Step 1: Enable security in Portworx
This document guides you through enabling Portworx Security in your cluster by adding a single flag to your
- You must have Portworx Operator 1.4 or greater
The Operator includes first-class support for Portworx Security in the
StorageCluster spec. This means that the operator will auto-generate the following for you if security is enabled:
- Shared Secret stored under the secret
- Admin token stored under the secret
- User token stored under the secret
Enabling Security in your cluster
Enable security under
spec.securityof your StorageCluster:
apiVersion: core.libopenstorage.org/v1 kind: StorageCluster metadata: name: portworx namespace: kube-system spec: image: portworx/oci-monitor:126.96.36.199 security: enabled: true
You can now apply the StorageCluster spec and wait until Portworx is ready.
Once you’ve enabled security in Portworx, continue to the next section.