careful-france-37922
08/19/2019, 9:36 AMnginx-ingress
which does basic authentication for one domain.
Currently the basic authentication data is done manually via: htpasswd -c auth <username> && kubectl create secret generic docs-basic-auth --from-file=auth
I want to automate this for the future.
The helm chart looks like this:
ingress:
domain: <domain>
tlsSecretName: <name>-de-tls
annotations:
<http://nginx.ingress.kubernetes.io/auth-type|nginx.ingress.kubernetes.io/auth-type>: basic
# # The name of the secret which contains the HTTP basic auth configuration
# # See: <https://github.com/kubernetes/ingress-nginx/blob/6d2400ee0fcd29390db24091edef07ccee73c881/docs/examples/auth/basic/README.md>
<http://nginx.ingress.kubernetes.io/auth-secret|nginx.ingress.kubernetes.io/auth-secret>: docs-basic-auth
<http://nginx.ingress.kubernetes.io/auth-realm|nginx.ingress.kubernetes.io/auth-realm>: "Name"
deployment:
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
I have a file which contains this code where, at least I think, I need to start:
import * as k8s from "@pulumi/kubernetes";
import * as affinities from "../../../affinities";
interface ICreateNginxIngressOpts {
isPrivateNetworkIngress: boolean;
tls: { defaultTlsSecretName: string };
context: {
provider: k8s.Provider;
};
}
const createNginxIngress = ({
isPrivateNetworkIngress,
tls,
context: { provider }
}: ICreateNginxIngressOpts) => {
let annotations: any = {};
if (isPrivateNetworkIngress) {
// Only allow traffic from the external subnet
annotations["<http://cloud.google.com/load-balancer-type|cloud.google.com/load-balancer-type>"] = "Internal";
}
return new k8s.helm.v2.Chart(
"nginx-ingress",
{
repo: "stable",
chart: "nginx-ingress",
version: "1.6.0",
values: {
defaultBackend: {
affinity: affinities.defaultPool
},
controller: {
extraArgs: {
"default-ssl-certificate": tls.defaultTlsSecretName
},
publishService: { enabled: true },
affinity: affinities.defaultPool,
service: {
annotations
}
}
}
},
{ dependsOn: [provider], providers: { k8s: provider } }
);
};
export { createNginxIngress };
Any hints where I have to look at?
Basically: I want to automate this steps: https://github.com/kubernetes/ingress-nginx/blob/6d2400ee0fcd29390db24091edef07ccee73c881/docs/examples/auth/basic/README.mdbest-xylophone-83824
08/19/2019, 9:40 AMcareful-france-37922
08/19/2019, 9:44 AMbest-xylophone-83824
08/19/2019, 9:45 AMcareful-france-37922
08/19/2019, 9:46 AM