Startup & login

Accessing Horizon

Once the Horizon deployment is up and running, you can expose it to access the web UI and start configuring the instance.

By default, Horizon will expose a plain HTTP endpoint on port 9000 and an HTTPS endpoint on port 9443 (serving a self-signed certificate, unless configured otherwise).

Expose locally with a port forward

Recommended for testing and debugging, this is the fastest way to connect to your Horizon instance. The idea is to map a local port of your host computer to the remote port of the Horizon container.

To do so, run:

kubectl port-forward <horizon pod name> 9000:9000

Horizon will then be available on http://localhost:9000. A more in-depth tutorial on port forwarding can be found here.

Expose through an ingress controller

When an ingress controller is configured in your cluster, this is the proper way to access Horizon. To deploy an ingress alongside Horizon, set the ingress.enabled key to true in the Helm Chart’s values override.

Logging in for the first time

Upon the first startup, an administrator account will be generated for you to log in. This account has the administrator username and a random password stored on disk, on the master Horizon pod.

To find out the randomly generated password, run:

kubectl exec $(kubectl get pods -n <namespace> -l "app.kubernetes.io/name=horizon" --sort-by={.status.podIP} -o jsonpath="{.items[0].metadata.name}") -n <namespace> -- /bin/sh -c "cat /tmp/tmp.*/adminPassword"

It is highly recommended to create a dedicated administration account and delete the default one, or at least modify the default administrator password.