Deploy OpenIAM to OpenShift cluster with Helm

This section describes how to deploy OpenIAM to an OpenShift cluster using Helm.

Deploying OpenIAM to OpenShift cluster with Helm

All documentation pertaining to deploying OpenIAM to Kubernetes can be found here.

This repository contains all the necessary code to deploy to the above-mentioned platforms, using helm.

To check out the repository:

git clone git@bitbucket.org:openiam/kubernetes-docker-configuration.git
cd kubernetes-docker-configuration
git checkout RELEASE-4.2.1.3

Deploying to OpenShift with Helm

Example on Ubuntu 20.04

Install Helm

  1. Install helm v3.3.4
https://github.com/helm/helm/releases/tag/v3.3.4

For linux:

1) Download https://get.helm.sh/helm-v3.3.4-linux-amd64.tar.gz
2) Unpack it (tar -zxvf helm-v3.3.4-linux-amd64.tar.gz)
3) Find the helm binary in the unpacked directory, and move it to its desired destination (mv linux-amd64/helm /usr/local/bin/helm)

Login in az

az login

You will be redirected to microsoft login page in browser. After successfully login in you will see the following message:

The default web browser has been opened at https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize. Please continue the login in the web browser. If no web browser is available or if the web browser fails to open, use device code flow with `az login --use-device-code`.
[
{
"cloudName": "AzureCloud",
"homeTenantId": "***************************",
"id": "***************************",
"isDefault": true,
"managedByTenants": [],
"name": "***************************",
"state": "Enabled",
"tenantId": "***************************",
"user": {
"name": "***************************",
"type": "user"
}
}
]

Login in oc

oc login

You will get the following message:

You must obtain an API token by visiting https://oauth-openshift.apps.********.********.aroapp.io/oauth/token/request

Go to page and get the login command with API token. It will look as follows:

oc login --token=sha256~****************** --server=https://api.********.************.aroapp.io:6443

After successfull authentication, you will see the following message:

Logged into "https://api.********.***********.aroapp.io:6443" as "kube:admin" using the token provided.
You have access to 65 projects, the list has been suppressed. You can list all projects using 'oc projects'
Using project "default".

Running startup script

Check deploy steps from kubernetes-docker-configuration/openshift/helm/linux/README.md before running a deploy script.

Set required properties in kubernetes-docker-configuration/openshift/helm/linux/set_env.sh

cd kubernetes-docker-configuration/openshift/helm/linux
./setup-helm.sh