Merge pull request #1 from AirHelp/dex_on_k8s_rbac_doc

Updated documentation for dex on k8s when RBAC authorization is used
This commit is contained in:
Filip Haftek 2017-04-13 15:41:06 +02:00 committed by GitHub
commit 2e10e5a9b1

View File

@ -60,6 +60,7 @@ To run dex on Kubernetes perform the following steps:
2. Spin up a Kubernetes cluster with the appropriate flags and CA volume mount. 2. Spin up a Kubernetes cluster with the appropriate flags and CA volume mount.
3. Create a secret containing your [GitHub OAuth2 client credentials][github-oauth2]. 3. Create a secret containing your [GitHub OAuth2 client credentials][github-oauth2].
4. Deploy dex. 4. Deploy dex.
5. Create and assign 'dex' cluster role to dex service account (if RBAC authorization is used).
The TLS assets can be created using the following command: The TLS assets can be created using the following command:
@ -83,12 +84,14 @@ $ kubectl create secret \
--from-literal=client-secret=$GITHUB_CLIENT_SECRET --from-literal=client-secret=$GITHUB_CLIENT_SECRET
``` ```
Finally, create the dex deployment, configmap, and node port service. Create the dex deployment, configmap, and node port service.
``` ```
$ kubectl create -f dex.yaml $ kubectl create -f dex.yaml
``` ```
Assign cluster role to dex service account so it can create third party resources [Kubernetes third party resources](storage.md).
__Caveats:__ No health checking is configured because dex does its own TLS termination complicating the setup. This is a known issue and can be tracked [here][dex-healthz]. __Caveats:__ No health checking is configured because dex does its own TLS termination complicating the setup. This is a known issue and can be tracked [here][dex-healthz].
## Logging into the cluster ## Logging into the cluster