert.

Step 2: Network Whitelist

Your cluster needs outbound HTTPS access (port 443) to three endpoints:

EndpointPurpose
registry.srexpert.ioContainer images
nexus.srexpert.ioHelm charts
backoffice-api.srexpert.ioLicensing and activation

If your cluster runs behind a corporate proxy or firewall, add these to your allow list before proceeding.

Step 3: Register Your Account

Open your browser and navigate to the domain you configured — for example, https://srexpert.yourdomain.com.

On the login page, click "Don't have an account yet? Register here" and fill in:

  • Name — your full name
  • Email — this becomes your login credential
  • Company — your organization name
  • Password — minimum 8 characters with letters and numbers

After registering, you can log in and access the SRExpert dashboard. It will be empty — time to connect your clusters.

Step 4: Add Your First Cluster

Navigate to Settings → Cluster Management → Add Cluster. SRExpert offers three methods to connect clusters:

Method 1: Generic Kubernetes (Agent) — Recommended

This is the recommended method, especially for clusters behind firewalls, NAT, or private networks. The agent establishes a reverse tunnel to your SRExpert instance, so no inbound ports need to be opened.

  1. Select Generic Kubernetes in the wizard
  2. Enter a cluster name and optional region
  3. SRExpert generates a unique install command with a registration token
  4. Run the command on your target cluster with kubectl
  5. The agent connects within 60 seconds

The agent installs as a DaemonSet in the srexpert-system namespace and only requires outbound HTTPS access to your SRExpert instance. It works behind firewalls, NAT, VPNs, and private networks without exposing your Kubernetes API to the internet.

This is what makes SRExpert different from tools that require direct API access — you can monitor clusters in air-gapped environments, on-premise data centers, or behind strict corporate firewalls without any network changes.

Method 2: Cloud Provider Integration

If you run EKS, AKS, or GKE, SRExpert can import clusters directly using cloud provider credentials:

  1. Select your cloud provider (AWS, Azure, or GCP)
  2. Provide API credentials (access keys, service principal, or service account JSON)
  3. SRExpert auto-discovers all available clusters
  4. Select the clusters you want to import
  5. Credentials are stored encrypted

Method 3: Kubeconfig (Manual)

For clusters with direct API access from the SRExpert backend:

  1. Enter cluster details
  2. Paste your kubeconfig YAML (get it with kubectl config view --raw)
  3. Test the connection
  4. Save

Note: The kubeconfig method requires the Kubernetes API to be reachable from the SRExpert backend pod. For clusters behind firewalls, use the Agent method instead.

After adding a cluster via any method, it appears in your dashboard with Connected status and data collection begins within 1–2 minutes.

Step 5: Explore the Dashboard

Once your cluster is connected, the dashboard comes alive with:

  • Workload overview — deployments, pods, services, jobs, and their health status at a glance
  • Resource monitoring — CPU, memory, disk, and network metrics across nodes and namespaces
  • Security scanning — container image vulnerabilities, misconfigurations, and secrets detection
  • Alerting — set up smart alerts with noise reduction so you only get paged when it matters
  • Compliance — run SOC 2, HIPAA, and PCI-DSS checks against your clusters
  • Helm management — browse, install, and manage Helm charts from the UI
  • RBAC visualization — see who has access to what across your clusters
  • AI diagnostics — ask the built-in AI assistant about failing workloads and get root cause analysis

For a complete walkthrough of every feature, visit docs.srexpert.cloud.

Step 6: Invite Your Team

Go to Settings → Users and click Invite User. Enter their email, assign a role (Admin, Editor, or Viewer), and send the invitation. They will receive an email to complete their registration.

For larger teams, create Groups under Settings → Groups and assign cluster permissions at the group level instead of per user. This is the recommended approach for organizations with more than a few engineers.

SRExpert also supports SSO via Azure AD, Okta, and Google Workspace on Professional plans and above. Configure it under Settings → Authentication → SSO. See the SSO setup guide for details.

