Skip to main content

Deployment on Kubernetes with Helm

To deploy the RSA on Kubernetes we will utilize a packaged Helm solution to deploy the container itself as well as the additional components required to run on that platform. See the Helm Documentation for more details. These instructions support both the 2.X and 3.X versions of the Helm command line tool.

As this project is built on top of the JAVA Spring framework, it utilizes a common IDENTOS Helm chart used for deploying Spring applications.

To deploy an RSA:

  1. Enable the IDENTOS Helm chart repository:

    $ helm repo add identos

  2. Deploy using the following command to a namespace called 'my-namespace' using the configuration file 'configuration.yaml'

    $ helm upgrade --install rsa identos/spring -n my-namespace -f configuration.yaml


Configuration for a Helm chart is provided as a YAML formatted file. The following table lists the configuration parameters, a description and their default values. These properties are common between both the RSA and the RSA Admin API.


Note that a valid ingress controller must be installed within your Kubernetes environment to make use of the ingress element.


Currently, the RSA and RSA Admin API are deployed via separate Helm charts.

Common Helm Chart Properties

suffixOptionally override the fully qualified name.""
replicasThe number of replicas to create.1
image.repositoryThe RSA docker container
image.tagOverrides the docker container image version. This value can be changed later as required to point to an exact version.latest
image.pullPolicyThe image pull policy. Refer to the Kubernetes reference documentation for more information.IfNotPresent
image.credentialsSecret name containing docker credentials for private repository.nil
application.enableHTTPSOption to disable SSL termination, self signed certificate will be used.false
application.portPort number for the service to run under.8080
application.configFull configuration for docker container see OIDC Configuration or LDAP Configuration for details.""
ingress.enabledFlag to enable or disable ingress element creation for service.false
ingress.annotationsAnnotations to apply to ingress element.[]
ingress.hostHostname for the ingress element to listen on.""
resourcesPod resource requests and limits.{}
mysql.enabledEnable MySQL helm chart dependency.IfNotPresent
mysql.*See Configuration for details-
deployment.annotationsAny Kubernetes annotations to apply to the deployment object used for this application.{}