Open couturas opened 1 year ago
As far as I am aware, Carrier's auth functionality currently relies on a functionality that can be only found in traefik (called "forward auth"), therefore disabling it is not that straightforward and would require some code changes / adaptations. @arozumenko can probably reject / confirm this.
On the other hand I am not aware that traefik is not supported in openshift. It does not have to be run as the main ingress, but as a secondary one, installed inside carrier's namespace. Then the traffic from the main ingress in openshift should be redirected to traefik, this way should be possible to make carrier work. What is the error that you are encountering?
@attilavetesi-epam you absolutely right. traefik handles part of auth routing as well. Moving out of it - will require customization.
@couturas I see that Traefik can be used as a ingress on k8s (according to official docs), so it should work https://doc.traefik.io/traefik/providers/kubernetes-ingress/ guys from platform9 also have some guidance there https://platform9.com/learn/v1.0/tutorials/traefik-ingress
The helm chart prepared on the branch "k8s" (https://github.com/carrier-io/centry/tree/k8s/helm/carrier-io) should already handle deploying traefik plus all carrier components as required. The only changes that might be required in the chart is to adapt the https://github.com/carrier-io/centry/blob/4ebf5bc90f244e28aa8550aed49df572b28cfa7f/helm/carrier-io/templates/traefik-ingress.yaml#L5 file to your main openshift ingress (instead of nginx).
Also, please don't forget to change https://github.com/carrier-io/centry/blob/4ebf5bc90f244e28aa8550aed49df572b28cfa7f/helm/carrier-io/values.yaml#L54 to match your config, and read the next setup steps when helm displays the notes after you execute the helm install...
command (template of which can be found here: https://github.com/carrier-io/centry/blob/k8s/helm/carrier-io/templates/NOTES.txt).
Dear all, Thanks for your answers. I've shared those with our integration engineer.
Hello, We are trying to install Carrier on openshift platform. We encounter an issue with Traefik which seems to not be supported on openshift. Could you confirm ?
link : https://github.com/traefik/traefik
If it is the case : could we disable Traefik to use the default Ingress controller on openshift ?
Thanks for your help. Best regards, Jean-François