This guide provides step-by-step instructions to deploy WSO2 Micro Integrator (MI) and Integration Control Plane (ICP) in a Kubernetes environment using Helm charts. Both MI and ICP will be deployed in the same namespace for seamless integration.
- Git: Install Git on your machine.
- Helm: Install Helm (version 3 or later) on your machine.
- Kubernetes Cluster: Ensure you have an operational Kubernetes cluster (e.g. AKS, EKS, GKE, or a local Kubernetes cluster).
- Ingress Controller: Deploy an ingress controller (e.g. NGINX Ingress Controller).
- Docker Images: Acquire WSO2 product Docker images. Push them to a container registry (e.g. ACR, ECR, GCR) if necessary.
- WSO2 Subscription: A valid WSO2 subscription is required to access Docker images from the WSO2 private registry. If you don't have a subscription, sign up for a WSO2 Free Trial Subscription .
You can utilize either Minikube or Rancher Desktop to establish a local Kubernetes cluster:
- Install Minikube by following the official documentation.
- Start a Minikube cluster:
minikube start
- Enable the NGINX ingress controller:
minikube addons enable ingress
- Install Rancher Desktop from the official website.
- Configure Rancher Desktop to use Kubernetes and set the desired Kubernetes version.
- Ensure the NGINX ingress controller is installed.
Clone the Helm chart repository containing the MI and ICP Helm charts:
git clone https://github.com/wso2/helm-mi.gitCheckout to your preferred MI runtime version branch:
cd helm-mi
git checkout origin/4.5.xCreate a unified namespace for both MI and ICP:
kubectl create namespace wso2-integration- Edit the
mi/values_local.yamlfile to configure MI-specific parameters. - Edit the
icp/values_local.yamlfile to configure ICP-specific parameters.
Important
The configurations described below apply to both MI and ICP deployments. Ensure that the parameters are correctly set in the respective values_local.yaml files for seamless functionality.
If you intend to use the WSO2 released server image, obtain a subscription and update the following configurations:
containerRegistry: "wso2"
wso2:
subscription:
username: "<username>"
password: "<password>"If you are using your own customized MI server images, set containerRegistry to the specific private docker registry:
containerRegistry: "<private-registry-name>"
wso2:
deployment:
imagePullSecrets: "<image-pull-secret>"
image:
repository: "<image-name>"
digest: "<image-digest>"
tag: "<image-tag>"
pullPolicy: IfNotPresentWhen running on a local Kubernetes cluster using a local image, leave this empty:
containerRegistry: ""
wso2:
deployment:
image:
repository: "<image-name>"
digest: "<image-digest>"
tag: "<image-tag>"
pullPolicy: IfNotPresentNote
The values_local.yaml is preconfigured to use a file-based user store by default. If you wish to proceed with this configuration, skip the following section.
- You can use default ADMIN user [username='admin', password='admin'] for testing purposes.
Example for READ ONLY LDAP:
wso2:
config:
userstore:
file:
enabled: false
ldap:
type: "read_only_ldap"
connectionUrl: "ldap://{hostname}:{port}"
connectionName: "uid=admin,ou=system"
connectionPassword: "admin"
userSearchBase: "ou=Users,dc=wso2,dc=org"Refer to MI documentation for complete list of parameters.
Example for MySQL:
wso2:
config:
userstore:
file:
enabled: false
rdbms:
url: "jdbc:mysql://{hostname}:{port}/userdb"
username: "<username>"
password: "<password>"
jdbc:
driver: "com.mysql.jdbc.Driver"
poolParameters:
maxActive: 50
maxWait: 60000Refer to MI documentation for more information on supporting RDBMS types.
Note
When using RDBMS, the JDBC driver must be added to the <SERVER_HOME>/lib folder. To achieve this, you need to build a custom server image.
