user-system/kubernetes/user-management/README.md

User Management System - Helm Chart

Kubernetes Helm Chart for deploying the User Management System.

Prerequisites

• Kubernetes 1.19+
• Helm 3.2.0+
• ingress-nginx controller (for Ingress)
• cert-manager (for TLS, optional)

Installation

# Add the repository
helm repo add user-management https://charts.example.com
helm repo update

# Install the chart
helm install user-management user-management/user-management \
  --set config.jwtSecret="your-secret-key" \
  --set config.adminEmail="admin@example.com"

Using with Custom Values

# Create a values file
cat > values.yaml << EOF
replicaCount: 2

config:
  jwtSecret: "your-production-secret-key"
  adminEmail: "admin@example.com"
  logLevel: "warn"

ingress:
  enabled: true
  hosts:
    - host: ums.example.com
      paths:
        - path: /
  tls:
    - secretName: ums-tls
      hosts:
        - ums.example.com

resources:
  limits:
    cpu: 1000m
    memory: 1Gi
EOF

# Install with custom values
helm install user-management user-management/user-management -f values.yaml

Configuration

Parameter	Description	Default
replicaCount	Number of replicas	1
image.repository	Docker image repository	user-management
image.tag	Docker image tag	latest
service.type	Service type	ClusterIP
service.port	Service port	8080
ingress.enabled	Enable Ingress	true
ingress.className	Ingress class	nginx
config.jwtSecret	JWT signing secret (required)	""
config.adminEmail	Admin email	admin@example.com
config.logLevel	Log level	info
resources.limits.cpu	CPU limit	500m
resources.limits.memory	Memory limit	512Mi
persistence.enabled	Enable PVC	true
persistence.size	PVC size	5Gi
autoscaling.enabled	Enable HPA	false
autoscaling.minReplicas	Min replicas	1
autoscaling.maxReplicas	Max replicas	3

Production Best Practices

1. Use TLS

helm install user-management user-management/user-management \
  --set config.jwtSecret="$(openssl rand -base64 32)" \
  --set ingress.enabled=true \
  --set ingress.tls[0].secretName=ums-tls \
  --set ingress.tls[0].hosts[0]=ums.example.com

2. Set Resource Limits

helm install user-management user-management/user-management \
  --set resources.limits.cpu="1000m" \
  --set resources.limits.memory="1Gi" \
  --set resources.requests.cpu="250m" \
  --set resources.requests.memory="512Mi"

3. Enable Autoscaling

helm install user-management user-management/user-management \
  --set autoscaling.enabled=true \
  --set autoscaling.minReplicas=2 \
  --set autoscaling.maxReplicas=10 \
  --set autoscaling.targetCPUUtilizationPercentage=70

4. Use a Strong JWT Secret

# Generate a secure random secret
JWT_SECRET=$(openssl rand -base64 32 | tr -d '\n')

helm install user-management user-management/user-management \
  --set config.jwtSecret="$JWT_SECRET"

Upgrading

# Upgrade to a new version
helm upgrade user-management user-management/user-management

# Upgrade with new values
helm upgrade user-management user-management/user-management \
  --set config.logLevel="debug"

Uninstall

helm uninstall user-management

# Note: PVC data persists by default. To delete all data:
kubectl delete pvc -l app.kubernetes.io/name=user-management

Troubleshooting

Pod not starting

# Check pod status
kubectl get pods -l app.kubernetes.io/name=user-management

# View pod logs
kubectl logs -l app.kubernetes.io/name=user-management

# Describe pod for events
kubectl describe pod -l app.kubernetes.io/name=user-management

Ingress not working

# Check ingress controller
kubectl get pods -n ingress-nginx

# Check ingress resource
kubectl get ingress -l app.kubernetes.io/name=user-management

# Check certificate
kubectl get certificate -l app.kubernetes.io/name=user-management

License

Internal use only.