Install the Curity Identity Server with Helm

Install the Curity Identity Server with Helm

tutorials

Introduction

Helm is a package manager for Kubernetes resources, comparable to other package managers such as Apt, Yum or Homebrew. Helm assists in installing and managing the lifecycle of a Kubernetes release.

Curity provides a Helm package, also called Helm chart, for the Curity Identity Server. The chart takes care of configuring and installing a cluster with the desired number of runtime nodes. All in a single command. When installing this chart the release creates the following resources for a runtime node in the Kubernetes cluster:

  • A Deployment
  • A Service

Make yourself familiar with Kubernetes concepts: Concepts - Kubernetes

In this tutorial we will show you how to quickly install the chart by providing a password.

Prerequisites

You need a Kubernetes cluster and a local installation of Helm.

Installing the Helm Chart

In this quickstart you will perform the following steps:

  • add and update a new chart repository
  • install the curity/idsvr chart
  • with the latest release of the Curity Identity Server and
  • your own admin password.

When installing the Helm chart for the very first time add Curity to the list of chart repositories:

1
$ helm repo add curity https://curityio.github.io/idsvr-helm/

We will make sure that our repository is up to date before installing the chart.

1
$ helm repo update

Install the chart. We have to provide a password but we also specify to use the latest Docker image and want to enable the admin UI.

1
2
3
4
$ helm install idsvr-tutorial curity/idsvr \
    --set image.tag=latest \
    --set curity.config.password=Secr3t \
    --set curity.config.uiEnabled=true

Give it some time to finish setting up the cluster. You can check the status of the pods using Kubernetes command kubectl. Note the list of pods that are not ready yet and study their status.

1
2
3
4
$ kubectl get pods --namespace default --selector="app.kubernetes.io/instance=idsvr-tutorial"
NAME                                      READY   STATUS    RESTARTS   AGE
idsvr-tutorial-admin-96cdb5bd6-fnb4b      0/1     Running   0          5s
idsvr-tutorial-runtime-7c69bf6dc6-xkfzh   0/1     Running   0          5s

Configure portforwarding for your pod to be able to access the Admin UI by following the instructions from the Helm chart installation.

1
2
$ export POD_NAME=$(kubectl get pods --namespace default -l "role=idsvr-tutorial-admin,app.kubernetes.io/instance=idsvr-tutorial" -o jsonpath="{.items[0].metadata.name}")
$ kubectl port-forward $POD_NAME 6749:6749

Browse to https://localhost:6749/admin to open the Admin UI.

Congratulations, you installed the chart curity/idsvr and created a release called idsvr-tutorial.

Uninstalling the Chart

To clean up uninstall and delete the resources created by this tutorial with the following command:

1
$ helm delete idsvr-tutorial

Summary

You learned how to create a cluster of the Curity Identity Server by using the Helm chart. The release created by Helm included one admin node and one runtime node. The nodes are based on the Docker image curity/idsvr:latest. The image was downloaded if not yet present. You specified an initial password for the admin service and enabled the Admin UI on the admin node.

The Helm chart took care of the cluster configuration and created a cluster encryption key used for securing the communication between the admin and runtime node.

Resources

If you want to learn more about Helm continue with Clustering using the Helm Chart

The Helm chart and its related documentation as well as the source code can be found on GitHub.

Let’s Stay in Touch!

Get the latest on identity management, API Security and authentication straight to your inbox.

Was this page helpful?