Skip to content

Environment Set Up

Purpose

This section prepares your platform and tooling so you can build, deploy and run an IA node using Kubernetes and Helm charts. Before building or starting any components, your environment must meet the required platform and tooling standards.

Stage 1 - Prepare the Environment (Helm / Kubernetes)

How to Complete This Stage

  • Clone the NDTP helm-charts repository
  • Install Kubernetes and deploy with a local Minikube server
  • Install Helm
  • Install the kubectl command line tools for Kubernetes
  • Install the Istio service mesh using a Helm chart

1.1 Supported Platform

Supported operating systems

  • Linux
  • Windows with WSL2 only

macOS is not officially supported for this deployment pattern.

1.2 WSL2 requirements (Windows Only)

If using Windows:

  • Run inside WSL2.
  • Work from the WSL Linux filesystem (for example ~/src).
  • Do not run this guide from /mnt/c.

Docker containers rely on native Linux filesystem semantics which are not reliably provided by the Windows-mounted filesystem under WSL2. Running from /mnt/c can cause:

  • Permission inconsistencies
  • Volume mount failures
  • File watcher instability
  • Significant performance degradation
  • Intermittent container startup issues

Always work inside your Linux home directory:

mkdir -p ~/src
cd ~/src

All clone, build, and Docker operations should occur within this directory.

1.3 Required tools

The following tools must be installed and available in your shell:

  • cURL

1.4 Clone the helm-charts repository

Clone the repo to create local copies of the Helm charts used in this guide:

git clone https://github.com/National-Digital-Twin/helm-charts.git

As of 17/03/2026, this guide applies to the 'develop' branch.

Check out to the develop branch:

git checkout develop
1.5 Local deployment with Minikube

This How-To guide uses Minikube. Minikube is a local Kubernetes server. Alternatives include Kind.

Download and install minikube:

curl -LO https://github.com/kubernetes/minikube/releases/latest/download/minikube-linux-amd64

sudo install minikube-linux-amd64 /usr/local/bin/minikube && rm minikube-linux-amd64

See also https://minikube.sigs.k8s.io/docs/start/

1.5 Download and install kubectl

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"

sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

See also https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/

1.7 Install Helm

Install Helm:

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4
chmod 700 get_helm.sh
./get_helm.sh

See https://helm.sh/docs/intro/install for further information.

Checkpoint

Before continuing, confirm:

  • kubectl is installed and running:
kubectl version --client
kubectl get po -A

1.8 Deploy Istio service mesh

Istio is a service mesh that supports load balancing, traffic management and encrypted communication between services. It supports mutual TLS (MTLS) encryption.

Install Istio:

helm repo add istio https://istio-release.storage.googleapis.com/charts
helm repo update
helm install istio-base istio/base -n istio-system --set defaultRevision=default --create-namespace

Install the Istio discovery chart to deploy istioid, then verify the installation:

helm install istiod istio/istiod -n istio-system --wait
helm ls -n istio-system

This should indicate that istio-system has the status 'Deployed'.

kubectl get deployments -n istio-system --output wide

Install the Istio Ingress Gateway

kubectl create namespace istio-ingress
helm install istio-ingress istio/gateway -n istio-ingress --wait

Checkpoint

Before continuing, confirm that the gateway has been deployed under the istio-ingress namespace.

kubectl get po -A

Next steps

Continue to Identity Set Up