39 lines
1.2 KiB
Markdown
39 lines
1.2 KiB
Markdown
|
## Create Nginx Ingress Controller with basic authentication
|
||
|
|
|
||
|
|
1. Create a basic auth file `auth`:
|
||
|
|
> It's important the file generated is named auth (actually - that the secret has a key data.auth), otherwise the ingress-controller returns a 503
|
||
|
|
|
||
|
|
`$ USER=<USERNAME_HERE>; PASSWORD=<PASSWORD_HERE>; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth`
|
||
|
|
|
||
|
|
2. Create a secret
|
||
|
|
|
||
|
|
`$ kubectl -n longhorn-system create secret generic basic-auth --from-file=auth`
|
||
|
|
|
||
|
|
3. Create an Nginx ingress controller manifest `longhorn-ingress.yml` :
|
||
|
|
|
||
|
|
```
|
||
|
|
apiVersion: networking.k8s.io/v1beta1
|
||
|
|
kind: Ingress
|
||
|
|
metadata:
|
||
|
|
name: longhorn-ingress
|
||
|
|
namespace: longhorn-system
|
||
|
|
annotations:
|
||
|
|
# type of authentication
|
||
|
|
nginx.ingress.kubernetes.io/auth-type: basic
|
||
|
|
# name of the secret that contains the user/password definitions
|
||
|
|
nginx.ingress.kubernetes.io/auth-secret: basic-auth
|
||
|
|
# message to display with an appropriate context why the authentication is required
|
||
|
|
nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
|
||
|
|
spec:
|
||
|
|
rules:
|
||
|
|
- http:
|
||
|
|
paths:
|
||
|
|
- path: /
|
||
|
|
backend:
|
||
|
|
serviceName: longhorn-frontend
|
||
|
|
servicePort: 80
|
||
|
|
```
|
||
|
|
|
||
|
|
4. Create the ingress controller:
|
||
|
|
`$ kubectl -n longhorn-system apply longhorn-ingress.yml`
|