Optional: Upgrade Your Plan

The Starter plan is free and includes 1 user, 1 group, and 1 cluster with full feature access. When your team grows, upgrade from Settings → Billing → Upgrade Plan:

PlanUsersClustersPrice
Starter11Free
Professional55€89/mo
Business2020€399/mo
EnterpriseUnlimitedUnlimitedCustom

Annual billing saves 20%. All plans include a 14-day money-back guarantee. See our pricing page for full details.

What You Just Set Up

In about 5 minutes, you deployed a platform that replaces what most teams build by stitching together 4–6 separate tools:

  • Monitoring — no more switching between Grafana, Prometheus, and kubectl
  • Alerting — built-in smart alerts instead of a separate PagerDuty/OpsGenie setup
  • Security — vulnerability scanning and compliance without Trivy, Falco, or Polaris running separately
  • Helm management — a visual chart browser instead of CLI-only workflows
  • RBAC — clear visibility into permissions without decoding YAML
  • AI diagnostics — root cause analysis without scrolling through thousands of log lines

That is the SRExpert value proposition: one platform, one namespace, full visibility.

Next Steps

  • Explore all platform capabilities on our features page
  • Read the full documentation for advanced configuration
  • Check our roadmap to see what is coming next
  • Set up notification plugins for Slack, Teams, or email alerts
  • Try the SRE CLI for command-line power users

Need help? Open a ticket at our support portal or reach us at [email protected].

Your team deserves better than a pile of disconnected tools. You just took the first step toward unified Kubernetes operations.

Related Articles

Security

Kubernetes Compliance Without Spreadsheets: How to Automate SOC 2, HIPAA, and PCI-DSS

Teams still use spreadsheets and manual evidence collection to prove Kubernetes compliance. Traditional compliance tools miss K8s operations, and K8s tools miss compliance. Learn how SRExpert closes the gap with automated CIS benchmarks, framework mapping, continuous scanning, and audit-ready reports for SOC 2, HIPAA, PCI-DSS, and ISO 27001.

Apr 1, 2026 14 min
Tools

FreeLens vs OpenLens vs Lens: Which Fork Should You Use in 2026?

The Lens Kubernetes IDE has split into three products: Lens (Mirantis, paid), OpenLens (community fork, mostly unmaintained), and FreeLens (active community fork). We compare all three on features, pricing, and maintenance, and explain why the real question is not which fork to choose but whether a desktop IDE is still what your team needs.

Apr 1, 2026 12 min
In This Article
  • Why Teams Need a Unified Kubernetes Platform
  • Prerequisites
  • Step 1: Install SRExpert via Helm
  • Add the Helm Repository
  • Create the Namespace
  • Deploy the Backend
  • Deploy the Frontend
  • Verify the Installation
  • Step 2: Network Whitelist
  • Step 3: Register Your Account
  • Step 4: Add Your First Cluster
  • Method 1: Generic Kubernetes (Agent) — Recommended
  • Method 2: Cloud Provider Integration
  • Method 3: Kubeconfig (Manual)
  • Step 5: Explore the Dashboard
  • Step 6: Invite Your Team
  • Optional: Upgrade Your Plan
  • What You Just Set Up
  • Next Steps
Tags
KubernetesSRExpertSetupHelmTutorialInstallationGetting StartedDevOps
Need Help?

Want to learn how SRExpert can help your team manage Kubernetes at scale?

Contact Us
SRExpert

Advanced Kubernetes Platform
Reduce noise, find root causes, and cut MTTR.

Subscribe to our Newsletter

Quick Links

  • Features
  • Pricing
  • Roadmap
  • Release Notes
  • Documentation
  • Try Now
  • Contact

Contact

  • R. Daciano Baptista Marques, 245 - 4400-617 - Vila N. de Gaia - Porto
  • [email protected]
  • +351 225 500 233
Privacy PolicyTerms and ConditionsContact Us

Copyright © 2026 Privum Group.