stackoom
  简体   繁体   中英

Portainer - OAuth conf. with multiple cluster nodes

 原文  2023-01-30 11:01:37       google-oauth/ docker-swarm/ portainer

Question

I've installed 3 nodes with Docker Swarm and Portainer:

  • node1.int.org
  • node2.int.org
  • node3.int.org

Portainer uses Google Credential to authenticate each users.

The problem is that into the Redirect URL I can specify only one node (in the image below, node1.int.org ). If the node1.int.org die, and I use node2.int.org or node3.int.org to login, the redirect doesn't work!

What is the best practice to solve this problem?

Thank you

在此处输入图像描述

1 answers

solution1
 0  2023-01-31 08:23:49

You create DNSRR records: swarm.int.org A IP1 swarm.int.org A IP2 *.swarm.int.org CNAME swarm.int.org

and then use "swarm.int.org" in place of "node1.int.org" when addressing swarm hosted services.

Bonus Point 1

Use Traefik to handle ssl offloading, so "https://swarm.int.org" can be used to connect to Portainer on the swarm.

Bonus Point 2

Use keepalived or similar to allocate a pool of VIPs and map the DNSRR entries to those. This means even if nodes go down the IPs and thus DNS entries keep routing to healthy nodes.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question oAuth token for multiple services Multiple scope urls oauth google oauth callback appending parameters multiple times Configure multiple login sessions using google oauth Google OAuth Consent - Internal - Multiple separate organisations Google Internal oAuth Consent Screen with multiple domains Javascript library for multiple OAuth 2.0 OAuth multiple accounts login on deny Google+ API rate limit for OAuth based authentication for multiple users Authentication to google API from multiple MCCs using OAuth Playground
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM