Hello everyone. Is there any example of a values.y...
# ory-selfhosting
m
Hello everyone. Is there any example of a values.yaml of kratos and hydra working together? I have stood up hydra and kratos using helm charts and pushed it to kubernetes (aks). But would love for them to work together in kubernetes.
t
Hi @many-alligator-19004 We have Kratos and Hydra working within Kubernetes, there's not really any specific configuration needed to be honest.
m
Yes I have them working as well in Kubernetes, the question is there a example of them working together aka
hydra-integration
with kratos in Kubernetes kinda looking for a vaules.yaml example of it. If anyone could help out that would be great. Thank you
t
Sorry, I might not have explained myself too well. From a helm values.yaml perspective, there isn't any configuration that links Hydra and Kratos together as they're independent services so no examples exist (at least from my prior research) If you're after a working end-to-end setup to see, the best place is the
hydra-integration
that you mentioned, although based on docker-compose, it'll give you an idea of how the two work together from an authentication flow perspective.
m
Okay sounds good. Thank you for replying. I took a look at it hopefully I get them working together here soon.
t
No problem, we've got it all working here now, so any questions feel free to drop me a message 👍
a
sorry to jump on this, but I'm just learning helm and unsure on getting kratos actually running. Its all working in docker-compose fine, but with helm I'm confused on how do I pass the identitySchemas as seperate files (or any recommended way). any help hugely appreciated!
m
Also check out this community project for the kratos & hydra integration: https://github.com/atreya2011/go-kratos-test
t
There's two sections you need within your
values.yaml
The
identity
block within your config, and then the
identitySchemas
Below is a trimmed down version to give you an idea
Copy code
kratos:
  config:
    identity:
      default_schema_id: default
      schemas:
      - id: default
        url: file:///etc/config/identity.default.schema.json 
  identitySchemas:
    identity.default.schema.json: |
      {
        "$id": "<https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json>",
        "$schema": "<http://json-schema.org/draft-07/schema#>",
        "title": "Person",
        "type": "object",
        <snip>
      }
a
cheers. I really wanted to keep the schemas in seperate json files but Im about to give up on that idea 😄
t
That's possible, it's something we do ourselves. How are you deploying your helm at the moment? manually with
helm install
or using something like Flux or Argo? We're using flux HelmReleases, and store the schemas in configmaps, which get loaded in via
valuesFrom
keeps the config cleaner, and allows us to manage them as separate json files
a
atm just helm install as still learning
i'll give vaaluesFrom a read!
t
valuesFrom
is a flux feature, so wouldn't work for you unless you were running flux If you're running helm cli, you can chain values files together, so you could have the schemas in specific files
helm install -f value.yaml -f identity-schema-one.yaml -f identity-schema-two.yaml
a
hmm good point. I have my schemas in json but I guess I could rewrite them
bit annoying as we use them currently to hack away at supporting multi-schema until kratos supports it properly so that parser will also have to be changed 😮
t
You can still keep them as json
In each values file, it'll just be formatted like;
identity-schema-one.yaml
Copy code
kratos:
  identitySchemas:
    identity.one.schema.json: |
      {
        "$id": "<https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json>",
        "$schema": "<http://json-schema.org/draft-07/schema#>",
        "title": "Person",
        "type": "object",
        <snip>
      }
identity-schema-two.yaml
Copy code
kratos:
  identitySchemas:
    identity.two.schema.json: |
      {
        "$id": "<https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json>",
        "$schema": "<http://json-schema.org/draft-07/schema#>",
        "title": "Person",
        "type": "object",
        <snip>
      }
and then helm will merge the values yaml together
a
Yeah, I've ended up just copying it over as i still have to change the parser to treat the file as yaml and then get the JSON before parsing that
thanks for your help, hugely appreciated