Follow these steps below to add JDBC driver:
-
Create the Dockerfile
- BASE_IMAGE:
- MI:
wso2/wso2mi:4.5.0 - ICP:
wso2/wso2-integration-control-plane:1.0.0
- MI:
- WSO2_SERVER_HOME:
- MI:
/home/wso2carbon/wso2mi-4.5.0 - ICP:
/home/wso2carbon/wso2-integration-control-plane-1.0.0
- MI:
Example for MySQL:
FROM <BASE_IMAGE> USER root RUN apt-get update && \ apt-get install -y wget && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* ENV WSO2_SERVER_HOME=<WSO2_SERVER_HOME> RUN mkdir -p ${WSO2_SERVER_HOME}/lib ARG JDBC_DRIVER_URL=https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-8.0.33.tar.gz RUN wget -O /tmp/mysql-connector.tar.gz "${JDBC_DRIVER_URL}" && \ tar -xzf /tmp/mysql-connector.tar.gz -C /tmp && \ find /tmp -name "mysql-connector*.jar" -exec cp {} ${WSO2_SERVER_HOME}/lib/ \; && \ rm -rf /tmp/mysql-connector.tar.gz RUN chown -R wso2carbon:wso2 ${WSO2_SERVER_HOME}/lib && \ chmod -R 755 ${WSO2_SERVER_HOME}/lib USER wso2carbon
- BASE_IMAGE:
-
Build the image:
docker build -t customized-wso2-img:1.0.0 . -
Update the following configurations in
values_local.yaml:containerRegistry: "" wso2: deployment: image: repository: "customized-wso2-img" tag: "1.0.0" pullPolicy: IfNotPresent
Tip
For integration development, if you are using the MI VSCode extension, you can add JDBC drivers to MI server image by placing the JAR file in the <PROJECT_DIR>/deployment/libs folder and then clicking "Create Docker Image" under Deployment Options. This will build the Docker image and push it to the local registry.
- Add following instruction to '<PROJECT_DIR>/deployment/docker/Dockerfile'. Please make sure that only JDBC driver resides in '<PROJECT_DIR>/deployment/libs' folder.
- COPY libs/*.jar ${WSO2_SERVER_HOME}/lib/
Navigate to the mi directory and deploy MI using Helm:
cd mi
helm install wso2-mi ./ -f values_local.yaml --namespace wso2-integrationNavigate to the icp directory and deploy ICP using Helm:
cd icp
helm install wso2-icp ./ -f values_local.yaml --namespace wso2-integrationEnsure all pods are running:
kubectl get pods -n wso2-integrationVerify that services are exposed:
kubectl get svc -n wso2-integrationConfirm ingress resources:
kubectl get ingress -n wso2-integrationTip
The HOST of the Ingress is the hostname specified in the values_local.yaml file. The default values are,
- MI : mi.wso2.com
- ICP : icp.wso2.com
kubectl logs <pod-name> -n wso2-integrationPlease follow these steps
-
Get the external IP (EXTERNAL-IP) of the Ingress resources by listing the Kubernetes ingresses.
kubectl get ingress -n wso2-integration
-
Add the host information to your /etc/hosts file.
<EXTERNAL-IP> mi.wso2.com <EXTERNAL-IP> icp.wso2.com
-
Now you can access as follows
- Access the ICP dashboard at
https://icp.wso2.com/login. - Invoke the MI integrations as
curl https://mi.wso2.com/<resource-path> -k.
- Access the ICP dashboard at
You can also invoke the MI integration solutions and ICP without going through the Ingress controller by using the port-forward method for services.
For ICP:
kubectl port-forward service/cloud-wso2-icp -n wso2-integration 8080:9743Then, you can access the ICP dashboard at https://localhost:8080/login.
For MI Integrations:
kubectl port-forward service/cloud-wso2-mi -n wso2-integration 8290:8290Then, you can invoke the MI integrations as curl https://localhost:8290/<resource-path> -k.
Provision a Kubernetes cluster using a CSP (e.g., AKS, EKS, GKE). Follow the respective CSP official documentation for cluster setup.
Push the WSO2 product Docker images to the CSP's container registry (e.g., ACR for Azure, ECR for AWS, GCR for Google Cloud).
Update the values.yaml files for MI and ICP to use the container registry paths and CSP-specific configurations (e.g. storage classes, load balancer annotations).
Follow the same deployment steps as in the local setup, ensuring the values.yaml files are updated for the CSP environment.
Validate the deployment and access the applications using the CSP's load balancer or ingress configurations.
-
Amazon Elastic Kubernetes Service (EKS)
Refer EKS Configs section to configure the required parameters to run MI in EKS.
-
Azure Kubernetes Service (AKS)
Refer AKS Configs section to configure the required parameters to run MI in AKS.
-
Google Kubernetes Engine (GKE)
Refer GKE Configs section to configure the required parameters to run MI in GKE.
To delete the deployments:
helm uninstall wso2-mi -n wso2-integration
helm uninstall wso2-icp -n wso2-integration
kubectl delete namespace wso2-integrationThis guide provides a foundational setup. For advanced configurations, refer to the CONFIG.md and EXAMPLES.md files in the respective Helm chart directories.