This article goes through some of the basics of Kubernetes, specifically WSO2 Identity Server deployment.
Let’s be friends:
Comment (0)
Join the DZone community and get the full member experience.
Kubernetes is a system with several concepts. such as deployment, ingress, service, service account. All those components work together to make a single solution. With this post, I will be going through each of these components by analyzing the problem they are trying to solve. Also, I will be using a Wso2 Identity Server example to provide a hands-on experience.
Clone the repository: https://github.com/Buddhimah/identity-kubernetes
Setup the following:
Start the minikube cluster
If you are using macOS please go to
System Preferences -> Security & Privacy -> Allow -> Then allow the software corporation (in this case Oracle) [1]
In VirtualBox installation
To enable the NGINX Ingress controller, run the following command:
Add wso2is to /etc/hosts
Let’s assume that our Kubernetes cluster is used by many users and has thousands of containers. In this case, the cluster will be more manageable if we can logically separate the cluster into a few partitions. This requirement is provided by the cluster using the concept namespace. Namespace separates resources of the cluster logically. But still, a resource in one namespace can communicate with a service in another namespace. This gives the capability to each namespace to maintain its own resources, authentication, and authorization policies and constraints. For the wso2 identity server example, you can create the namespace using the command
Kubernetes handle access control through service accounts. Each namespace has a default service account. This service account has the capability to authenticate the resources in the namespace and make it possible to communicate with Kubernetes API servers. When we create a service account the token controller observes that. Then it creates a secret that enables the k8s API server access. This secret will be added to the pods in that namespace referencing the service account.
You can create a simple service account using the following command
Each and every application has its own set of configurations in most cases these configurations are provided through files.