Getting Started
This section describes some common deployment methods:
- A single golang binary plus a (mergable set of) YAML configuration file(s).
- A docker/podman compose file.
- A helm-chart, see Helm Chart.
Docker/Podman Compose Setup
NATS accounts must be created locally (with access to keys) and then pushed to the target NATS server. This section is intended as an example/rough-guide and assumes the NATS infrastructure as described in the nats-infra repo is up and running.
1. Create the MYAPP-MINT auth-callout account
export OPERATOR_NAME=local-operator
export ACCOUNT_NAME=MYAPP-MINT
export NATS_CONTAINER=infra-team-nats-1
export NSC_CONTAINER=infra-team-nsc-admin-1
export OUTPUT_DIR=./nats-secrets
echo Creating account $ACCOUNT_NAME
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/jr200/nats-infra/main/scripts/nats-create-account.sh)"
echo Enabling auth-callout for $ACCOUNT_NAME
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/jr200/nats-infra/main/scripts/nats-enable-auth-callout.sh)"
echo Fetching signing keys for $ACCOUNT_NAME
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/jr200/nats-infra/main/scripts/nats-fetch-signing-creds.sh)"2. Create the MYAPP account
export OPERATOR_NAME=local-operator
export ACCOUNT_NAME=MYAPP
export NATS_CONTAINER=infra-team-nats-1
export NSC_CONTAINER=infra-team-nsc-admin-1
export OUTPUT_DIR=./nats-secrets
echo Creating account $ACCOUNT_NAME
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/jr200/nats-infra/main/scripts/nats-create-account.sh)"
echo Fetching signing keys for $ACCOUNT_NAME
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/jr200/nats-infra/main/scripts/nats-fetch-signing-creds.sh)"3. Start the nats-iam broker instance
podman compose -f compose-iam.yml -p dev-team up -dKubernetes Setup
See the Helm Chart page for deploying on Kubernetes using the official Helm chart.