https://www.ory.sh/ logo
Join Slack
Powered by
Hello all can anyone guide me how to deploy ory k...
# ory-selfhosting
c
Hello all can anyone guide me how to deploy ory kratos on kubernetes?
g
If you want to use helm --> https://k8s.ory.sh/helm/kratos.html
c
what to enter in base_url it will be application url or kratos url?
g
All configuration explanation can be found here for what goes into "kratos": https://www.ory.sh/docs/kratos/reference/configuration When it comes to the serve parameters --> base_urls correspond to the URLs for your public and admin endpoint.
Where the admin URL should probably only be accessible internally. In my k8s implementation I just refer to the k8s service http://kratos-admin.namespace.svc.cluster.local
c
okay thanks
Ory.Kratos.Client.Client.ApiException: 'Error calling CreateNativeRegistrationFlow: The SSL connection could not be established, see inner exception.'
I am getting this error
g
Since it mentions ssl, you might have to use https?
c
yess I am using https
and I have install ssl certs also for the same
but still giving the error
g
I'm not sure how to help you from there on 😄. It's unclear which service or pod or ... is statnig the error
c
I am looking into that only I will let u know
g
do you have ingress enabled?
c
yess I have enabled the ingress
can you please tell me in public base_url it will be application login page url
?
or the domain i map to ingress load balancer ip?
g
the base url is not the same as the login page url. The base url is the endpoint on which your Kratos server/api can be reached
This will likely be something new, so you might have to create the correct DNS settings etc.
c
okay
do u have any doc or something for deploying kratos on k8s?
g
https://k8s.ory.sh/helm/kratos.html mostly contains what you need. It will create two services public and admin (and ingress if you enable them) that can then be used by your application.
c
here can you verify that in base_url i have enter domain where my kratos hosted and in self service i have entered application login page url. is it right?
g
this might indeed be fine 🙂. I am not sure how you handle SSL certificates however, this needs to done by for example cloudflare or by adding the correct tls settings to the values.yaml file. You also need to verify that your DNS settings are correct so traffic to both subdomains is routed towards your loadbalancer.
c
okay thanks
Hello Thijs I have deployed ory kratos successfully on k8s thanks for ur support but I am having one issue . can you please help?
g
Mayank, in no way am I an expert, but you can always feel free to send me a DM 😄 .
c
😅
Thanks like I just want to ask that in verification block i want to disable session token verification is there any configuration changes available in helm?
g
I am not entirely sure what you are asking, but I believe this to be purely Kratos configuration rather than it being helm specific 🙂. Can you maybe elaborate a bit more? Are you talking about email verification?
19 Views
Open in Slack
PreviousNext
Powered by