mirror of https://github.com/pomerium/pomerium.git synced 2025-04-28 09:56:31 +02:00

* zero/k8s: deployment manifests

* convert to statefulset so that it has persistent volume claim

* use standard ports to avoid config customization for k8s

* add XDG_DATA_HOME mapping

2024-01-08 12:08:14 -05:00

1 KiB

Raw Permalink Blame History

Installing Pomerium Zero

Visit https://console.pomerium.app and register for an account.

Install base pomerium zero

kubectl apply -k https://github.com/pomerium/pomerium/k8s/zero?ref=main

(that would install an evergreen main)

Create a secret with Pomerium Zero token to complete your installation

apiVersion: v1
kind: Secret
metadata:
  name: pomerium
  namespace: pomerium-zero
type: Opaque
stringData:
    pomerium_zero_token:

kubectl apply -f pomerium-secret.yaml

Now your Pomerium deployment should be up and running.

Update Pomerium cluster configuration

The externally available address of your Pomerium Cluster should be set to the value assigned by your Load Balancer:

kubectl get svc/pomerium-proxy -n pomerium-zero -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'

Because container is configured to run as non-root, the following should be adjusted:

http redirect address set to :8080
server address set to :8443

1 KiB Raw Permalink Blame History

Installing Pomerium Zero

Install base pomerium zero

Create a secret with Pomerium Zero token to complete your installation

Update Pomerium cluster configuration

1 KiB

Raw Permalink Blame History