2.4 KiB
| title | lang | meta | |||||
|---|---|---|---|---|---|---|---|
| Kubernetes | en-US |
|
Pomerium using Kubernetes
This quickstart will cover how to deploy Pomerium with Kubernetes. Though there are many ways to work with Kubernetes, for the purpose of this guide, we will use Google's Kubernetes Engine. That said, most of the following steps should be very similar using any other provider.
Prerequisites
- A configured identity provider
- A wild-card TLS certificate
- A Google Cloud Account
- kubectl
- Google Cloud SDK
Download
Retrieve the latest copy of pomerium's source-code by cloning the repository.
git clone https://github.com/pomerium/pomerium.git $HOME/pomerium
Configure
Edit ./scripts/kubernetes_gke.sh making sure to change the identity provider secret value to match your identity provider and wild-card tls certificate settings.
Run
Run ./scripts/kubernetes_gke.sh which will:
- Provision a new cluster.
- Create authenticate, authorize, and proxy deployments.
- Provision and apply authenticate, authorize, and proxy services.
- Configure an ingress load balancer.
sh ./scripts/kubernetes_gke.sh
You should see roughly the following in your terminal. Note, provisioning does take a few minutes.
And if you check out Google's Kubernetes Engine dashboard you'll see something like:
Navigate
Open a browser and navigate to httpbin.your.domain.example.