aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证

aws 短信验证

If you’re looking for a hassle free way to add authentication to your RShiny Apps you should check out polished.tech. In their own words:

如果你正在寻找一个轻松自由的方式来验证添加到您的RShiny应用程序,你应该检查出polished.tech 。 用他们自己的话说:

Polished is an R package that adds authentication, user management, and other goodies to your Shiny apps. Polished.tech is the quickest and easiest way to use polished.

Polished是一个R软件包,可为您的Shiny应用添加身份验证,用户管理和其他功能。 Polished.tech是使用抛光的最快,最简单的方法。

Polished.tech provides a hosted API and dashboard so you don’t need to worry about setting up and maintaining the polished API. With polished.tech you can stop worrying about boilerplate infrastructure and get back to building your core Shiny application logic.

Polished.tech提供了托管API和仪表板,因此您无需担心设置和维护完善的API。 使用Polished.tech,您可以不必担心样板结构,而可以重新构建核心的Shiny应用程序逻辑。

Polished.tech is a hosted solution for adding authentication to your RShiny Apps. It is completely free for the first 10 users, which gives you plenty of freedom to play around with it.

Polished.tech是用于向您的RShiny Apps添加身份验证的托管解决方案。 它对于前10个用户是完全免费的,为您提供了很大的自由使用它。

In this post we’ll go over how to:

在这篇文章中,我们将探讨如何:

  • Quickly and easily get started with the polished.tech hosted solution and grab your API credentials

    快速轻松地开始使用Polished.tech托管解决方案并获取您的API凭据

  • Test out your API credentials with a pre built docker container

    使用预先构建的Docker容器测试您的API凭据

  • Deploy an AWS Kubernetes (EKS) Cluster

    部署AWS Kubernetes(EKS)集群

  • Securely add your API credentials to an EKS cluster

    将您的API凭据安全地添加到EKS集群

  • Deploy a helm chart with a sample RShiny app using polished.tech authentication!

    使用Polished.tech身份验证通过示例RShiny应用程序部署舵图!

So let’s get started!

因此,让我们开始吧!

先决条件 (Prerequisites)

In order to complete the AWS portion of the tutorial you’ll need:

为了完成本教程的AWS部分,您需要:

码头工人 (Docker)

You will need Docker to run the Quickstart guide.

您将需要Docker来运行快速入门指南。

I always create a Docker image with all the CLI tools I need and keep a copy of any credentials directly in the project folder. You don’t need to especially know how to use Docker, as we will just be treating the container as a terminal.

我总是使用所需的所有CLI工具创建Docker映像,并将所有凭据的副本直接保存在项目文件夹中。 您不需要特别了解如何使用Docker,因为我们将容器视为终端。

If you prefer not to use Docker you will need to install all the CLI tools shown in the Dockerfile and run the shiny app locally.

如果您不想使用Docker,则需要安装Dockerfile中显示的所有CLI工具,并在本地运行闪亮的应用程序。

AWS IAM用户 (AWS IAM User)

If you want to deploy to AWS you’ll need an AWS IAM User, and that user’s API keys. For more information see the AWS docs.

如果要部署到AWS,则需要一个AWS IAM用户以及该用户的API密钥。 有关更多信息,请参阅AWS文档

This same AWS IAM user must have permission to create an EKS cluster. You can use this role, or a user with administrator privileges.

该相同的AWS IAM用户必须具有创建EKS集群的权限。 您可以使用此角色 ,也可以使用具有管理员特权的用户。

快速开始 (Quick Start)

If you already have your Polished API Credentials you can start here.

如果您已经拥有波兰语API凭证,则可以从此处开始。

docker run -it \
--rm \
-p 3838:3838 \
-e POLISHED_APP_NAME="my_first_shiny_app" \
-e POLISHED_API_KEY="XXXXXXXXXXXXXX" \
jerowe/polished-tech:latest

Add your own credentials to the POLISHED_APP_NAME and the POLISHED_API_KEY.

