- Create a basic auth file
auth
:
It’s important the file generated is named auth (actually - that the secret has a key data.auth), otherwise the ingress-controller returns a 503
$ USER=<USERNAME_HERE>; PASSWORD=<PASSWORD_HERE>; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth
- Create a secret
$ kubectl -n longhorn-system create secret generic basic-auth --from-file=auth
- Create an Nginx ingress controller manifest
longhorn-ingress.yml
:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: longhorn-ingress
namespace: longhorn-system
annotations:
# type of authentication
nginx.ingress.kubernetes.io/auth-type: basic
# name of the secret that contains the user/password definitions
nginx.ingress.kubernetes.io/auth-secret: basic-auth
# message to display with an appropriate context why the authentication is required
nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: longhorn-frontend
servicePort: 80
- Create the ingress controller:
$ kubectl -n longhorn-system apply longhorn-ingress.yml
For AWS EKS clusters:
User need to create an ELB to expose nginx ingress controller to the internet. (additional cost may apply)