Deployment
Social Registry Deployment
The instructions here pertain to the deployment of all Social Registry and associated components on the Kubernetes cluster using Helm charts. All the components are installed in the same namespace. The deployment may be achieved by the following methods:
Prerequisites
Before you deploy, make sure the following are in place:
✅ Kubernetes cluster is up and running
✅ Nginx server is configured (skip this for OpenG2P-in-a-box)
✅ Namespace is created (via Rancher under a Project)
✅ Project Owner access on the OpenG2P namespace
✅ Istio gateway is set up in the namespace
Installation using Rancher UI
Log in to Rancher admin console.
Select your cluster.
Under Apps -> Repositories click on Create to add a repository.
Provide Name as
openg2p
and target HTTPS Index URL as https://openg2p.github.io/openg2p-helm/rancher and click Create.To display prerelease versions of OpenG2P apps, click on your user avatar in the upper right corner of the Rancher dashboard. Then click on
Include Prerelease Versions
under Preferences under Helm Charts.Select the namespace in which you would like to install Social Registry, from the namespace filter on the top-right.
Navigate to Apps->Charts page on Rancher. You should see
OpenG2P Social Registry
Helm charts listed.Note: You can ignore "Part 2" as it refers to an older version of the Helm chart
Proceed to Install
OpenG2P Social Registry
chart select the latest version to be installed, and click Install.On the next screen, choose a name for installation, like
social-registry
. Select the checkboxCustomise Helm options
before install, and click Next.Go through each app's configuration page, and configure the following:
Configure a hostname for each app in the following way.
<appname>.<base-hostname>
, where base hostname is the wildcard hostname chosen during Istio namespace setup. Example:socialregistry.dev.openg2p.org
andodk-sr.dev.openg2p.org
, etc.<appname>
is arbitrary - default names have been provided.Keycloak Base Url is your organization-wide Keycloak URL. (Ex: keycloak.<your domain>.org)
OIDC Client details are asked. Create Keycloak Client, refer to Keycloak Client Creation guide.
To change the docker image from the default image, click on
Edit YAML
table and update the following section in Helm. Note: This step is required only if you have separate docker image to be deployed or else you can go with default one skip this step.image: pullPolicy: Always repository: openg2p/openg2p-social-registry-odoo-package tag: 17.0-develop-social-registry
To pull docker from a private repository on Docker Hub, follow guide here. Note: This step is required only if you have separate private docker image to be deployed or else you can go with default one skip this step.
Click Next to reach Helm Options page. Disable
wait
flag. Click on Install.Wait for all the pods to get into Running state. This may take several minutes.
Installation using the command line
Install the following utilities on your machine:
kubectl
,istioctl
,helm
,jq
,curl
,wget
,git
,bash
,envsubst
.
To Be Done
Post Installation
Keycloak
Assigning roles to users
Create Keycloak client roles for the following components and assign them to users:
Assigning roles to clients
For Social Registry to be able to access Keymanager APIs, create a realm role in Keycloak with the name "KEYMANAGER_ADMIN" and assign this as a service account role to the Social Registry Keycloak client.
Odoo
Follow with Odoo post-install guide to activate Odoo modules.
Last updated
Was this helpful?