将您自己的凭据添加到POLISHED_APP_NAMEPOLISHED_API_KEY

Then open up a browser at localhost:3838 and login to your application using your polished.tech email and password combo.

然后打开一个位于localhost:3838的浏览器,并使用Polished.tech电子邮件和密码组合登录到您的应用程序。

注册并获取证书 (Sign up and Get your Credentials)

All these instructions are in the docs, and only here for the sake of completeness.

所有这些说明都在docs中 ,并且仅出于完整性考虑。

注册 (Sign up)

Head over to the dashboard URL and register. From there, log in, and you’ll see your account dashboard.

转到仪表板URL并注册。 从那里登录,您将看到您的帐户仪表板。

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

If you use Google or Microsoft you will be prompted to log in with those accounts. If you use email you will be prompted to create a password.

如果您使用Google或Microsoft,则系统将提示您使用这些帐户登录。 如果您使用电子邮件,将提示您创建密码。

可选-社交登录与电子邮件和密码 (Optional — Social Login vs Email & Password)

If you want to use the Social Login and deploy on AWS you will need to setup Firebase with your external domain. You only need to complete this step if you are deploying to a host other than localhost and want to use a social login provider such as Google. We’ll go into more detail when we deploy to AWS further down.

如果要使用社交登录并在AWS上进行部署,则需要使用外部域设置Firebase。 仅当要部署到localhost以外的主机并且要使用社交登录提供程序(例如Google)时,才需要完成此步骤。 当我们进一步部署到AWS时,我们将详细介绍。

获取您的API密钥 (Get your API Secret Key)

Head on over to the Dashboard, on the left-hand menu, click Accounts to get your Secret Key.

转到仪表板 ,在左侧菜单上,单击“ 帐户”以获取您的密钥。

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

Right it down somewhere! From here on out we will refer to it as the POLISHED_API_KEY.

把它放到某个地方! 从这里开始,我们将其称为POLISHED_API_KEY

创建一个应用 (Create an App)

You must create an app for this whole scheme to work.

您必须为整个方案创建一个应用程序。

On the left-hand menu click Shiny Apps.

在左侧菜单上,点击Shiny Apps

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

Write it down somewhere! From here on out we will refer to it as the POLISHED_APP_NAME.

把它写下来! 从现在开始,我们将其称为POLISHED_APP_NAME

将应用程序关联到您的用户 (Associate the App to your User)

(And potentially other users!)

(还有其他用户!)

Once you have an app, make sure to associate it with your user. This one got me the first time around because I don’t follow instructions well. ;-) If you skip this step you won’t be able to log in.

拥有应用程序后,请确保将其与用户关联。 这是我第一次来,因为我没有很好地遵循说明。 ;-)如果您跳过此步骤,则将无法登录。

On your dashboard in the left-hand menu go to Users, and associate the app to the user(s).

在左侧菜单的仪表板上,转到“ 用户” ,然后将应用程序与用户相关联。

You can either edit the user to allow access to the app or edit the app to give access to the user. Both accomplish the same goal.

您可以编辑用户以允许访问该应用程序,也可以编辑该应用程序以授予该用户访问权限。 两者都实现了相同的目标。

From the Users Menu

从用户菜单

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

From the App Menu

从应用程序菜单

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

测试您的凭证 (Test Your Credentials)

If you just want to test your credentials run the docker run command.

如果只想测试您的凭据,请运行docker run命令。

docker run -it \
--rm \
-p 3838:3838 \
-e POLISHED_APP_NAME="my_first_shiny_app" \
-e POLISHED_API_KEY="XXXXXXXXXXXXXX" \
jerowe/polished-tech:latest

With, of course, the credentials that I know you wrote down earlier. ;-)

当然,有了我知道您早些时候写下的凭证。 ;-)

Open your browser at localhost:3838 and login with your user email and password. You should see a screen that has your user UID and session info. Success!

localhost:3838打开浏览器,并使用用户电子邮件和密码登录。 您应该看到一个包含用户UID和会话信息的屏幕。 成功!

让我们部署我们的应用程序! (Let’s Deploy Our App!)

