Step 1: Enable security in Portworx
This document guides you through enabling PX-Security in your cluster by adding a single flag to your
- You must have Portworx Operator 1.4 or greater
The Operator includes first-class support for PX-Security in the
StorageCluster spec. This means that the operator will auto-generate the following for you if security is enabled:
- Shared Secret stored under the secret
- Admin token stored under the secret
- User token stored under the secret
Enabling Security in your cluster
Enable security under
spec.securityof your StorageCluster:
apiVersion: core.libopenstorage.org/v1 kind: StorageCluster metadata: name: portworx namespace: kube-system spec: image: portworx/oci-monitor:22.214.171.124 security: enabled: true
You can now apply the StorageCluster spec and wait until Portworx is ready.
Once you’ve enabled security in Portworx, continue to the next section.
Note: To use
pxctlin this context, see use
pxctlwith security enabled. Otherwise, all
pxctlcommands will fail with an
Last edited: Friday, Apr 7, 2023
Questions? Visit the Portworx forum.