feat(hydra): mise en place du stockage des session redis sur la stack hydra, et correction logout sur hydra-oidc #31
|
@ -1 +1,8 @@
|
|||
# Documentation
|
||||
# Documentation
|
||||
|
||||
### Redis
|
||||
|
||||
Les applications `hydra-dispatcher`, `hydra-sql` et `hydra-oidc` stockent dorénavant le cache et les sessions utilisateur sur un serveur Redis.
|
||||
Le DSN du serveur est défini dans leur variable d'environnement respective `REDIS_DSN`.
|
||||
Les applications peuvent utiliser le mode `sentinel`` de redis
|
||||
Il est donc nécessaire donc nécessaire de disposer d'un serveur Redis pour utiliser ces applications.
|
||||
|
|
|
@ -15,7 +15,7 @@ L'exemple est actuellement déployé avec le composant `hydra-saml` uniquement.
|
|||
2. Déployer les opérateurs nécessaires au déploiement
|
||||
|
||||
```
|
||||
kubectl kustomize --enable-helm ./examples/k8s/kind/cluster | kubectl apply -f -
|
||||
kubectl apply -k ./examples/k8s/kind/cluster --server-side
|
||||
```
|
||||
|
||||
3. Déployer l'application
|
||||
|
|
|
@ -3,6 +3,7 @@ kind: Kustomization
|
|||
resources:
|
||||
- https://github.com/jetstack/cert-manager/releases/download/v1.13.2/cert-manager.yaml
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
|
||||
- https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
|
||||
|
||||
patchesJson6902:
|
||||
|
@ -11,4 +12,4 @@ patchesJson6902:
|
|||
kind: ConfigMap
|
||||
name: ingress-nginx-controller
|
||||
namespace: ingress-nginx
|
||||
path: patches/nginx-controller.yaml
|
||||
path: patches/nginx-controller.yaml
|
||||
|
|
|
@ -4,6 +4,7 @@ kind: Kustomization
|
|||
resources:
|
||||
- ../../resources/hydra
|
||||
- ../../resources/hydra-dispatcher
|
||||
- patches/sso-redis.yaml
|
||||
|
||||
labels:
|
||||
- pairs:
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
apiVersion: databases.spotahome.com/v1
|
||||
kind: RedisFailover
|
||||
metadata:
|
||||
name: sso-redis
|
||||
spec:
|
||||
sentinel:
|
||||
replicas: 3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
limits:
|
||||
memory: 100Mi
|
||||
redis:
|
||||
replicas: 3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 100Mi
|
||||
limits:
|
||||
cpu: 400m
|
||||
memory: 500Mi
|
|
@ -14,4 +14,4 @@ hydra:
|
|||
api_method: "%env(string:HYDRA_DISPATCHER_WEBHOOK_API_METHOD)%"
|
||||
firewall:
|
||||
additional_properties: "%env(bool:HYDRA_DISPATCHER_FIREWALL_ADDITIONAL_PROPERTIES)%"
|
||||
rules: {}
|
||||
rules: {}
|
||||
|
|
|
@ -21,7 +21,7 @@ configMapGenerator:
|
|||
- COOKIE_PATH=/
|
||||
- DEFAULT_LOCALE=fr
|
||||
- APP_LOCALES=fr,en
|
||||
- REDIS_DSN= redis://redis:6379?&prefix=hydradispatcher&ttl=3600
|
||||
- REDIS_DSN="redis://rfs-sso-redis:26379?&redis_sentinel=mymaster"
|
||||
- name: hydra-dispatcher-apps
|
||||
files:
|
||||
- apps.yaml=./files/hydra/default.yaml
|
||||
|
|
Loading…
Reference in New Issue