For the next part of the tutorial, we will discuss getting your app out there into the wild! I chose Kubernetes for this because it works absolutely everywhere, and the hosted AWS solution is nice. Also, deploying to Kubernetes allows you to easily encrypt your API keys, database credentials, etc.

对于本教程的下一部分,我们将讨论如何将您的应用发布到野外! 我之所以选择Kubernetes是因为它绝对可以在任何地方工作,而且托管的AWS解决方案很好 。 此外,部署到Kubernetes可使您轻松加密API密钥,数据库凭据等。

抢代码 (Grab the code)

If you would like to follow along clone the Github repo.

如果您想继续克隆Github仓库。

git clone https://github.com/jerowe/rshiny-with-polished-tech-eks

项目结构 (Project Structure)

There are two directories in the GitHub repo, auto-deployment, and rshiny-app-polished-auth.

GitHub存储库中有两个目录: auto-deployment,rshiny-app-polished-auth

The auto-deployment has a (slightly modified) Terraform EKS recipe to first deploy our EKS cluster, install our helm chart, and do some networking magic.

auto-deployment有一个(略作修改的) Terraform EKS配方,可以首先部署我们的EKS集群,安装头盔图,并进行一些网络魔术。

If you’ve never used Terraform before don’t worry. It’s really like a Makefile with a nicer syntax. A helm chart is the Kubernetes preferred method of packaging and defining applications.

如果您以前从未使用过Terraform,请不要担心。 它真的就像一个语法更好的Makefile。 舵图是Kubernetes打包和定义应用程序的首选方法。

Getting deep into the Helm chart would make this post way too long, but I go into more in this post.

越来越深入到头盔图表将使太长这篇文章的方式 ,但我去到更多的在这一职位。

There is also a Dockerfile in the root of the project system. This Dockerfile has everything you need to both deploy the EKS cluster and install the helm chart. It installs the aws-cli, terraform, helm, and kubectl cli tools. You could install these things on your local computer, but that would be painful. ;-)

项目系统根目录中还有一个Dockerfile 。 该Dockerfile具有部署EKS集群和安装舵图所需的一切。 它安装了aws-cliterraformhelmkubectl cli工具。 您可以在本地计算机上安装这些东西,但这会很痛苦。 ;-)

├── Dockerfile
├── README.md
├── auto-deployment
│ ├── eks
│ │ ├── aws.tf
│ │ ├── helm.tf
│ │ ├── helm_charts
│ │ │ ├── rshiny-eks
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── charts
│ │ │ │ ├── templates
│ │ │ │ │ ├── NOTES.txt
│ │ │ │ │ ├── _helpers.tpl
│ │ │ │ │ ├── deployment.yaml
│ │ │ │ │ ├── ingress.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ └── tests
│ │ │ │ │ └── test-connection.yaml
│ │ │ │ └── values.yaml
│ │ ├── main.tf
│ │ ├── outputs.tf
│ │ └── variables.tf
│ └── terraform-state
│ ├── main.tf
├── build_and_run_polished_app.sh
└── rshiny-app-polished-auth
├── Dockerfile
├── app.R
└── shiny-server.sh

Docker映像 (The Docker Image)

I built a docker image based on the Rocker/Shiny image.

我基于Rocker / Shiny镜像构建了一个docker镜像。

The important things to note here are that I deleted the default index.html and other sample apps, and added in my own app.R.

这里要注意的重要事情是,我删除了默认的index.html和其他示例应用程序,并在自己的app.R中添加了它。

环境变量 (Environmental Variables)

I added a startup CMD to add the POLISHED_* variables to /home/shiny/.Renviron. The shiny-server runs a clean process where it does not pick up on any outside environmental variables.

