Added Basic Authentication to Ingress
Quote from moshe on 01/01/2022, 6:45 pmProblem
User installed EKS cluster on private and public networks and want to limit access to some services but expose them via ingress
add username / password protection for specific services
Solution
Create Password for your user
htpasswd -c auth myusername
Create Secret for Kubernetes
kubectl create secret generic basic-auth --from-file=auth
Check That secret has been created
kubectl get secret basic-auth -o yaml
Create the ingress and apply basic auth settings ( Kibana sample )
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: default
name: kibana-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/auth-realm: Authentication Required
nginx.ingress.kubernetes.io/auth-secret: basic-auth
nginx.ingress.kubernetes.io/auth-type: basic
spec:
rules:
– host: auth-ingress.tracston.com
http:
paths:
– backend:
serviceName: kibana-kibana
servicePort: 5601
path: /
pathType: ImplementationSpecific
Problem
User installed EKS cluster on private and public networks and want to limit access to some services but expose them via ingress
add username / password protection for specific services
Solution
Create Password for your user
htpasswd -c auth myusername
Create Secret for Kubernetes
kubectl create secret generic basic-auth --from-file=auth
Check That secret has been created
kubectl get secret basic-auth -o yaml
Create the ingress and apply basic auth settings ( Kibana sample )
Uploaded files:apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: default
name: kibana-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/auth-realm: Authentication Required
nginx.ingress.kubernetes.io/auth-secret: basic-auth
nginx.ingress.kubernetes.io/auth-type: basic
spec:
rules:
– host: auth-ingress.tracston.com
http:
paths:
– backend:
serviceName: kibana-kibana
servicePort: 5601
path: /
pathType: ImplementationSpecific