Deploy GitHub Pages
This commit is contained in:
parent
8125e59d3f
commit
c09357b854
51 changed files with 612 additions and 5095 deletions
|
|
@ -596,8 +596,8 @@
|
|||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../../user-guide/exposing-tcp-udp-services/" title="Exposing TCP and UDP services" class="md-nav__link">
|
||||
Exposing TCP and UDP services
|
||||
<a href="../../../user-guide/ingress-path-matching/" title="Regular expressions in paths" class="md-nav__link">
|
||||
Regular expressions in paths
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
|
@ -927,18 +927,6 @@
|
|||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/custom-upstream-check/" title="Custom Upstream server checks" class="md-nav__link">
|
||||
Custom Upstream server checks
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/external-auth-headers/" title="External authentication" class="md-nav__link">
|
||||
External authentication
|
||||
|
|
@ -1085,33 +1073,18 @@
|
|||
<h1 id="basic-authentication">Basic Authentication<a class="headerlink" href="#basic-authentication" title="Permanent link">¶</a></h1>
|
||||
<p>This example shows how to add authentication in a Ingress rule using a secret that contains a file generated with <code class="codehilite">htpasswd</code>.
|
||||
It's important the file generated is named <code class="codehilite">auth</code> (actually - that the secret has a key <code class="codehilite">data.auth</code>), otherwise the ingress-controller returns a 503.</p>
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1
|
||||
2
|
||||
3
|
||||
4
|
||||
5</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="gp">$</span> htpasswd -c auth foo
|
||||
<div class="codehilite"><pre><span></span><span class="gp">$</span> htpasswd -c auth foo
|
||||
<span class="go">New password: <bar></span>
|
||||
<span class="go">New password:</span>
|
||||
<span class="go">Re-type new password:</span>
|
||||
<span class="go">Adding password for user foo</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1
|
||||
2</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="gp">$</span> kubectl create secret generic basic-auth --from-file<span class="o">=</span>auth
|
||||
<div class="codehilite"><pre><span></span><span class="gp">$</span> kubectl create secret generic basic-auth --from-file<span class="o">=</span>auth
|
||||
<span class="go">secret "basic-auth" created</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="gp">$</span> kubectl get secret basic-auth -o yaml
|
||||
<div class="codehilite"><pre><span></span><span class="gp">$</span> kubectl get secret basic-auth -o yaml
|
||||
<span class="go">apiVersion: v1</span>
|
||||
<span class="go">data:</span>
|
||||
<span class="go"> auth: Zm9vOiRhcHIxJE9GRzNYeWJwJGNrTDBGSERBa29YWUlsSDkuY3lzVDAK</span>
|
||||
|
|
@ -1121,30 +1094,8 @@ It's important the file generated is named <code class="codehilite">auth</code>
|
|||
<span class="go"> namespace: default</span>
|
||||
<span class="go">type: Opaque</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="go">echo "</span>
|
||||
<div class="codehilite"><pre><span></span><span class="go">echo "</span>
|
||||
<span class="go">apiVersion: extensions/v1beta1</span>
|
||||
<span class="go">kind: Ingress</span>
|
||||
<span class="go">metadata:</span>
|
||||
|
|
@ -1167,32 +1118,8 @@ It's important the file generated is named <code class="codehilite">auth</code>
|
|||
<span class="go"> servicePort: 80</span>
|
||||
<span class="go">" | kubectl create -f -</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22
|
||||
23
|
||||
24</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ curl -v http://10.2.29.4/ -H 'Host: foo.bar.com'
|
||||
<div class="codehilite"><pre><span></span>$ curl -v http://10.2.29.4/ -H 'Host: foo.bar.com'
|
||||
* Trying 10.2.29.4...
|
||||
* Connected to 10.2.29.4 (10.2.29.4) port 80 (#0)
|
||||
> GET / HTTP/1.1
|
||||
|
|
@ -1217,51 +1144,8 @@ It's important the file generated is named <code class="codehilite">auth</code>
|
|||
<span class="nt"></html></span>
|
||||
* Connection #0 to host 10.2.29.4 left intact
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22
|
||||
23
|
||||
24
|
||||
25
|
||||
26
|
||||
27
|
||||
28
|
||||
29
|
||||
30
|
||||
31
|
||||
32
|
||||
33
|
||||
34
|
||||
35
|
||||
36
|
||||
37
|
||||
38
|
||||
39
|
||||
40
|
||||
41
|
||||
42
|
||||
43</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ curl -v http://10.2.29.4/ -H <span class="s1">'Host: foo.bar.com'</span> -u <span class="s1">'foo:bar'</span>
|
||||
<div class="codehilite"><pre><span></span>$ curl -v http://10.2.29.4/ -H <span class="s1">'Host: foo.bar.com'</span> -u <span class="s1">'foo:bar'</span>
|
||||
* Trying <span class="m">10</span>.2.29.4...
