ingress-controller

command module

v0.17.2 Latest Latest Go to latest Published: May 5, 2022 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/pomerium/ingress-controller

Links

Open Source Insights

README ¶

Pomerium Kubernetes Ingress Controller

See docs for usage details.

System Requirements

Pomerium v0.15.0+
Kubernetes v1.19.0+
networking.k8s.io/v1 Ingress versions supported

Command Line Options

Namespaces

Ingress Controller may either monitor all namespaces (default), or only selected few, provided as a comma separated list to --namespaces command line option.

HTTPS endpoints

Ingress spec defines that all communications to the service should happen in cleartext. Pomerium supports HTTPS endpoints, including mTLS.

Annotate your Ingress with

ingress.pomerium.io/secure_upstream: true

Additional TLS may be supplied by creating a Kubernetes secret(s) in the same namespaces as Ingress resource. Note we do not support file paths or embedded secret references.

Note the referenced tls_client_secret must be a TLS Kubernetes secret. tls_custom_ca_secret and tls_downstream_client_ca_secret must contain ca.crt containing a .PEM encoded (Base64-encoded DER format) public certificate.

IngressClass

Create IngressClass for Pomerium Ingress Controller.

apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: pomerium
  annotations:
    ingressclass.kubernetes.io/is-default-class: "false"
spec:
  controller: pomerium.io/ingress-controller

Use ingressclass.kubernetes.io/is-default-class: "true" to mark Pomerium as default controller for your cluster and manage Ingress resources that do not specify an ingress controller in ingressClassName.

HTTP-01 solvers

In order to use http-01 ACME challenge solver, the following Pomerium configuration parameters must be set:

AUTOCERT: false (default)
HTTP_REDIRECT_ADDR: ':80'

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd Package cmd implements top level commands	Package cmd implements top level commands
controllers Package controllers implements ingress controller functions	Package controllers implements ingress controller functions
model Package model contains common data structures between the controller and pomerium config reconciler	Package model contains common data structures between the controller and pomerium config reconciler
pomerium Package pomerium implements logic to convert K8s objects into Pomerium configuration	Package pomerium implements logic to convert K8s objects into Pomerium configuration
envoy Package envoy contains functions for working with an embedded envoy binary.	Package envoy contains functions for working with an embedded envoy binary.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL