From bb4e39aab66d40fb751e039971a1772cd8194941 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 13 Sep 2020 22:20:17 +0200 Subject: [PATCH] docs: add outpost deployment docs, link in outposts list --- docs/outposts/deploy-docker-compose.md | 20 ++++ docs/outposts/deploy-kubernetes.md | 99 +++++++++++++++++++ docs/outposts/outposts.md | 20 +--- mkdocs.yml | 5 +- .../administration/outpost/list.html | 1 + 5 files changed, 128 insertions(+), 17 deletions(-) create mode 100644 docs/outposts/deploy-docker-compose.md create mode 100644 docs/outposts/deploy-kubernetes.md diff --git a/docs/outposts/deploy-docker-compose.md b/docs/outposts/deploy-docker-compose.md new file mode 100644 index 000000000..2c2719c1c --- /dev/null +++ b/docs/outposts/deploy-docker-compose.md @@ -0,0 +1,20 @@ +# Outpost deployment in docker-compose + +To deploy an outpost with docker-compose, use this snippet in your docker-compose file. + +You can also run the outpost in a separate docker-compose project, you just have to ensure that the outpost container can reach your application container. + +```yaml +version: 3.5 + +services: + passbook_proxy: + image: beryju/passbook-proxy:0.10.0-stable + ports: + - 4180:4180 + - 4443:4443 + environment: + PASSBOOK_HOST: https://your-passbook.tld + PASSBOOK_INSECURE: 'true' + PASSBOOK_TOKEN: token-generated-by-passbook +``` diff --git a/docs/outposts/deploy-kubernetes.md b/docs/outposts/deploy-kubernetes.md new file mode 100644 index 000000000..dd19b1ca7 --- /dev/null +++ b/docs/outposts/deploy-kubernetes.md @@ -0,0 +1,99 @@ +# Outpost deployment on Kubernetes + +Use the following manifest, replacing all values surrounded with `__`. + +Afterwards, configure the proxy provider to connect to `..svc.cluster.local`, and update your Ingress to connect to the `passbook-outpost` service. + +```yaml +api_version: v1 +kind: secret +metadata: + labels: + app.kubernetes.io/instance: test + app.kubernetes.io/managed-by: passbook.beryju.org + app.kubernetes.io/name: passbook-proxy + app.kubernetes.io/version: 0.10.0 + name: passbook-outpost-api +string_data: + passbook_host: '__PASSBOOK_URL__' + passbook_host_insecure: 'true' + token: '__PASSBOOK_TOKEN__' +type: Opaque +--- +api_version: apps/v1 +kind: deployment +metadata: + labels: + app.kubernetes.io/instance: test + app.kubernetes.io/managed-by: passbook.beryju.org + app.kubernetes.io/name: passbook-proxy + app.kubernetes.io/version: 0.10.0 + name: passbook-outpost +spec: + selector: + match_labels: + app.kubernetes.io/instance: test + app.kubernetes.io/managed-by: passbook.beryju.org + app.kubernetes.io/name: passbook-proxy + app.kubernetes.io/version: 0.10.0 + template: + metadata: + labels: + app.kubernetes.io/instance: test + app.kubernetes.io/managed-by: passbook.beryju.org + app.kubernetes.io/name: passbook-proxy + app.kubernetes.io/version: 0.10.0 + spec: + containers: + - env: + - name: PASSBOOK_HOST + value_from: + secret_key_ref: + key: passbook_host + name: passbook-outpost-api + - name: PASSBOOK_TOKEN + value_from: + secret_key_ref: + key: token + name: passbook-outpost-api + - name: PASSBOOK_INSECURE + value_from: + secret_key_ref: + key: passbook_host_insecure + name: passbook-outpost-api + image: beryju/passbook-proxy:0.10.0 + name: proxy + ports: + - containerPort: 4180 + name: http + protocol: TCP + - containerPort: 4443 + name: http + protocol: TCP +--- +api_version: v1 +kind: service +metadata: + labels: + app.kubernetes.io/instance: test + app.kubernetes.io/managed-by: passbook.beryju.org + app.kubernetes.io/name: passbook-proxy + app.kubernetes.io/version: 0.10.0 + name: passbook-outpost +spec: + ports: + - name: http + port: 4180 + protocol: TCP + targetPort: http + - name: https + port: 4443 + protocol: TCP + targetPort: https + selector: + app.kubernetes.io/instance: test + app.kubernetes.io/managed-by: passbook.beryju.org + app.kubernetes.io/name: passbook-proxy + app.kubernetes.io/version: 0.10.0 + type: ClusterIP +``` diff --git a/docs/outposts/outposts.md b/docs/outposts/outposts.md index 377918ff1..b71eff524 100644 --- a/docs/outposts/outposts.md +++ b/docs/outposts/outposts.md @@ -6,21 +6,9 @@ An outpost is a single deployment of a passbook component, which can be deployed Upon creation, a service account and a token is generated. The service account only has permissions to read the outpost and provider configuration. This token is used by the Outpost to connect to passbook. -To deploy an outpost, you can for example use this docker-compose snippet: +To deploy an outpost, see: -```yaml -version: 3.5 +- [Kubernetes](deploy-kubernetes.md) +- [docker-compose](deploy-docker-compose.md) -services: - passbook_proxy: - image: beryju/passbook-proxy:0.10.0-stable - ports: - - 4180:4180 - - 4443:4443 - environment: - PASSBOOK_HOST: https://your-passbook.tld - PASSBOOK_INSECURE: 'true' - PASSBOOK_TOKEN: token-generated-by-passbook -``` - -In future versions, this snippet will be automatically generated. You will also be able to deploy an outpost directly into a kubernetes cluster.w +In future versions, this snippet will be automatically generated. You will also be able to deploy an outpost directly into a kubernetes cluster. diff --git a/mkdocs.yml b/mkdocs.yml index 1a3455098..50b205964 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -30,7 +30,10 @@ nav: - OAuth2: providers/oauth2.md - SAML: providers/saml.md - Proxy: providers/proxy.md - - Outposts: outposts/outposts.md + - Outposts: + - Overview: outposts/outposts.md + - Deploy on docker-compose: outposts/deploy-docker-compose.md + - Deploy on Kubernetes: outposts/deploy-kubernetes.md - Expressions: - Overview: expressions/index.md - Reference: diff --git a/passbook/admin/templates/administration/outpost/list.html b/passbook/admin/templates/administration/outpost/list.html index 38e97844c..b539cfa52 100644 --- a/passbook/admin/templates/administration/outpost/list.html +++ b/passbook/admin/templates/administration/outpost/list.html @@ -69,6 +69,7 @@ {% trans 'Edit' %} {% trans 'Delete' %} + {% trans 'Deploy' %} {% endfor %}