|
||||
* Connected to <span class="m">10</span>.2.29.4 <span class="o">(</span><span class="m">10</span>.2.29.4<span class="o">)</span> port <span class="m">80</span> <span class="o">(</span><span class="c1">#0)</span>
|
||||
* Server auth using Basic with user <span class="s1">'foo'</span>
|
||||
|
|
@ -1305,7 +1189,6 @@ BODY:
|
|||
* Connection <span class="c1">#0 to host 10.2.29.4 left intact</span>
|
||||
-no body in request-
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -596,8 +596,8 @@
|
|||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../../user-guide/exposing-tcp-udp-services/" title="Exposing TCP and UDP services" class="md-nav__link">
|
||||
Exposing TCP and UDP services
|
||||
<a href="../../../user-guide/ingress-path-matching/" title="Regular expressions in paths" class="md-nav__link">
|
||||
Regular expressions in paths
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
|
@ -838,8 +838,8 @@
|
|||
<ul class="md-nav__list" data-md-scrollfix>
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="#setup-instructions" title="Setup instructions" class="md-nav__link">
|
||||
Setup instructions
|
||||
<a href="#setup-instructions" title="Setup Instructions" class="md-nav__link">
|
||||
Setup Instructions
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
|
@ -956,18 +956,6 @@
|
|||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/custom-upstream-check/" title="Custom Upstream server checks" class="md-nav__link">
|
||||
Custom Upstream server checks
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/external-auth-headers/" title="External authentication" class="md-nav__link">
|
||||
External authentication
|
||||
|
|
@ -1102,8 +1090,8 @@
|
|||
<ul class="md-nav__list" data-md-scrollfix>
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="#setup-instructions" title="Setup instructions" class="md-nav__link">
|
||||
Setup instructions
|
||||
<a href="#setup-instructions" title="Setup Instructions" class="md-nav__link">
|
||||
Setup Instructions
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
|
@ -1128,18 +1116,19 @@
|
|||
|
||||
|
||||
<h1 id="client-certificate-authentication">Client Certificate Authentication<a class="headerlink" href="#client-certificate-authentication" title="Permanent link">¶</a></h1>
|
||||
<p>It is possible to enable Client Certificate Authentication using additional annotations in the Ingress.</p>
|
||||
<h2 id="setup-instructions">Setup instructions<a class="headerlink" href="#setup-instructions" title="Permanent link">¶</a></h2>
|
||||
<p>It is possible to enable Client Certificate Authentication using additional annotations in Ingress resources, created by you.</p>
|
||||
<h2 id="setup-instructions">Setup Instructions<a class="headerlink" href="#setup-instructions" title="Permanent link">¶</a></h2>
|
||||
<ol>
|
||||
<li>
|
||||
<p>Create a file named <code class="codehilite">ca.crt</code> containing the trusted certificate authority chain (all ca certificates in PEM format) to verify client certificates. </p>
|
||||
<p>Create a file named <code class="codehilite">ca.crt</code> containing the trusted certificate authority chain to verify client certificates. All of the certificates must be in PEM format.<br />
|
||||
<em>NB:</em> The file containing the trusted certificates must be named <code class="codehilite">ca.crt</code> exactly - this is expected to be found in the secret.</p>
|
||||
</li>
|
||||
<li>
|
||||
<p>Create a secret from this file:
|
||||
<p>Create a secret from this file:<br />
|
||||
<code class="codehilite">kubectl create secret generic auth-tls-chain --from-file=ca.crt --namespace=default</code></p>
|
||||
</li>
|
||||
<li>
|
||||
<p>Add the annotations as provided in the <a href="ingress.yaml">ingress.yaml</a> example to your ingress object.</p>
|
||||
<p>Add the annotations as provided in the <a href="ingress.yaml">ingress.yaml</a> example to your own ingress resources as required.</p>
|
||||
</li>
|
||||
</ol>
|
||||
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ metadata:
|
|||
# Enable client certificate authentication
|
||||
nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
|
||||
# Create the secret containing the trusted ca certificates with `kubectl create secret generic auth-tls-chain --from-file=ca.crt --namespace=default`
