Merge pull request #909 from AirHelp/master

Dex on Kubernetes with RBAC authorization - documentation updated

Merge pull request #909 from AirHelp/master
Dex on Kubernetes with RBAC authorization - documentation updated
5c56fb76 · rithu leena john · GitHub · 2b8caf9b · 2e10e5a9 · 5c56fb76
Commit 5c56fb76 authored Apr 21, 2017 by rithu leena john Committed by GitHub Apr 21, 2017
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

kubernetes.md Documentation/kubernetes.md +4 -1

No files found.
--- a/Documentation/kubernetes.md
+++ b/Documentation/kubernetes.md
@@ -60,6 +60,7 @@ To run dex on Kubernetes perform the following steps:
 2. Spin up a Kubernetes cluster with the appropriate flags and CA volume mount.
 3. Create a secret containing your [GitHub OAuth2 client credentials][github-oauth2].
 4. Deploy dex.
+5. Create and assign 'dex' cluster role to dex service account (if RBAC authorization is used).
 The TLS assets can be created using the following command:
@@ -83,12 +84,14 @@ $ kubectl create secret \
    --from-literal=client-secret=$GITHUB_CLIENT_SECRET
 ```
-Finally, create the dex deployment, configmap, and node port service.
+Create the dex deployment, configmap, and node port service.
 ```
 $ kubectl create -f dex.yaml
 ```
+Assign cluster role to dex service account so it can create third party resources [Kubernetes third party resources](storage.md).
 __Caveats:__ No health checking is configured because dex does its own TLS termination complicating the setup. This is a known issue and can be tracked [here][dex-healthz].
 ## Logging into the cluster