Administration Guide
This administration guide gives you a better understanding on Trustify’s deployment options, installing the Trustify services locally, and reference information for Trustify’s OpenAPI structures.
Trustify relies on external services for storage and authentication. Trustify’s services can use Amazon’s S3 APIs to store object data. You do not need to run Trustify on Amazon Web Services (AWS), because other cloud vendors, such as Google Cloud Storage (GCS) and MinIO, implement Amazon’s S3 API.
It also is possible to run Trustify on bare metal. Either on a server, or a local desktop/laptop, for trying it out.
Deployment options
You have several deployment options to choose from for running Trustify.
Bare metal
Running Trustify on bare-metal servers requires you to download the trustd
binary from source found on the
Trustify releases page.
There currently exist two variants of this binary, trustd
and trustd-pm
. The -pm
version includes a few embedded
services, such as PostgreSQL and an OIDC issuer, which make it easier to run Trustify locally for trying it out. However,
this might be insecure, dangerous, and is not production ready. Still, it is great for trying it out and demoing it
without too much trouble.
Kubernetes
Since Kubernetes runs containers, running Trustify on Kubernetes is easy! We do not provide any out-of-the-box charts or an installation script, since many of the configuration options are specific to the running environment.
We keep a Helm chart in the https://github.com/trustification/trustify-helm-charts to deploy a Trustify instance. You can use this Helm chart as a starting point for your specific environment.