mirror of https://github.com/pomerium/pomerium.git synced 2025-04-28 18:06:34 +02:00

History

Denis Mishin c84a251c93 zero/k8s: deployment manifests (#4763 ) * zero/k8s: deployment manifests * convert to statefulset so that it has persistent volume claim * use standard ports to avoid config customization for k8s * add XDG_DATA_HOME mapping		2024-01-08 12:08:14 -05:00
..
deployment	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00
service	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00
.gitignore	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00
kustomization.yaml	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00
namespace.yaml	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00
pomerium-secret.yaml.example	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00
README.md	zero/k8s: deployment manifests (#4763 )	2024-01-08 12:08:14 -05:00

Installing Pomerium Zero

Visit https://console.pomerium.app and register for an account.

Install base pomerium zero

kubectl apply -k https://github.com/pomerium/pomerium/k8s/zero?ref=main

(that would install an evergreen main)

apiVersion: v1
kind: Secret
metadata:
  name: pomerium
  namespace: pomerium-zero
type: Opaque
stringData:
    pomerium_zero_token:

kubectl apply -f pomerium-secret.yaml

Now your Pomerium deployment should be up and running.

The externally available address of your Pomerium Cluster should be set to the value assigned by your Load Balancer:

kubectl get svc/pomerium-proxy -n pomerium-zero -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'

Because container is configured to run as non-root, the following should be adjusted: