Ory Kratos Helm Chart
The Ory Kratos Helm Chart helps you deploy Ory Kratos on Kubernetes using Helm.
Installation
To install Ory Kratos, the following values must be set (documentation):
kratos.config.secrets.default
kratos.config.dsn
You can create a values.yaml
file to set the required values, like so:
kratos:
config:
dsn: postgres://foo:[email protected]:5432/db
secrets:
default:
- dolore occaecat nostrud Ut
- sit et commodoaute ut voluptate consectetur Duis
Install Ory Kratos by running this command:
$ helm install \
...
-f values.yaml \
ory/kratos
Ory Kratos Configuration
You can pass your
Ory Kratos configuration file
by creating a yaml file with key kratos.config
# kratos-config.yaml
kratos:
config:
# e.g.:
log:
level: trace
# ...
and passing that as a value override to helm:
$ helm install -f ./path/to/kratos-config.yaml ory/kratos
Helm Chart Configuration
For the full list of chart values, please refer to the Ory Kratos Helm Chart README, or the values.yaml directly
Additionally, the following extra settings are available:
kratos.autoMigrate
(bool): If enabled, aninitContainer
runningkratos migrate sql
will be created.kratos.development
(bool): If enabled, kratos will run with--dev
argument.secret.enabled
(bool): Iftrue
(default), a Kubernetes Secret is created (containsdsn
,secretsCookie
andsecretsDefault
). Also generatessecretsCookie
andsecretsDefault
unless already set.secret.nameOverride
(string): Lets you override the name of the secret to be usedingress.admin.enabled
(bool): If enabled, an ingress is created on admin endpointingress.public.enabled
(bool): If enabled, an ingress is created on public endpoint Check values.yaml for more configuration options.
Custom Secrets
secret:
# -- switch to false to prevent creating the secret
enabled: false
# -- Provide custom name of existing secret, or custom name of secret to be created
nameOverride: "my-custom-secret"
Remember: In this case, you are responsible for supplying the required values, which need to be in the same format that the created secret uses. For more details please take a look here.
Upgrade
From 0.18.0
Since this version we support only kubernetes >= v1.18 for the ingress definition.
If you enabled ingresses you need to migrate values from:
ingress:
public:
hosts:
- host: kratos.public.local.com
paths: ['/']
admin:
hosts:
- host: kratos.admin.local.com
paths: ['/']
to
ingress:
public:
className: ''
hosts:
- host: kratos.public.local.com
paths:
- path: /
pathType: ImplementationSpecific
admin:
className: ''
hosts:
- host: kratos.admin.local.com
paths:
- path: /
pathType: ImplementationSpecific
where changes are on:
- introduce the
className
to specify the ingress class documentation that need to be used - change
paths
definition from an array of strings to an array of objects, where each object include thepath
and thepathType
(see path matching documentation)