我添加了一个启动CMD来将POLISHED_*变量添加到/home/shiny/.Renviron 。 闪亮服务器运行一个干净的过程,在此过程中,它不会受到任何外部环境变量的影响

# rshiny-app-polished-auth/Dockerfile
FROM rocker/shiny:4.0.0
# Install everything needed for polished
RUN apt-get update && apt-get install -y \
libssl-dev
RUN R -e "install.packages('remotes')"
RUN R -e "remotes::install_github('tychobra/polished')"
RUN rm -rf /srv/shiny-server/*
COPY app.R /srv/shiny-server/app.R
COPY shiny-server.sh /usr/bin/shiny-server.sh

The shiny-server process runs cleanly, meaning we have to load in our POLISHED_*environmental variables from a ~/.Renviron file. If you need to add any other variables make sure you do that here and rebuild the docker image!

shiny-server进程运行良好,这意味着我们必须从~/.Renviron文件中加载POLISHED_*环境变量。 如果您需要添加任何其他变量,请确保在此处进行操作并重建Docker映像!

# rshiny-app-polished-auth/shiny-server.sh
#!/bin/sh
# Make sure that we add our Polished to our /home/shiny/.Renviron
env | grep POLISHED > /home/shiny/.Renviron
chown shiny:shiny /home/shiny/.Renviron
# Make sure the directory for individual app logs exists
mkdir -p /var/log/shiny-server
chown shiny.shiny /var/log/shiny-server
if [ "$APPLICATION_LOGS_TO_STDOUT" != "false" ];
then
# push the "real" application logs to stdout with xtail in detached mode
exec xtail /var/log/shiny-server/ &
fi
# start shiny server
exec shiny-server 2>&1

更新AWS区域 (Update the AWS Region)

The AWS region is set as us-east-1. If you need to change it take a look at auto-deployment/eks/variables.tf and auto-deployment/terraform-state/main.tf.

AWS区域设置为us-east-1 。 如果需要更改,请查看auto-deployment/eks/variables.tfauto-deployment/terraform-state/main.tf

可选-用于社交登录的Firebase设置 (Optional — Firebase Setup for Social Login)

If you want to use social login (Google, Microsoft, etc) you will need to get your own Firebase account and credentials. If you’re using email and password you can skip this step!

如果您想使用社交登录(Google,Microsoft等),则需要获取自己的Firebase帐户和凭据。 如果您使用的是电子邮件和密码,则可以跳过此步骤!

First, we’ll set up the Firebase Project, and then we’ll register an app to that project.

首先,我们将设置Firebase项目,然后将一个应用程序注册到该项目。

FireBase项目设置 (FireBase Project Setup)

Head on over to the FireBase console to set up a project. It’s pretty simple and the wizard will walk you through the steps. From there go to _Develop -> Authentication -> Sign-in Method. _Then enable Email + Password along with whichever Social Provider you’d like.

转到FireBase控制台以设置项目。 这非常简单,向导将引导您完成这些步骤。 从那里转到_Develop->身份验证->登录方法。 _然后启用电子邮件+密码以及您想要的任何社交服务提供商。

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

Make sure your social logins are green and enabled!

确保您的社交登录信息为绿色且已启用!

设置您的FireBase应用 (Setup your FireBase App)

Within your project, you’ll need to register an app and grab the credentials. In your Firebase project click on the settings icon, then on Add App.

在您的项目中,您需要注册一个应用并获取凭据。 在Firebase项目中,单击设置图标,然后单击“ 添加应用程序”。

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

Once you’ve registered your app you’ll get your app credentials.

注册应用后,您将获得应用凭据。

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

You’ll add these to your terraform recipe in the next step.

您将在下一步中将它们添加到您的Terraform配方中。

Add your Polished Credentials to the Terraform Recipe

将您的抛光凭证添加到Terraform配方中

Before you deploy your EKS cluster, make sure that you add in your Polished credentials.

在部署EKS群集之前,请确保您添加了波兰语凭据。

# auto-deployment/eks/variables.tf
# CHANGE THESE!
...
# Then make sure to add your user to the app!
variable "POLISHED_APP_NAME" {
default = "my_first_shiny_app"
}
# Grab this from the polished.tech Dashboard -> Account -> Secret
variable "POLISHED_API_KEY" {
default = "XXXXXXXXXXXXXXXXXX"
}
# Firebase credentials
# Only add these if you've setup your own firebase credentials
variable "POLISHED_FIREBASE_API_KEY" {
default = ""
}

If you’re following along with the Firebase instructions make sure you add your Firebase credentials too. If you aren’t just leave those as is.

