Skip to main content
Version: 2.8

Configure access to the Portworx Backup web console

Configure access to the UI on Kubernetes

This section shows you how you can configure access to the Portworx Backup UI on Kubernetes.

Expose the UI on ingress and configure access using HTTPS

You can configure access to Portworx Backup through HTTPS by creating an ingress rule.

  1. Modify and paste the following spec into your one of your Portworx Backup nodes, entering your own values for the following:

    • spec.rules.host: specify the name of the host on which you've installed Portworx Backup

    • spec.tls.hosts specify the name of the host on which you've installed Portworx Backup

    • spec.tls.hosts.secretName: specify the name of the secret that holds your Kubernetes TLS certificates 

      cat <<< '
      apiVersion: networking.k8s.io/v1
      kind: Ingress
      metadata:
        annotations:
          ingress.bluemix.net/redirect-to-https: "True"
          kubernetes.io/ingress.class: nginx
          nginx.ingress.kubernetes.io/x-forwarded-port: "443"
        name: px-backup-ui-ingress
        namespace: px-backup
      spec:
        rules:
        - host: <px-backup-host>
          http:
            paths:
            - backend:
                service:
                  name: px-backup-ui
                  port:
                    number: 80
              path: /
              pathType: Prefix
        tls:
        - hosts:
          - <px-backup-host>
          secretName: <TLS-backup-secret>
      ' > /tmp/px-backup-ui-ingress.yaml
      note

      The secretName field is only required when you want to terminate TLS on the host/domain. Refer to your cloud provider for specific examples:

  2. Apply the spec:

    kubectl apply -f /tmp/px-backup-ui-ingress.yaml

  3. Retrieve the INGRESS_ENDPOINT using the kubectl get ingress command:

    kubectl get ingress px-backup-ui-ingress --namespace px-backup -o jsonpath="{.status.loadBalancer.ingress[0].hostname}"

    Once you have retrieved the INGRESS_ENDPOINT, you can use it to access the Portworx Backup web console with the HTTPS scheme. Use the default credentials (admin/admin) to log in:

    https://INGRESS_ENDPOINT

    Additionally, you can access the Keycloak UI at the /auth/ path:

    https://INGRESS_ENDPOINT/auth/

Access the Portworx Backup UI using a node IP

You can access Portworx Backup by directly navigating to one of your node's IP addresses.

  1. Find the public/external IP (NODE_IP) of any node in your current Kubernetes cluster.

  2. Find the node port (NODE_PORT) of the px-backup-ui service.

    Once you have found the node IP and port, you can combine them to access the Portworx Backup UI:

    http://NODE_IP:NODE_PORT

    Additionally, you can access the Keycloak UI at the /auth/ path:

    http://NODE_IP:NODE_PORT/auth/
    note

    You can access Portworx Backup web console with node IP in both internet-connected and air-gapped environments.

Access the Portworx Backup UI using the load balancer endpoint

You can also the access Portworx Backup UI by navigating to the load balancer using either its host name or IP address.

  1. Get the loadbalancer endpoint (LB_ENDPOINT) using one of the following commands:

    • Host:

      kubectl get ingress --namespace {{ .Release.Namespace }} px-backup-ui -o jsonpath="{.status.loadBalancer.ingress[0].hostname}"`

    • IP:

      kubectl get ingress --namespace {{ .Release.Namespace }} px-backup-ui -o jsonpath="{.status.loadBalancer.ingress[0].ip}"`

      • Once you have retrieved the load balancer endpoint, you can use it to access the Portworx Backup web console:

        http://LB_ENDPOINT

      • You can access the Keycloak UI at the /auth/ path:

        http://LB_ENDPOINT/auth/

Configure access to the Portworx Backup on OpenShift

This section shows how you can configure access to the Portworx Backup web console on OpenShift.

Access the Portworx Backup UI using a route

  1. Open the web console, go to Networking > Routes, and then select the Create Route button.

  2. On the Create Route page, configure your route by populating the following fields:

    • Name: enter a descriptive name
    • Hostname: specify a public hostname. If you leave this field empty, OpenShift will generate a hostname.
    • Path: leave this field unchanged.
    • Service: choose px-backup-ui from the dropdown list.
    • Target Port: choose 80 -> 8080

  3. When you have finished configuring your route, select the Create button.

  4. OpenShift now displays a link to the Portworx Backup UI on the Routes page. To access Portworx Backup, select that link.

    note

    If the customer is using AVI load balancer, disable HTTP-only cookies in the AVI web-console to resolve Keycloak access error. To disable, HTTP-only Cookies option, from the AVI home page, navigate to Virtual Services > edit ingress service > Settings > Profiles > Application Profile > choose System-Secure-HTTP from the drop down and then click edit icon > navigate to Security tab > deselect HTTP-only Cookies option.

Last updated on