https://prefect.io logo
Channels
Powered by
r

Raed

07/07/2021, 6:56 PM
Hey guys are there any guides for setting server up on AKS with an external URL and authentication?
k

Kevin Kho

07/07/2021, 8:07 PM
Hey @Raed, we don’t have any guides but we’ll see if the community has any thoughts here
a

Aiden Price

07/07/2021, 11:05 PM
No guides sorry, but I have done it. We used Azure AD with the open source OAuth2-proxy https://github.com/oauth2-proxy/oauth2-proxy
👍 1
е

Евгений Берендяев

07/09/2021, 7:24 AM
Hi @Aiden Price, can you please provide high-level steps that you’ve done? I would be very appreciated 🙏
a

Aiden Price

07/09/2021, 7:32 AM
Hi, very quickly, I made a copy of the Prefect helm chart from the server repo, then I added in my own copy of the oauth2-proxy helm chart as a dependency, then its a matter of getting the right config for the oauth2-proxy which will depend on you Azure AD set up.
Example oauth2-proxy config
Copy code
kind: ConfigMap
apiVersion: v1
metadata:
  name: prefect-oauth2-config
  namespace: your-namespace
  labels:
    app: oauth2-proxy
data:
  oauth2_proxy.cfg: |-
    provider = "azure"
    azure_tenant = "XXXXXXXXXXXXXXXXXX"
    scope = "<api://YYYYYYYYYYYYYYYYYYYYYYYYYY/default>"
    redirect_url = "<https://zzzzzzzzz.com/oauth2/callback>"
    email_domains = [ "*" ]
    upstreams = ["<http://prefect-apollo.your-namespace:4200/graphql/>","<http://prefect-ui.your-namespace:8080/>"]
    silence_ping_logging = true
    session_store_type = "redis"
    redis_connection_url = "<redis://prefect-redis-master.your-namespace:6379>"
2 Views
Powered by