Verrazzano Enterprise Container Platform – Verrazzano Authentication Proxy /docs/security/proxies/ Recent content in Verrazzano Authentication Proxy on Verrazzano Enterprise Container Platform Hugo -- gohugo.io Docs: Customize AuthProxy /docs/security/proxies/authproxy/ Mon, 01 Jan 0001 00:00:00 +0000 /docs/security/proxies/authproxy/ <p>The Verrazzano AuthProxy component enables authentication and authorization for Keycloak users accessing Verrazzano resources. You can customize the AuthProxy component using settings in the Verrazzano custom resource.</p> <p>The following table describes the fields in the Verrazzano custom resource pertaining to the <a href="../../../docs/reference/vpo-verrazzano-v1beta1/#install.verrazzano.io/v1beta1.AuthProxyComponent">AuthProxy component</a>.</p> <table> <thead> <tr> <th>Path to Field</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><code>spec.components.authProxy.kubernetes.replicas</code></td> <td>The number of pods to replicate. The default is <code>2</code> for the <code>prod</code> profile and <code>1</code> for all other profiles.</td> </tr> <tr> <td><code>spec.components.authProxy.kubernetes.affinity</code></td> <td>The pod affinity definition expressed as a standard Kubernetes <a href="https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity">affinity</a> definition. The default configuration spreads the AuthProxy pods across the available nodes. <div class="highlight"><pre>spec:<br> components:<br> authProxy:<br> kubernetes:<br> affinity:<br> podAntiAffinity:<br> preferredDuringSchedulingIgnoredDuringExecution:<br> - weight: 100<br> podAffinityTerm:<br> labelSelector:<br> matchExpressions:<br> - key: app<br> operator: In<br> values:<br> - verrazzano-authproxy<br> topologyKey: kubernetes.io/hostname </pre></div></td> </tr> </tbody> </table> <p>The following example customizes a Verrazzano <code>prod</code> profile as follows:</p> <ul> <li>Increases the replicas count to <code>3</code></li> <li>Changes the <code>podAffinity</code> configuration to use <code>requiredDuringSchedulingIgnoredDuringExecution</code></li> </ul> <style type="text/css"> code { margin: 0; padding: 0; } .copy-code-button { position: absolute; right: 0; top: -29px; font-size: 12px; line-height: 14px; width: 65px; color: white; background-color: #30638E; border: 1px solid #30638E; white-space: nowrap; padding: 6px 6px 7px 6px; } .copy-code-button:hover, .copy-code-button:focus{ background-color: gray; opacity: 1; } </style> <div class="clipboard"> <div class="highlight"> <pre tabindex="0"><code>apiVersion: install.verrazzano.io/v1beta1 kind: Verrazzano metadata: name: example-verrazzano spec: profile: prod components: authProxy: overrides: - values: replicas: 3 affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - verrazzano-authproxy topologyKey: kubernetes.io/hostname </code></pre></div> </div> <script> function createCopyButton(highlightDiv) { const button = document.createElement("button"); button.innerText = "Copy"; button.className = "copy-code-button"; button.addEventListener("click", () => copyCodeToClipboard(button, highlightDiv) ); addCopyButton(button, highlightDiv); } function addCopyButton(button, highlightDiv) { highlightDiv.insertBefore(button, highlightDiv.firstChild); const wrapper = document.createElement("div"); highlightDiv.parentNode.insertBefore(wrapper, highlightDiv); wrapper.appendChild(highlightDiv); } async function copyCodeToClipboard(button, highlightDiv) { let codeToCopy = highlightDiv.querySelector(":last-child > code, pre").innerText; let codeBlock = codeToCopy.split("\n"); let expectedLine = codeBlock.findIndex(line => line.toLowerCase().startsWith("# expected response") || line.toLowerCase().startsWith("# sample output")); if (expectedLine !== -1) { codeBlock.splice(expectedLine); } codeToCopy = codeBlock.join("\n"); codeToCopy = codeToCopy.replace(/^#(.*)$/gm, '').trim(); codeToCopy = codeToCopy.replace(/\$\s+/gm, '').trim(); codeToCopy = codeToCopy.replace(/\n{2,}/g,'\n'); console.log(codeToCopy); try { await navigator.clipboard.writeText(codeToCopy); } catch (err) { const textarea = document.createElement('textarea'); textarea.value = codeToCopy; document.body.appendChild(textarea); textarea.select(); document.execCommand('copy'); textarea.remove(); } button.blur(); button.innerText = "Copied"; setTimeout(function () { button.innerText = "Copy"; }, 2000); } document .querySelectorAll(".highlight") .forEach((highlightDiv) => createCopyButton(highlightDiv)); </script>