deploying and using oauth2_proxy to Google Kubernetes Engine

deploying and using oauth2_proxy to Google Kubernetes Engine

Ever have a cool web application (Prometheus, Kubernetes Dashboard) and wanted/needed some sort of authentication mechanism for it? Enter oauth2_proxy. This post covers using a oauth2_proxy with Kubernetes and integrating it with an NGINX ingress controller and kube-cert-manager, allowing a user to slap on authentication to any web application. overview NOTE. I am no oauth expert, but I play one on TV. I may have some details mixed up… NOTE 2 - oauth image credit to Chris Messina
deploying and using kube-cert-manager with an NGINX Ingress Controller on Kubernetes

deploying and using kube-cert-manager with an NGINX Ingress Controller on Kubernetes

As Kubernetes has been used more and more over the past few years, aspects of it have gotten progressively easier. Deploying a web application, creating a loadbalancer ingress, creating an ingress controller, and so on. The manual processes have slowly disappeared. One piece of infrastructure that can be tedius to manage is Kubernetes TLS secrets. This post walks through automating Kubernetes TLS secrets for NGINX Ingress Controller HTTPS endpoints in Kubernetes, using LetsEncrypt and the kube-cert-manager.

Google Cloud service account notes

Most of these notes were created from configuring the kube-cert-manager. setting up Google Cloud SDK (gcloud config) This first section touches upon configuring Google Cloud, the Google Cloud SDK, and the GKE cluster. Create an example project in Google Cloud, then configure your gcloud CLI: gcloud config configurations create EXAMPLE gcloud config set project EXAMPLE-123456 gcloud config set account youremail@example.org creating the GKE cluster With the Google Cloud account setup and the Google Cloud SDK installed and configured, Create a Kubernetes cluster.