|
||||
# NB: The file _must_ be named "ca.crt" and nothing else. This filename is expected to be found in the secret.
|
||||
nginx.ingress.kubernetes.io/auth-tls-secret: "default/auth-tls-chain"
|
||||
# Specify the verification depth in the client certificates chain
|
||||
nginx.ingress.kubernetes.io/auth-tls-verify-depth: "1"
|
||||
|
|
|
|||
|
|
@ -596,8 +596,8 @@
|
|||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../../user-guide/exposing-tcp-udp-services/" title="Exposing TCP and UDP services" class="md-nav__link">
|
||||
Exposing TCP and UDP services
|
||||
<a href="../../../user-guide/ingress-path-matching/" title="Regular expressions in paths" class="md-nav__link">
|
||||
Regular expressions in paths
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
|
@ -956,18 +956,6 @@
|
|||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/custom-upstream-check/" title="Custom Upstream server checks" class="md-nav__link">
|
||||
Custom Upstream server checks
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/external-auth-headers/" title="External authentication" class="md-nav__link">
|
||||
External authentication
|
||||
|
|
@ -1130,40 +1118,7 @@
|
|||
<h1 id="external-basic-authentication">External Basic Authentication<a class="headerlink" href="#external-basic-authentication" title="Permanent link">¶</a></h1>
|
||||
<h3 id="example-1">Example 1:<a class="headerlink" href="#example-1" title="Permanent link">¶</a></h3>
|
||||
<p>Use an external service (Basic Auth) located in <code class="codehilite">https://httpbin.org</code> </p>
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22
|
||||
23
|
||||
24
|
||||
25
|
||||
26
|
||||
27
|
||||
28
|
||||
29
|
||||
30
|
||||
31
|
||||
32
|
||||
33
|
||||
34</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ kubectl create -f ingress.yaml
|
||||
<div class="codehilite"><pre><span></span>$ kubectl create -f ingress.yaml
|
||||
ingress <span class="s2">"external-auth"</span> created
|
||||
|
||||
$ kubectl get ing external-auth
|
||||
|
|
@ -1198,34 +1153,9 @@ status:
|
|||
- ip: <span class="m">172</span>.17.4.99
|
||||
$
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<p>Test 1: no username/password (expect code 401)</p>
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22
|
||||
23
|
||||
24
|
||||
25</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="gp">$</span> curl -k http://172.17.4.99 -v -H <span class="s1">'Host: external-auth-01.sample.com'</span>
|
||||
<div class="codehilite"><pre><span></span><span class="gp">$</span> curl -k http://172.17.4.99 -v -H <span class="s1">'Host: external-auth-01.sample.com'</span>
|
||||
<span class="go">* Rebuilt URL to: http://172.17.4.99/</span>
|
||||
<span class="go">* Trying 172.17.4.99...</span>
|
||||
<span class="go">* Connected to 172.17.4.99 (172.17.4.99) port 80 (#0)</span>
|
||||
|
|
@ -1251,52 +1181,9 @@ $
|
|||
<span class="go"></html></span>
|
||||
<span class="go">* Connection #0 to host 172.17.4.99 left intact</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<p>Test 2: valid username/password (expect code 200)
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22
|
||||
23
|
||||
24
|
||||
25
|
||||
26
|
||||
27
|
||||
28
|
||||
29
|
||||
30
|
||||
31
|
||||
32
|
||||
33
|
||||
34
|
||||
35
|
||||
36
|
||||
37
|
||||
38
|
||||
39
|
||||
40
|
||||
41
|
||||
42
|
||||
43</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>$ curl -k http://172.17.4.99 -v -H <span class="s1">'Host: external-auth-01.sample.com'</span> -u <span class="s1">'user:passwd'</span>
|
||||
<div class="codehilite"><pre><span></span>$ curl -k http://172.17.4.99 -v -H <span class="s1">'Host: external-auth-01.sample.com'</span> -u <span class="s1">'user:passwd'</span>
|
||||
* Rebuilt URL to: http://172.17.4.99/
|
||||
* Trying <span class="m">172</span>.17.4.99...
|
||||
* Connected to <span class="m">172</span>.17.4.99 <span class="o">(</span><span class="m">172</span>.17.4.99<span class="o">)</span> port <span class="m">80</span> <span class="o">(</span><span class="c1">#0)</span>
|
||||
|
|
@ -1339,37 +1226,9 @@ x-real-ip<span class="o">=</span><span class="m">10</span>.2.60.1
|
|||
BODY:
|
||||
* Connection <span class="c1">#0 to host 172.17.4.99 left intact</span>
|
||||
-no body in request-
|
||||
</pre></div>
|
||||
</td></tr></table></p>
|
||||
</pre></div></p>
|
||||
<p>Test 3: invalid username/password (expect code 401)
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span> 1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7
|
||||
8
|
||||
9
|
||||
10
|
||||
11
|
||||
12
|
||||
13
|
||||
14
|
||||
15
|
||||
16
|
||||
17
|
||||
18
|
||||
19
|
||||
20
|
||||
21
|
||||
22
|
||||
23
|
||||
24
|
||||
25
|
||||
26
|
||||
27
|
||||
28</pre></div></td><td class="code"><div class="codehilite"><pre><span></span>curl -k http://172.17.4.99 -v -H 'Host: external-auth-01.sample.com' -u 'user:user'
|
||||
<div class="codehilite"><pre><span></span>curl -k http://172.17.4.99 -v -H 'Host: external-auth-01.sample.com' -u 'user:user'
|
||||
* Rebuilt URL to: http://172.17.4.99/
|
||||
* Trying 172.17.4.99...