如果您遵循Firebase的说明,请确保也添加Firebase凭据。 如果您不只是将这些保留原样。

Kubernetes的秘密 (Kubernetes Secrets)

You see that we add in our POLISHED_* variables as terraform variables, which are then added to our Kubernetes cluster as Secrets.

您会看到我们将POLISHED_*变量添加为terraform变量,然后将它们作为Secrets添加到我们的Kubernetes集群中。

Secrets get a little tricky because it feels like you have to add them to a million places, and it’s easy to get them out of sync. I’d suggest picking ONE, and only ONE way to reference your variables. Don’t get cute with it! ;-)

秘密变得有些棘手,因为您好像必须将其添加到一百万个位置,而且很容易使它们不同步。 我建议选择一种,并且只有一种方式可以引用您的变量。 不要可爱! ;-)

Your Kubernetes Secrets (generally) appear in 3 places:

您的Kubernetes秘密(通常)显示在3个地方:

  • In your Terraform Recipe (as secrets)

    在您的Terraform食谱中(作为秘密)

  • In your helm chart’s environmental variables in either values.yaml

    在舵图的环境变量中,使用任一values.yaml

  • Or in the templates/deployment.yaml.

    或在templates/deployment.yaml

The second just really depends on the way that your chart is organized.

第二个实际上取决于图表的组织方式。

Secrets can be tricky, so I’m showing them in a few different ways.

秘密可能很棘手,所以我以几种不同的方式展示它们。

Kubernetes的秘密-代码视图 (Kubernetes Secrets — Code View)

Here are our secrets in the terraform deployment:

这是在Terraform部署中的秘密:

# auto-deployment/eks/main.tf
locals {
secrets = [
{
name = "polished"
data = {
app_name = var.POLISHED_APP_NAME
api_key = var.POLISHED_API_KEY
}
},
]
}
resource "kubernetes_secret" "main" {
depends_on = [
module.eks,
]
count = length(local.secrets)
metadata {
name = local.secrets[count.index].name
labels = {
Project = local.cluster_name
Owner = "terraform"
}
}
data = local.secrets[count.index].data
type = "Opaque"
}

The Firebase secrets are there too, just not shown for the sake of not making this an encyclopedia. Now we read them into our RShiny App Deployment, telling Helm that they are Kubernetes secrets.

Firebase的秘密也在那里,只是为了不使其成为百科全书而未显示。 现在,我们将它们读入我们的RShiny App Deployment中,告诉Helm他们是Kubernetes的秘密。

# auto-deployment/helm_charts/rshiny-eks/values.yaml
env:
- name: POLISHED_API_KEY
valueFrom:
secretKeyRef:
# In terraform this is locals.secrets.[0].polish.data.api_key
name: polished
key: api_key
- name: POLISHED_APP_NAME
valueFrom:
secretKeyRef:
# In terraform this is locals.secrets.[0].polish.data.app_name
name: polished
key: app_name

Then, finally, in our actual deployment we add in the env keys from our values.yaml.

然后,最后,在我们的实际部署中,我们从values.yaml添加了env键。

containers:
- name: { { .Chart.Name }}
securityContext:
{ {- toYaml .Values.securityContext | nindent 12 }}
image: "{ { .Values.image.repository }}:{ { .Values.image.tag }}"
imagePullPolicy: { { .Values.image.pullPolicy }}
# Env vars are read in HERE
env:
- name: TAG
value: { { .Values.image.tag }}
{ {- toYaml .Values.env | nindent 12 }}

Kubernetes的秘密–图库图片 (Kubernetes Secrets — Image View)

Here’s a side by side view of the Secrets declared in our:

这是我们中宣布的“秘密”的并排视图:

