在longhorn官网上存在longhorn的ingress部署清单可以直接使用

https://longhorn.io/docs/1.1.2/deploy/accessing-the-ui/longhorn-ingress/

longhorn的Dashboard默认没有进行认证,可以直接进行访问,这个做法是十分不安全的。所以需要对其进行一个basic认证

1.创建一个basic认证文件

1
root@k8s-master01:~/yaml/chapter13# USER=Masuri; PASSWORD=123456; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth

2.创建一个secret

1
root@k8s-master01:~/yaml/chapter13# kubectl -n longhorn-system create secret generic basic-auth --from-file=auth

3.创建ingress资源清单

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
root@k8s-master01:~/yaml/chapter13# vim longhorn-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: longhorn-ingress
  namespace: longhorn-system
  annotations:
    # type of authentication
    nginx.ingress.kubernetes.io/auth-type: basic
    # prevent the controller from redirecting (308) to HTTPS
    nginx.ingress.kubernetes.io/ssl-redirect: 'false'
    # name of the secret that contains the user/password definitions
    nginx.ingress.kubernetes.io/auth-secret: basic-auth
    # message to display with an appropriate context why the authentication is required
    nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
    nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
  rules:
  - http:
      paths:
      - pathType: Prefix
        path: "/longhorn(/|$)(.*)"
        backend:
          service:
            name: longhorn-frontend
            port:
              number: 80

4.应用资源清单

1
2
root@k8s-master01:~/yaml/chapter13# kubectl apply -f longhorn-ingress.yaml
ingress.networking.k8s.io/longhorn-ingress created

5.测试访问

输入密码后