Deploying Veramo on Azure using Terraform and Helm (Part 2): ): A Step-by-Step guide for deploying a DID and Verifiable Credentials framework
In this article we will learn how to deploy Veramo Agent to Azure Kubernetes Service using Helm. It assumes that you have already created the necessary infrastructure on Azure. If not, you can follow part 1 of this article to do so.
Prerequisites
- Azure Kubernetes Service (AKS)
- Azure Container Registry (ACR)
- Helm
- Git
- Docker
- Azure cli (az)
Create a Docker image for Veramo Agent and push to ACR
Open a terminal on your local machine and clone veramo-agent-deploy repository from Github:
git clone https://github.com/uport-project/veramo-agent-deploy.gitChange to the veramo-agent-deploy repository and run the following commands to create a Docker image in your container registry.
cd veramo-agent-deploy
docker login <myregistry.azurecr.io>If everything was configured correctly you should see an output as follows:
We are now ready to build and push the image to our ACR.
However, during our build process we encountered a problem that the agent-explore is incompatible with the node 19 i.e. the node version given in the Docker file.
There is a pull request that on Veramo-agent-deploy GitHub that should fix this issue, until this pull request is merged, the fastest work around is to downgrade the node version given in the Docker file to node:18. Your new Docker file should read as follows:
FROM node:18
WORKDIR /usr/src/app
COPY package.json .
COPY yarn.lock .
ADD config config
RUN yarn install --production
CMD ["yarn", "start"]
EXPOSE 3332Once logged into your ACR using the docker login command you can build the image using:
docker build -t veramoregistry.azurecr.io/veramo-agent .This command should produce an output as follows:
We are now ready to push our image into azure container registry (ACR).
You can do so by running the following command in your terminal:
docker push veramoregistry.azurecr.io/veramo-agent:latestYou should see the following output:
Helm Chart for Veramo Agent
Inside veramo-agent-deploy directory create a new folder titledhelm
mkdir helmCreate the following files in the helm folder:
1 — chart.yaml
apiVersion: v2
name: veramoAgent
description: A Helm chart for Kubernetes
type: application
version: 0.1.0
appVersion: '1.16.0'2 — values.yaml
appName: vcagent
port: 3332
namespace: default
configmap:
name: veramo-configmap-v1.0
data:
customHeader: 'This app was deployed with helm!'
configmapName: veramoAgentConfigMapV1.1
replicaCount: 1
image:
name: veramoregistry.azurecr.io/veramo-agent
tag: latest3 — values-dev.yaml
namespace: default
configmap:
data:
CUSTOM_HEADER: 'This is on the DEV environment!'
replicaCount: 14 — templates/configmap.yaml
Please replace the values in <> with specific values from your environment
kind: ConfigMap
apiVersion: v1
metadata:
name: {{ .Values.configmap.name }}
namespace: {{ .Values.namespace }}
data:
SECRET_KEY: '<yoursecretkeyTOEncryptDatabase>'
API_KEY: '<YourAPIKey>'
AGENT_PATH: '/agent'
PORT: '3332'
MESSAGING_PATH: '/messaging'
DATABASE_URL: "postgresql://<username>:<password>@<linktoYourpostgressDB>/postgres"
BASE_URL: "<domainAddressWhereVermaoAgentIsHosted>"5 — templates/deployments.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.appName }}
namespace: {{ .Values.namespace }}
labels:
app: {{ .Values.appName }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ .Values.appName }}
tier: backend
template:
metadata:
labels:
app: {{ .Values.appName }}
tier: backend
spec: # Pod spec
containers:
- name: {{ .Values.appName }}-container
image: {{ .Values.image.name }}:{{ .Values.image.tag }}
ports:
- containerPort: {{ .Values.port }}
envFrom:
- configMapRef:
name: {{ .Values.configmap.name }}
resources:
limits:
memory: '512Mi'
cpu: '500m'6 — templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.appName }}
namespace: {{ .Values.namespace }}
labels:
app: {{ .Values.appName }}
spec:
ports:
- port: {{ .Values.port }}
targetPort: {{ .Values.port }}
protocol: TCP
name: {{ .Values.appName }}-service
selector:
app: {{ .Values.appName }}
tier: backend7 — templates/ingress.yaml
Please note that we assume that you already have a domain and tls certificate. If not, you can follow this excellent guide in order to set up a tls certificate using Let’s Encrypt. Our ingress.yaml file is given below:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Values.appName }}-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: nginx
tls:
- hosts:
- {{ .Values.appName }}.<yourcustomdomain.com> # replace with your domain name
secretName: tls-certificate-secret # replace with your tls secret name
rules:
- host: {{ .Values.appName }}.<yourcustomdomain.com> # replace with ur domain name
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ .Values.appName }}
port:
number: {{ .Values.port }}Deploy Veramo Agent to AKS using Helm
Please download and install kubeconfig from AKS before continuing:
az aks get-credentials --resource-group <yourResourceGroupName> --name <aksClusterName>If you followed the guide in Part 1 the command will be as follows:
az aks get-credentials --resource-group veramo-resource-group --name veramo-clusterNow we are ready to deploy Veramo agent using Helm. Please change to the root of the veramo-agent-deploy repository in your terminal and run the following command.
helm upgrade --install veramo-agent helm/ --values helm/values.yaml -f helm/values-dev.yamlYou should see the following output:
Congratulations you have successfully deployed Veramo Agent and Veramo Explorer on Azure Kubernetes Service.
If you have any further questions, please contact us at info@iso-gruppe.com.
