Try with Helm
Deploy Hanzo IAM on Kubernetes using Helm for manageable, scalable deployments.
This page describes how to deploy Hanzo IAM on Kubernetes using Helm.
Prerequisites
- A running Kubernetes cluster
- Helm v3
Installation
Step 1: Install the Hanzo IAM chart
Install the Hanzo IAM Helm chart:
helm install iam oci://registry-1.docker.io/casbin/iam-helm-charts --version v1.702.0
### Step 2: Access Hanzo IAM
After installation, use the service URL provided by your cluster to access Hanzo IAM.
### Customization
Override [values.yaml](https://github.com/iam/iam-helm/blob/master/charts/iam/values.yaml) to customize the deployment. Key parameters:
| Parameter | Description | Default Value |
|----------------------------------------------|---------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------|
| `replicaCount` | Number of replicas of the Hanzo IAM application to run. | `1` |
| `image.repository` | Repository for the Hanzo IAM Docker image. | `casbin` |
| `image.name` | Name of the Hanzo IAM Docker image. | `iam` |
| `image.pullPolicy` | Pull policy for the Hanzo IAM Docker image. | `IfNotPresent` |
| `image.tag` | Tag for the Hanzo IAM Docker image. | `""` |
| `config` | Configuration settings for the Hanzo IAM application. | See [config](https://github.com/iam/iam-helm/blob/master/charts/iam/values.yaml) field |
| `database.driver` | Database driver to use (supports mysql, postgres, cockroachdb, sqlite3). | `sqlite3` |
| `database.user` | Database username. | `""` |
| `database.password` | Database password. | `""` |
| `database.host` | Database host. | `""` |
| `database.port` | Database port. | `""` |
| `database.databaseName` | Name of the database used by Hanzo IAM. | `iam` |
| `database.sslMode` | SSL mode for the database connection. | `disable` |
| `service.type` | Type of Kubernetes service to create for Hanzo IAM (ClusterIP, NodePort, LoadBalancer, etc.). | `ClusterIP` |
| `service.port` | Port number for the Hanzo IAM service. | `8000` |
| `ingress.enabled` | Whether to enable Ingress for Hanzo IAM. | `false` |
| `ingress.annotations` | Annotations for the Ingress resource. | `\{\}` |
| `ingress.hosts` | Hostnames for the Ingress resource. | `[]` |
| `resources` | Resource requests and limits for the Hanzo IAM container. | `\{\}` |
| `autoscaling.enabled` | Whether to enable Horizontal Pod Autoscaler for Hanzo IAM. | `false` |
| `autoscaling.minReplicas` | Minimum number of replicas for Horizontal Pod Autoscaler. | `1` |
| `autoscaling.maxReplicas` | Maximum number of replicas for Horizontal Pod Autoscaler. | `100` |
| `autoscaling.targetCPUUtilizationPercentage` | Target CPU utilization percentage for Horizontal Pod Autoscaler. | `80` |
| `nodeSelector` | Node labels for pod assignment. | `\{\}` |
| `tolerations` | Toleration labels for pod assignment. | `[]` |
| `affinity` | Affinity settings for pod assignment. | `\{\}` |
| `extraContainersEnabled` | Whether to enable additional sidecar containers. | `false` |
| `extraContainers` | Additional sidecar containers. | `""` |
| `extraVolumeMounts` | Additional volume mounts for the Hanzo IAM container. | `[]` |
| `extraVolumes` | Additional volumes for the Hanzo IAM container. | `[]` |
| `envFromSecret` | Provide Environment variable from secret. | `[\{name:"",secretName:"",key:""\}]` |
| `envFromConfigmap` | Provide Environment variable from configmap. | `[\{name:"",configmapName:"",key:""\}]` |
| `envFrom` | Provide Environment variable from entire secret or configmap. | `[\{name:"",type:"configmap \| secret"\}]` |
### Managing the deployment
Upgrade:
```shell
helm upgrade iam oci://registry-1.docker.io/casbin/iam-helm-charts --version <version>
Uninstall:
```shell
helm uninstall iam
For more options, see the [Helm](https://helm.sh/docs/) and [Kubernetes](https://kubernetes.io/docs/) documentation.How is this guide?
Last updated on