Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose Dex on the control-plane ingress controller #2011

Closed
Ebaneck opened this issue Nov 5, 2019 · 0 comments
Closed

Expose Dex on the control-plane ingress controller #2011

Ebaneck opened this issue Nov 5, 2019 · 0 comments
Assignees
@Ebaneck
Labels
topic:authentication Anything related to user authentication
Milestone
MetalK8s 2.6.0

Comments

@Ebaneck
Copy link
Contributor

Ebaneck commented Nov 5, 2019
edited by gdemonet
Loading

Component:

'salt', 'kubernetes', 'authentication'

Why this is needed:
To access Dex outside the Metalk8s cluster, we need to expose it over the control plane ingress

What should be done:

  • Add an ingress object to expose the Dex web GUI

Implementation proposal (strongly recommended):

Test plan:

  • Be able to navigate to the Dex login landing page

Epic iteration: #1988
@Ebaneck Ebaneck added moonshot topic:authentication Anything related to user authentication labels Nov 5, 2019
@Ebaneck Ebaneck added this to the MetalK8s 2.5.0 milestone Nov 5, 2019
@thomasdanan thomasdanan mentioned this issue Nov 6, 2019
Closed
7 tasks
@gdemonet gdemonet mentioned this issue Nov 8, 2019
Merged
Ebaneck added a commit that referenced this issue Nov 20, 2019
@Ebaneck
Salt: Add and Render DEX deployment configuration
0f647b9 
This commit adds the following:

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for DEX service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate dex deployment, service account,
cluster role and cluster role bindings

The DEX chart.sls is generated from the charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy DEX and related server certificates

Closes: #2007
Closes: #2011
Ebaneck added a commit that referenced this issue Nov 20, 2019
@Ebaneck
Salt: Add and Render DEX deployment configuration
9d11d65 
This commit adds the following:

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for DEX service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate dex deployment, service account,
cluster role and cluster role bindings

The DEX chart.sls is generated from the charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy DEX and related server certificates

Closes: #2007
Closes: #2011
Ebaneck added a commit that referenced this issue Nov 20, 2019
@Ebaneck
Salt: Add and Render DEX deployment configuration
2647f67 
This commit adds the following:

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for DEX service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate dex deployment, service account,
cluster role and cluster role bindings

The DEX chart.sls is generated from the charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy DEX and related server certificates

Closes: #2007
Closes: #2011
Ebaneck added a commit that referenced this issue Nov 21, 2019
@Ebaneck
Salt: Add and Render DEX deployment configuration
6747bfe 
This commit adds the following:

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for DEX service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate dex deployment, service account,
cluster role and cluster role bindings

The DEX chart.sls is generated from the charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy DEX and related server certificates

Closes: #2007
Closes: #2011
Ebaneck added a commit that referenced this issue Nov 21, 2019
@Ebaneck
Salt: Add and Render DEX deployment configuration
70e80fd 
This commit adds the following:

Adds Dex Image to the buildchain

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for Dex service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate Dex deployment, service account,
cluster role and clusterrolebindings

The Dex chart.sls is generated from the Helm charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy Dex and related server certificates

Closes: #2007
Closes: #2011
Ebaneck added a commit that referenced this issue Nov 21, 2019
@Ebaneck
Salt: Add and Render Dex deployment configuration
7bd1920 
This commit adds the following:

Adds Dex Image to the buildchain

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for Dex service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate Dex deployment, service account,
cluster role and clusterrolebindings

The Dex chart.sls is generated from the Helm charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy Dex and related server certificates

Closes: #2007
Closes: #2011
Ebaneck added a commit that referenced this issue Nov 22, 2019
@Ebaneck
Salt: Add and Render Dex deployment configuration
2a5e6e8 
This commit adds the following:

Adds Dex Image to the buildchain

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for Dex service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate Dex deployment, service account,
cluster role and clusterrolebindings

The Dex chart.sls is generated from the Helm charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy Dex and related server certificates

Closes: #2007
Closes: #2011
@Ebaneck Ebaneck closed this as completed Nov 22, 2019
ChengYanJin pushed a commit that referenced this issue Dec 17, 2019
@Ebaneck @ChengYanJin
Salt: Add and Render Dex deployment configuration
344c329 
This commit adds the following:

Adds Dex Image to the buildchain

Adds method to obtain OIDC service IP and binds this
static IP as the ClusterIP address for Dex service

Adds `metalk8-auth` namespace which holds OIDC/authentication
cluster resources(PODS)

Automatically generate Dex deployment, service account,
cluster role and clusterrolebindings

The Dex chart.sls is generated from the Helm charts using:

```
$ ./charts/render.py dex metalk8s-auth charts/dex.yaml charts/dex/ >
salt/metalk8s/addons/dex/deployed/chart.sls

Add states to deploy Dex and related server certificates

Closes: #2007
Closes: #2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Ebaneck Ebaneck

Labels
topic:authentication Anything related to user authentication
Projects
None yet
Milestone
MetalK8s 2.6.0
Development

No branches or pull requests
1 participant
@Ebaneck