Updated documentation for dex on k8s when RBAC authorization is used
This commit is contained in:
parent
e609de5018
commit
57aa32562b
@ -60,6 +60,7 @@ To run dex on Kubernetes perform the following steps:
|
||||
2. Spin up a Kubernetes cluster with the appropriate flags and CA volume mount.
|
||||
3. Create a secret containing your [GitHub OAuth2 client credentials][github-oauth2].
|
||||
4. Deploy dex.
|
||||
5. Create and assign 'dex' cluster role to dex service account (if RBAC authorization is used).
|
||||
|
||||
The TLS assets can be created using the following command:
|
||||
|
||||
@ -83,12 +84,14 @@ $ kubectl create secret \
|
||||
--from-literal=client-secret=$GITHUB_CLIENT_SECRET
|
||||
```
|
||||
|
||||
Finally, create the dex deployment, configmap, and node port service.
|
||||
Create the dex deployment, configmap, and node port service.
|
||||
|
||||
```
|
||||
$ kubectl create -f dex.yaml
|
||||
```
|
||||
|
||||
Assign cluster role to dex service account so it can create third party resources [Kubernetes third party resources](storage.md).
|
||||
|
||||
__Caveats:__ No health checking is configured because dex does its own TLS termination complicating the setup. This is a known issue and can be tracked [here][dex-healthz].
|
||||
|
||||
## Logging into the cluster
|
||||
|
Reference in New Issue
Block a user