1. Create a basic auth file auth:

It’s important the file generated is named auth (actually - that the secret has a key data.auth), otherwise the ingress-controller returns a 503

$ USER=<USERNAME_HERE>; PASSWORD=<PASSWORD_HERE>; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth

  1. Create a secret

$ kubectl -n longhorn-system create secret generic basic-auth --from-file=auth

  1. Create an Nginx ingress controller manifest longhorn-ingress.yml :
  1. apiVersion: networking.k8s.io/v1beta1
  2. kind: Ingress
  3. metadata:
  4.   name: longhorn-ingress
  5.   namespace: longhorn-system
  6.   annotations:
  7.     # type of authentication
  8.     nginx.ingress.kubernetes.io/auth-type: basic
  9.     # name of the secret that contains the user/password definitions
  10.     nginx.ingress.kubernetes.io/auth-secret: basic-auth
  11.     # message to display with an appropriate context why the authentication is required
  12.     nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
  13. spec:
  14.   rules:
  15.   - http:
  16.       paths:
  17.       - path: /
  18.         backend:
  19.           serviceName: longhorn-frontend
  20.           servicePort: 80
  1. Create the ingress controller: $ kubectl -n longhorn-system apply longhorn-ingress.yml

For AWS EKS clusters:

User need to create an ELB to expose nginx ingress controller to the internet. (additional cost may apply)

  1. Create pre-requisite resources: https://github.com/kubernetes/ingress-nginx/blob/master/docs/deploy/index.md#prerequisite-generic-deployment-command

  2. Create ELB: https://github.com/kubernetes/ingress-nginx/blob/master/docs/deploy/index.md#aws