mirror of https://github.com/pomerium/pomerium.git synced 2025-07-28 14:08:43 +02:00

History

Ryota b1d41607a1 Fix kustomization warning (#5735 ) ## Summary There were old kustomization logic used, such as commonLabels and different patch handling. ## Related issues N/A ## User Explanation `kustomization build` will not show any warning, and the result should be exactly the same as before. ## Checklist - [ ] reference any related issues - [ ] updated unit tests - [ ] add appropriate label (`enhancement`, `bug`, `breaking`, `dependencies`, `ci`) - [ ] ready for review		2025-07-21 14:05:26 -04:00
..
deployment	Fix kustomization warning (#5735 )	2025-07-21 14:05:26 -04:00
rbac	zero/k8s: use deployments (#5248 )	2024-08-29 15:16:32 -04:00
service	zero/k8s: set externalTrafficPolicy: Local (#5266 )	2024-09-04 22:26:07 -04:00
.gitignore
kustomization.yaml	Fix kustomization warning (#5735 )	2025-07-21 14:05:26 -04:00
namespace.yaml
pomerium-secret.yaml.example
README.md

Installing Pomerium Zero

Visit https://console.pomerium.app and register for an account.

Install base pomerium zero

kubectl apply -k https://github.com/pomerium/pomerium/k8s/zero?ref=main

(that would install an evergreen main)

apiVersion: v1
kind: Secret
metadata:
  name: pomerium
  namespace: pomerium-zero
type: Opaque
stringData:
    pomerium_zero_token:

kubectl apply -f pomerium-secret.yaml

Now your Pomerium deployment should be up and running.

The externally available address of your Pomerium Cluster should be set to the value assigned by your Load Balancer:

kubectl get svc/pomerium-proxy -n pomerium-zero -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'

Because container is configured to run as non-root, the following should be adjusted: