mirror of https://github.com/pomerium/pomerium.git synced 2025-05-01 11:26:29 +02:00

- Update PR template to use Go language conventions.
- Moved healthcheck middleware to hijack a request before logging.
- Rewrote the quickstart guides to follow a similar pattern.
- Added an overview blurb on pomerium and its goals.
- Add an "example config" section to docs.

2019-01-27 22:22:14 -08:00

3.3 KiB

Raw Blame History

Kubernetes

This quickstart will show you how to deploy Pomerium with Kubernetes. For the purpose of this guide, we will be using Google's Kubernetes Engine. However, there are countless ways to work with Kubernetes:

Google Kubernetes Engine (GKE)
Azure Kubernetes Service
Amazon Elastic Kubernetes Service (Amazon EKS)
OpenShift Kubernetes
Or locally, with minikube

Most of the following steps should be very similar using any other provider.

:::tip

Google Cloud Platform has a free trial with $300 credits.

:::

Prerequisites

A Google Cloud Account
A configured identity provider
Install kubectl
Install the Google Cloud SDK

Download

Retrieve the latest copy of pomerium's source-code by cloning the repository.

git clone https://github.com/pomerium/pomerium.git $HOME/pomerium

Configure

Edit the the example kubernetes files to match your identity provider settings:

./docs/docs/examples/authenticate.deploy.yml
./docs/docs/examples/authenticate.service.yml
./docs/docs/examples/proxy.deploy.yml
./docs/docs/examples/proxy.service.yml
./docs/docs/examples/ingress.yml

Place your domain's wild-card TLS certificate (privkey.pem and cert.pem) in the root of the repository. If you don't have one handy, the included script generates one from LetsEncrypt.

Edit ./scripts/kubernetes_gke.sh making sure to change the identity provider secret value to match your identity provider settings.