mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-28 18:06:34 +02:00
5fd8cf60d5
* zero/k8s: use deployments * secret mount readonly Co-authored-by: Joe Kralicky <joekralicky@gmail.com> * adjust according to comments --------- Co-authored-by: Joe Kralicky <joekralicky@gmail.com> |
||
|---|---|---|
| .. | ||
| deployment | ||
| rbac | ||
| service | ||
| .gitignore | ||
| kustomization.yaml | ||
| namespace.yaml | ||
| pomerium-secret.yaml.example | ||
| README.md | ||
Installing Pomerium Zero
Visit https://console.pomerium.app and register for an account.
Install base pomerium zero
kubectl apply -k https://github.com/pomerium/pomerium/k8s/zero?ref=main
(that would install an evergreen main)
Create a secret with Pomerium Zero token to complete your installation
apiVersion: v1
kind: Secret
metadata:
name: pomerium
namespace: pomerium-zero
type: Opaque
stringData:
pomerium_zero_token:
kubectl apply -f pomerium-secret.yaml
Now your Pomerium deployment should be up and running.
Update Pomerium cluster configuration
- The externally available address of your Pomerium Cluster should be set to the value assigned by your Load Balancer:
kubectl get svc/pomerium-proxy -n pomerium-zero -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'
- Because container is configured to run as non-root, the following should be adjusted:
- http redirect address set to
:8080 - server address set to
:8443