k-space/dex
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Updated documentation for dex on k8s when RBAC authorization is used

Browse Source
This commit is contained in:
Filip 2017-04-13 15:14:21 +02:00
parent e609de5018
commit 57aa32562b
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Documentation/kubernetes.md
View File

@ -60,6 +60,7 @@ To run dex on Kubernetes perform the following steps:
2. Spin up a Kubernetes cluster with the appropriate flags and CA volume mount. 2. Spin up a Kubernetes cluster with the appropriate flags and CA volume mount.
3. Create a secret containing your [GitHub OAuth2 client credentials][github-oauth2]. 3. Create a secret containing your [GitHub OAuth2 client credentials][github-oauth2].
4. Deploy dex. 4. Deploy dex.
5. Create and assign 'dex' cluster role to dex service account (if RBAC authorization is used).
The TLS assets can be created using the following command: The TLS assets can be created using the following command:
@ -83,12 +84,14 @@ $ kubectl create secret \
--from-literal=client-secret=$GITHUB_CLIENT_SECRET --from-literal=client-secret=$GITHUB_CLIENT_SECRET
``` ```
Finally, create the dex deployment, configmap, and node port service. Create the dex deployment, configmap, and node port service.
``` ```
$ kubectl create -f dex.yaml $ kubectl create -f dex.yaml
``` ```
Assign cluster role to dex service account so it can create third party resources [Kubernetes third party resources](storage.md).
__Caveats:__ No health checking is configured because dex does its own TLS termination complicating the setup. This is a known issue and can be tracked [here][dex-healthz]. __Caveats:__ No health checking is configured because dex does its own TLS termination complicating the setup. This is a known issue and can be tracked [here][dex-healthz].
## Logging into the cluster ## Logging into the cluster