Setting up a basic pipeline for WSO2 Identity Server on Kubernetes is quick and simple.
Before you begin to develop your pipeline, set up the following prerequisites in a running Kubernetes cluster.
Install and set up Helm (Supported version 2.14.3)
NginxIngress Controller Git release nginx-0.22.0
Deploy the CI/CD pipeline
- Download the values.yaml file and replace the following placeholders with relevant values
- <REGISTRY_USERNAME> - Docker organization name.
- <REGISTRY_PASSWORD> - Docker password.
- <REGISTRY_EMAIL> - Email address of Docker organization.
- <EMAIL> - Email address notifications should be sent to in case of failure.
- <GITHUB_USERNAME> - GitHub username
- <GITHUB_PASSWORD> - GitHub password or token
Add the WSO2 helm repository.
Install the pipeline Helm chart by pointing to the updated values-is-pattern-1.yaml file.Warning: The installation may take up to 10 minutes.In following steps, example.com refers to the default domain name. If the default host has been overridden, change the domain name accordingly.
Obtain the external IP (`EXTERNAL-IP`) of the Ingress resources by listing down the Kubernetes Ingresses.
NAME HOSTS ADDRESS PORTS AGE <RELEASE_NAME>-grafana grafana.example.com <EXTERNAL_IP> 80 20m <RELEASE_NAME>-kibana kibana.example.com <EXTERNAL_IP> 80 20m <RELEASE_NAME>-spinnaker-deck spinnaker.example.com <EXTERNAL_IP> 80, 443 20m <RELEASE_NAME>-spinnaker-gate gate.spinnaker.example.com <EXTERNAL_IP> 80, 443 20m jenkins-ingress jenkins.example.com <EXTERNAL_IP> 80, 443 20m
Add the above hosts as an entry in /etc/hosts as follows and save the file
- Navigate to the following URLs on any web browser:
Create and upload an SSL certificate to AWS, which is required to initiate the SSL handshake for HTTPS. Please see AWS Load Balancing documentation for further details.
Create a key pair for the desired region, which is required to SSH to instances. (Skip this step if you want to use an existing key pair) See Amazon EC2 Key Pairs document for further details.
- Create an IAM role and attach policy created in Step4.
A first-time AWS user should have a policy created to set permissions when creating a pipeline.
To create a policy follow the below steps.
- Go to
IAM service consolein AWS.
- Click on
Policiesand then click on
- When page load switch to
- Copy-paste the below JSON code.
- Click on
- Go to
Login to AWS Console.
Navigate to AWS Cloudformation page. Click on
Use the Amazon S3 URL[ https://aws-cicd-jenkins-templates.s3.amazonaws.com/wso2is-5.8.0-quickStart.yaml] on
Specify the stack details. Leave values filled by default. Give an appropriate name for the stack and fill in the required values under the
Cluster Configuration: Mandatory to fill all the fields here. Add the IAM role name created in prerequisites section for IAM Role field.
Database Configuration: Enter the database username and password. This will be used to create the login for RDS instance
WSO2 Subscription Credentials: You may skip this if you do not have a valid WSO2 subscription or if you do not require wum updates.
SSL Certificate Name: Add the SSL Certificate name created in the prerequisites section.
Key Pair Name: Add the key pair created in the prerequisites section.
Jenkins console login Password: Enter a password to login to the Jenkins console
Email: Better to include email to receive notifications on pipeline
Once you have filled in the required fields, click
“Next”and proceed with ‘Configure stack options’ options. Once you have completed, click the
“Next” button, review your stack information thoroughly and Edit if needed, and
click “Create stack”.
It might take a few minutes (~8 minutes) to create the stack. Once the status of the stack changes to CREATE_COMPLETE, click the
"Output" tabto get the JenkinsConsoleURL.
Log in to the JenkinsConsoleURL with the password you provided in Step 02 under Jenkins console login Password . The default
username is admin
After you have logged in, click on the job
“Run”on the pop-up window to start the pipeline for configured product and its current version.
You can view the pipeline progress under the
pipelinetab in the view. Each step will be displayed with relevant logs.
Approve and select “OK” on the “Approve Staging” stage pop-up to deploy the product into the staging environment. Once the deployment to staging is completed Approve and select “OK” on the “Approve Production” stage pop-up to deploy the product into the production environment.
Once the deployment to environments is complete, you will be able to see three stacks, namely ‘dev’, ‘staging’ and ‘prod’ on your AWS Cloudformation console. Click on the "Outputs" tab of each stack to get the Management Console URL of each environment.