High-Level Architecture
UAM is a microservice that is deployed as a Helm release in a Kubernetes cluster with its own release cycle. It is not included in the CloudBlue Commerce distribution package by default and must be installed to the platform separately.
The Identity Service consists of these three components:
- The UAM service UI, hosted on the UI node.
- The UAM service endpoint, hosted in a separate container on the service node with installed Kubernetes.
- The UAM service database, hosted on the Operations DB node.
Installation Prerequisites
Before installing the UAM service component, ensure that:
- CloudBlue Commerce platform 20.4 or later is installed.
- A service node with a Kubernetes cluster is configured and registered in the CloudBlue Commerce platform.
- The UAM service database is prepared.
Firewall Requirements
The following ports must be open:
| From | To | Protocol | Port | Purpose |
|---|---|---|---|---|
| CloudBlue Commerce management node | Microservice node | TCP | 8081 | For access to the UAM service endpoint (HTTPS is used for communication). |
| Microservice node | CloudBlue Commerce management node | TCP | 6308 | For access to the APSC. |
| Microservice node | UAM service database node | TCP | 5432 | For connection to the PostgreSQL database. |
Hardware Requirements
The minimum Kubernetes resources required for the microservice deployment, including on-premise Kubernetes cluster deployment, are as follows:
| Requests: | |
|
1000m |
|
768Mi |
| Limits: | |
|
4000m |
|
{{ .Values.resources.limits.memory }} |
How to Install the UAM Service
To install the UAM service component, complete the following steps:
- Log in to the management node under the root user through SSH.
- Run this command:
# helm install a8n/uam --name uam --set oauthkey=`uuidgen` --set oauthsecret=`uuidgen` --set dsdbname=<uam-db-name>--set dslogin=<uam-db-username> --set dspassword=`echo -n <uam-db-password| base64` --set dshost=<uam-db-host> --set dockerrepo="odindevops-a8n-docker.jfrog.io"
where:
uam-db-hostis the IP address or host name of the host where the UAM service database is located.uam-db-nameis the UAM service database name.uam-db-usernameis the UAM service database user's name.uam-db-passwordis the UAM service database user's password.
How to Upgrade the UAM Service to the Latest Version
To upgrade the UAM service component, complete the following steps:
- Log in to the management node under the root user through SSH.
-
Run these commands:
# helm repo update
# helm upgrade uam a8n/uam --version <new version>