Skip to main content
Flyte uses PostgreSQL as its relational store. FlyteAdmin stores workflow registrations, execution records, named entities (launch plans, workflows, tasks), and project/domain metadata. DataCatalog stores cached task output metadata in the same PostgreSQL instance (separate database or separate schema).

Supported versions

Flyte requires PostgreSQL 10 or later. PostgreSQL 13+ is recommended for new deployments.

Connection configuration

flyte-binary

configuration:
  database:
    username: postgres
    password: "<DB_PASSWORD>"    # Creates a K8s Secret automatically
    host: "my-db.us-east-1.rds.amazonaws.com"
    port: 5432
    dbname: flyteadmin
    options: sslmode=require     # sslmode=disable for local dev only

flyte-core (via inline config)

configmap:
  db:
    database:
      port: 5432
      username: postgres
      password: <DB_PASSWORD>
      host: my-db.us-east-1.rds.amazonaws.com
      dbname: flyteadmin
      options: sslmode=require
      log:
        level: 5

Inline stow format

For advanced connection options, use the full postgres config: 
configuration:
  inline:
    database:
      postgres:
        username: postgres
        password: postgres
        host: 127.0.0.1
        port: 5432
        dbname: flyte
        options: "sslmode=disable"

SSL configuration

sslmode valueWhen to use
disableLocal development only
requireEncrypts traffic but does not verify the certificate
verify-caVerifies the certificate is signed by a trusted CA
verify-fullVerifies certificate and hostname (recommended for production)
For RDS, use sslmode=require at minimum. To use verify-full, mount the RDS CA bundle and set: 
options: "sslmode=verify-full sslrootcert=/etc/ssl/rds-ca.pem"

Connection pooling

Flyte uses the gorm library with database/sql underneath. The connection pool is configurable: 
configuration:
  inline:
    database:
      postgres:
        maxOpenConnections: 10
        maxIdleConnections: 10
        connMaxLifeTime: 1h
For high-throughput clusters, add PgBouncer in front of your PostgreSQL instance. PgBouncer in transaction pooling mode significantly reduces the number of actual connections to PostgreSQL. 
# Example values if using PgBouncer as a sidecar or separate service
configuration:
  database:
    host: pgbouncer.flyte.svc.cluster.local
    port: 5432
    options: sslmode=disable pool_mode=transaction

Schema migrations

Flyte runs database migrations automatically at startup. Migrations are idempotent and can be re-run safely. The migration binary is embedded in the flyteadmin container. If you prefer to manage migrations manually: 
# Run migrations as a one-off Job before deploying Flyte
kubectl run flyteadmin-migrate \
  --image=cr.flyte.org/flyteorg/flyteadmin:v1.16.4 \
  --restart=Never \
  --env="FLYTE_DATABASE_POSTGRES_HOST=my-db" \
  --env="FLYTE_DATABASE_POSTGRES_PASSWORD=secret" \
  -- flyteadmin --config /etc/flyte/config/*.yaml migrate run

RDS recommendations

Start with db.t3.medium (2 vCPU, 4 GB) for development. For production clusters with >100 concurrent executions, use db.r6g.large or larger.
Enable Multi-AZ deployments for production. RDS Multi-AZ provides automatic failover with ~60 second downtime.
Enable automated backups with a retention period of at least 7 days. Consider cross-region backup replication for disaster recovery.
Use gp3 storage for new RDS instances. Enable storage autoscaling to avoid running out of disk space as the execution history grows.
Restrict the RDS security group to allow inbound PostgreSQL (port 5432) only from the EKS node security group or pod CIDR.

Cloud SQL recommendations (GCP)

  • Use PostgreSQL 14 or 15 on Cloud SQL
  • Enable the Cloud SQL Auth Proxy as a sidecar if using private IP connectivity
  • Enable automatic backups and point-in-time recovery
  • Use the cloudsql-postgres database flag for log_min_duration_statement to capture slow queries

Checking database health

# Check FlyteAdmin logs for DB connection errors
kubectl logs -n flyte deployment/flyteadmin --since=5m | grep -i database

# Port-forward to the RDS instance for direct inspection
kubectl -n flyte port-forward service/flyteadmin 5432:5432  # only if PostgreSQL sidecar
psql -h localhost -U postgres -d flyteadmin -c "\dt"

Database tables reference

FlyteAdmin creates the following tables in the configured database:
TableContent
projectsProject registrations
execution_eventsExecution phase transition history
executionsWorkflow execution records
launch_plansRegistered launch plans
workflowsRegistered workflow definitions
tasksRegistered task definitions
named_entitiesNamed entity metadata
resourcesProject/domain resource attributes
scheduled_executionsScheduler records

Build docs developers (and LLMs) love

Get started for freeTalk to us