authelia/docs/content/en/integration/kubernetes/introduction/index.md

2.3 KiB

title description lead date draft images menu weight toc aliases
Kubernetes An introduction into integrating Authelia with Kubernetes. An introduction into integrating Authelia with Kubernetes. 2022-05-15T13:52:27+10:00 false
integration
parent
kubernetes
510 true
/i/k8s

{{< figure src="kubernetes.png" alt="Kubernetes" width="100" style="padding-right: 10px" >}}

UNDER CONSTRUCTION

The following areas are actively being worked on for Kubernetes:

  1. Detailed Documentation
  2. Helm Chart for Helm v3 see our chart repository
  3. Kustomize Deployment
  4. Manifest Examples

Users are welcome to reach out directly by using any of our various contact options.

Important Notes

The following section has special notes regarding utilizing Authelia with Kubernetes.

External Traffic Policy

Authelia (and all of your other applications) may receive an invalid remote IP if the service handling traffic to the Kubernetes Ingress of your choice doesn't have the externalTrafficPolicy setting configured to local as per the Kubernetes preserving the client source ip documentation.

Authelia's configuration management system conflicts with the enableServiceLinks option when it's set to true which is the default. This should be changed to false. See the PodSpec v1 core documentation for more details.

Pod Example

---
apiVersion: v1
kind: Pod
metadata:
  name: authelia
spec:
  enableServiceLinks: false
...

FAQ

RAM usage

If using file-based authentication, the argon2id provider will by default use 1GB of RAM for password generation. This means you should allow for at least this amount in your deployment/daemonset spec and have this much available on your node, alternatively you can tweak the providers settings. Otherwise, your Authelia may OOM during login. See here for more info.