  • Terraform Variables — auto-deployment/eks/variables.tf

    Terraform变量— auto-deployment/eks/variables.tf

  • Kubernetes Secrets — auto-deployment/eks/main.tf

    Kubernetes的秘密- auto-deployment/eks/main.tf

  • In the Helm chart — auto-deployment/eks/helm_charts/rshiny-eks/values.yaml( and in the containers[0].env of auto-deployment/eks/helm_charts/rshiny-eks/templates/deployment.yaml)

    在Helm图表中— auto-deployment/eks/helm_charts/rshiny-eks/values.yaml (以及在containers[0].env of auto-deployment/eks/helm_charts/rshiny-eks/templates/deployment.yaml )

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

部署到AWS Kubernetes集群(EKS) (Deploy to an AWS Kubernetes Cluster (EKS))

Now that we’ve covered all the basics let’s finally deploy our cluster!

现在,我们已经涵盖了所有基础知识,让我们最终部署集群!

构建Terraform Docker映像 (Build the Terraform Docker Image)

I like having everything I need to deploy a particular project in a Dockerfile. I have one of these for nearly every project I work on, because no one wants to keep track of deployments.

我喜欢拥有在Dockerfile中部署特定项目所需的一切。 在几乎所有我从事的项目中,我都有其中之一,因为没有人愿意跟踪部署。

Most of my projects look like:

我的大多数项目看起来像:

├── .aws
├── Dockerfile
├── README.md
├── auto-deployment

With the .aws directory having the AWS credentials for the project, the Dockerfile having the cli tools needed for deployment, and then the actual auto-deploy. If you don’t already have your AWS CLI configured you can read more about it on the AWS docs.

使用具有该项目的AWS凭证的.aws目录,具有部署所需的cli工具的Dockerfile,然后进行实际的自动部署。 如果尚未配置AWS CLI,则可以在AWS文档中阅读有关它的更多信息。

# From the project directory
docker build -t eks-k8 .
# If your aws credentials are someplace else be sure to change this!
# The default AWS cli credentials location is home
# If you keep your .aws credentials in the project folder use this command
#docker run -it -v "$(pwd):/project" -v "$(pwd)/.aws:/root/.aws" eks-k8 bash
# If your AWS credentials are in ~/.aws use this one
docker run -it \
-v "$(pwd):/project" -v "${HOME}/.aws:/root/.aws" eks-k8 bash

This will create an image with everything you need, and then drop you into the shell. From there treat your image like any other terminal.

这将创建具有所需所有内容的映像,然后将您放入外壳中。 从那里像其他终端一样对待您的图像。

初始化地形状态 (Initialize The Terraform State)

Remember how I said earlier Terraform is sort of like a Makefile? It keeps track of what operations it’s performed, resources it’s created or destroyed, as a part of its state. It can either keep track of those locally or in an S3 bucket or other types of storage. In our case, we’ll keep track of the state in an S3 Bucket.

还记得我之前说过的Terraform有点像Makefile吗? 作为其状态的一部分,它跟踪执行的操作,创建或销毁的资源。 它既可以跟踪本地数据,也可以跟踪S3存储桶或其他类型的存储中的数据。 在我们的案例中,我们将在S3存储桶中跟踪状态。

Now, S3 bucket names must be globally unique. This means that you and I can’t have the same S3 bucket name! I use a random number generator but you can also just change the name to something unique in_ auto-deployment/terraform-state/main.tf_

现在,S3存储桶名称必须是全局唯一的。 这意味着您和我不能使用相同的S3存储桶名称! 我使用随机数生成器,但您也可以将名称更改为唯一的in_ auto-deployment/terraform-state/main.tf _

# From within the eks-k8 docker image
cd /project/auto-deployment/terraform-state
terraform init; terraform refresh; terraform apply -auto-approve

部署集群! (Deploy the Cluster!)

Finally!

最后!

In one fell swoop, we will deploy our cluster, configure our various CLIs, install our helm chart, and get our external URL!

一口气,我们将部署集群,配置各种CLI,安装头盔图表并获取外部URL!