|
||||
* Connected to 172.17.4.99 (172.17.4.99) port 80 (#0)
|
||||
|
|
@ -1397,8 +1256,7 @@ BODY:
|
|||
<span class="nt"></body></span>
|
||||
<span class="nt"></html></span>
|
||||
* Connection #0 to host 172.17.4.99 left intact
|
||||
</pre></div>
|
||||
</td></tr></table></p>
|
||||
</pre></div></p>
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -596,8 +596,8 @@
|
|||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../../user-guide/exposing-tcp-udp-services/" title="Exposing TCP and UDP services" class="md-nav__link">
|
||||
Exposing TCP and UDP services
|
||||
<a href="../../../user-guide/ingress-path-matching/" title="Regular expressions in paths" class="md-nav__link">
|
||||
Regular expressions in paths
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
|
@ -983,18 +983,6 @@
|
|||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/custom-upstream-check/" title="Custom Upstream server checks" class="md-nav__link">
|
||||
Custom Upstream server checks
|
||||
</a>
|
||||
</li>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="../../customization/external-auth-headers/" title="External authentication" class="md-nav__link">
|
||||
External authentication
|
||||
|
|
@ -1196,13 +1184,7 @@ One Ingress object has no special annotations and handles authentication.</p>
|
|||
authenticate against the first Ingress's endpoint, and can redirect <code class="codehilite">401</code>s to the
|
||||
same endpoint.</p>
|
||||
<p>Sample:</p>
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1
|
||||
2
|
||||
3
|
||||
4
|
||||
5
|
||||
6
|
||||
7</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="nn">...</span>
|
||||
<div class="codehilite"><pre><span></span><span class="nn">...</span>
|
||||
<span class="l l-Scalar l-Scalar-Plain">metadata</span><span class="p p-Indicator">:</span>
|
||||
<span class="l l-Scalar l-Scalar-Plain">name</span><span class="p p-Indicator">:</span> <span class="l l-Scalar l-Scalar-Plain">application</span>
|
||||
<span class="l l-Scalar l-Scalar-Plain">annotations</span><span class="p p-Indicator">:</span>
|
||||
|
|
@ -1210,7 +1192,6 @@ same endpoint.</p>
|
|||
<span class="l l-Scalar l-Scalar-Plain">nginx.ingress.kubernetes.io/auth-signin</span><span class="p p-Indicator">:</span> <span class="s">"https://$host/oauth2/start?rd=$escaped_request_uri"</span>
|
||||
<span class="nn">...</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<h3 id="example-oauth2-proxy-kubernetes-dashboard">Example: OAuth2 Proxy + Kubernetes-Dashboard<a class="headerlink" href="#example-oauth2-proxy-kubernetes-dashboard" title="Permanent link">¶</a></h3>
|
||||
<p>This example will show you how to deploy <a href="https://github.com/bitly/oauth2_proxy"><code class="codehilite">oauth2_proxy</code></a>
|
||||
|
|
@ -1219,9 +1200,8 @@ into a Kubernetes cluster and use it to protect the Kubernetes Dashboard using g
|
|||
<ol>
|
||||
<li>Install the kubernetes dashboard</li>
|
||||
</ol>
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="go">kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.5.0.yaml</span>
|
||||
<div class="codehilite"><pre><span></span><span class="go">kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.5.0.yaml</span>
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<ol>
|
||||
<li>Create a <a href="https://github.com/settings/applications/new">custom Github OAuth application</a></li>
|
||||
|
|
@ -1251,9 +1231,8 @@ into a Kubernetes cluster and use it to protect the Kubernetes Dashboard using g
|
|||
<ol>
|
||||
<li>Deploy the oauth2 proxy and the ingress rules running:</li>
|
||||
</ol>
|
||||
<table class="codehilitetable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span>1</pre></div></td><td class="code"><div class="codehilite"><pre><span></span><span class="gp">$</span> kubectl create -f oauth2-proxy.yaml,dashboard-ingress.yaml
|
||||
<div class="codehilite"><pre><span></span><span class="gp">$</span> kubectl create -f oauth2-proxy.yaml,dashboard-ingress.yaml
|
||||
</pre></div>
|
||||
</td></tr></table>
|
||||
|
||||
<p>Test the oauth integration accessing the configured URL, like <code class="codehilite">https://foo.bar.com</code></p>
|
||||
<p><img alt="Register OAuth2 Application" src="images/github-auth.png" /></p>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue