4cb3281af7
* update k8s install for ingress conrtoller * typo correction * prep k8s section * squashme * init Ingress Controller doc Co-authored-by: travisgroth <tgroth@pomerium.com> Co-authored-by: wasaga <dmishin@pomerium.com> * update, organize, annotate * breakout custom from standard annotations * more info links * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * prep k8s section * document YAML policies in Ingress * sort and compress standard annotations * final draft * link cleanup * Create ingress.md * Update docs/docs/k8s/ingress.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> * Apply suggestions from code review * rm redundant config * fix file reference * update available annotations * Copy Proofread Grammar updates. * discussed copy edit * whitespace cleanup * add redirect for moved k8s docs * fixed malformed links * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> partial copy edits Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> partial copy edits Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> partial copy edits * One last TLS * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * clarify namespaces flag * Update docs/docs/k8s/ingress.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Co-authored-by: travisgroth <tgroth@pomerium.com> Co-authored-by: wasaga <dmishin@pomerium.com> Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com> Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com> Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| img | ||
| binary.md | ||
| from-source.md | ||
| readme.md | ||
| title | lang | description | meta | |||||
|---|---|---|---|---|---|---|---|---|
| Quick-Start | en-US | Get Pomerium up and running quickly with Docker. |
|
Pomerium using Docker
In this quick-start document, we'll create a minimal but complete environment for running Pomerium with containers.
Prerequisites
- A configured identity provider
- Docker and docker-compose
- TLS certificates
- This document assumes that your local Docker environment does not have a fully qualified domain name (FQDN) routed to it, and that you followed Self-signed wildcard certificate to generate a locally trusted key pair. Otherwise, adjust the configurations below to match your certificate solution.
Configure
-
Create a configuration file (e.g
config.yaml) for defining Pomerium's configuration settings, routes, and access policies. Consider the following example:<<< @/examples/config/config.docker.yaml
Keep track of the path to this file, relative to the
docker-compose.ymlfile created in the next step.docker-compose.ymlwill need the correct relative path to yourconfig.yaml. -
Create or copy the following
docker-compose.ymlfile and modify it to match your configuration, including the correct paths to yourconfig.yamland certificate files:<<< @/examples/docker/basic.docker-compose.yml
Run
Run docker compose:
docker-compose up
Docker will automatically download the required container images for Pomerium and verify. Then, Pomerium will run with the configuration details set in the previous steps.
You should now be able access to the routes (e.g. https://verify.localhost.pomerium.io) as specified in your policy file.
You can also navigate to the special pomerium endpoint verify.localhost.pomerium.io/.pomerium/ to see your current user details.
Next Steps
Now you can experiment with adding services to Docker and defining routes and policies for them in Pomerium. See Guides for help or inspiration.
::: warning This is a test environment! If you followed all the steps in this doc your Pomerium environment is not using trusted certificates. Remember to use a valid certificate solution before moving this configuration to a production environment. See Certificates for more information. :::