/k8s-wso2is-operator

Identity Server Kubernetes Controller

Primary LanguageGoApache License 2.0Apache-2.0

WSO2 Identity Server - K8S Operator

The following CRD operator can be used to deploy WSO2 IS on your Kubernates Cluster. If you want to deploy the Identity Server via Helm operator please refer to the given link: https://github.com/wso2/kubernetes-is

Key benefits

  • Auto healing
  • Ability to make a test clusters
  • Ability to provision multiple ISs on same cluster
  • Custom Keystore addition
  • Ability to mount custom deployment TOML files
  • Seameless updates

Prerequisites (Development)

System Architecture

enter image description here

External Database Setup

Please follow the instructions given in the documentation to setup the external MySQL databases

Databases to be created

  • WSO2_IDENTITY_DB
  • WSO2_SHARED_DB
  • WSO2_CONSENT_DB (Optional)
  • WSO2_BPS_DB (Optional)

Development Environment Setup

Please follow the following instructions to install Operator-SDK in your development environment.

brew install operator-sdk

Clone the repository by running the following command

git clone https://github.com/wso2/k8s-wso2is-operator.git

Navigate to the project directory

cd k8s-wso2is-operator

Run the following command to install dependancies

make install

Apply the CRDs by running the following command

kubectl apply -f config/crd/bases/iam.wso2.com_wso2is.yaml
kubectl apply -f config/crd/bases/iam.wso2.com_userstores.yaml

Feel free to change any configurations at config/samples/wso2_v1_wso2is.yaml Once you do the config changes apply the config by running

kubectl apply -f config/samples/wso2_v1_wso2is.yaml

Finally run the following command to run the operator in your cluster

make run

Installation

It is possible to deploy a stand alone version of the IS Operator in your cluster as well. You many follow the given steps in order to setup correctly.

Prerequisites

  1. Kubernetes Cluster
  2. Required databases configured, and it should be accessible by all pods
  3. A persistence volume has be configured with ReadWriteMany permission
  4. Also you will need to have an Ingress ready to route requests from your endpoint to service, your ingress can vary from cloud provider to provider.

Run the given command within your cluster

kubectl apply -f https://raw.githubusercontent.com/wso2/k8s-wso2is-operator/main/artifacts/operator.yaml

For step by step instructions on setting up, please refer to the two articles that we've published

Finally you may apply your own configurations by refering to the formats given in samples https://github.com/wso2/k8s-wso2is-operator/tree/main/config/samples