# From within the eks-k8 docker image
cd /project/auto-deployment/eks
terraform init; terraform refresh; terraform apply -auto-approve

Occasionally, stuff times out. You may have to run this command a few times. Grab a snack and watch it go!

有时,东西超时了。 您可能必须运行几次该命令。 抢小吃,看看吧!

By the end, you should see something like this –

最后,您应该会看到类似以下内容的信息-

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

看看我们的RShiny App (Check out our RShiny App)

If you were paying attention you will see lots and lots of output from the terraform command.

如果您关注的话,您将看到terraform命令的大量输出。

For the impatient, what we really want is to run this command to get the external URL.

对于不耐烦的人,我们真正想要的是运行此命令以获取外部URL。

export EXPOSED_URL=$(kubectl get svc --namespace default rshiny-nginx-ingress-controller -o json | jq -r '.status.loadBalancer.ingress[]?.hostname') 
echo $EXPOSED_URL

可选-将外部域添加到Firebase (Optional — Add External Domain to Firebase)

If you’ve been following along with setting up your own Firebase account then you will need to grab that external URL and add it to the Firebase Console. Go to Develop -> Authentication -> Sign in Methods -> Authorized Domains.

如果您一直在遵循自己的Firebase帐户设置,那么您将需要获取该外部URL并将其添加到Firebase控制台。 转到开发->身份验证->登录方法->授权域。

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

成功! (Success!)

Grab the $EXTERNAL_URL and open up a browser. You should see the polished.tech login page!

抓住$ EXTERNAL_URL并打开浏览器。 您应该会看到Polished.tech登录页面!

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

Then, when you login, you’ll see the session data!

然后,当您登录时,您将看到会话数据!

《aws 短信验证_在AWS Kubernetes上进行抛光的rshiny身份验证》

有用的命令 (Helpful Commands)

Here are some helpful commands for navigating your RShiny deployment on Kubernetes.

以下是一些有用的命令,可用于在Kubernetes上导航RShiny部署。

# Get a list of all running pods
kubectl get pods
# Describe the pod. This is very useful for troubleshooting!
kubectl describe pod PODNAME
# Drop into a shell in your pod. It's like docker run.
kubectl exec -it PODNAME bash
# Get the logs from stdout on your pod
kubectl logs PODNAME
# Get all the services and urls
kubectl get svc

关于SSL的快速说明 (A quick note about SSL)

Getting into SSL is a bit beyond the scope of this tutorial, but here are two resources to get you started.

入门SSL超出了本教程的范围,但是这里有两个资源可以帮助您入门。

The first is a Digital Ocean tutorial on securing your application with the NGINX Ingress. I recommend giving this article a thorough read as this will give you a very good conceptual understanding of setting up https.

首先是有关使用NGINX Ingress保护应用程序安全的Digital Ocean教程 。 我建议您仔细阅读本文,因为这将使您对设置https非常了解。

The second is an article by Bitnami. It is a very clear tutorial on using helm charts to get up and running with HTTPS, and I think it does an excellent job of walking you through the steps as simply as possible.

第二篇是Bitnami的文章。 这是一个非常清晰的教程,说明如何使用掌舵图来启动HTTPS并运行HTTPS,我认为它在引导您尽可能简单地完成这些步骤方面做得很好。

If you don’t care about understanding the ins and outs of https with Kubernetes just go with the Bitnami tutorial. ;-)

如果您不关心使用Kubernetes来了解https的来龙去脉,请阅读Bitnami教程。 ;-)

结语 (Wrap Up)

That’s it! Hopefully, you see how easy it is to get up and running with secure authentication using the polished.tech hosted service!

而已! 希望您能看到使用Polished.tech托管服务通过安全身份验证启动和运行非常容易!

If you have any questions or comments please reach out to me directly at jillian@dabbleofdevops.com. If you have any questions about the polished.tech authentication service check them out on their website.

如果您有任何疑问或意见,请直接通过jillian@dabbleofdevops.com与我联系 。 如果您对Polished.tech身份验证服务有任何疑问, 请在其网站上查看

资源资源 (Resources)

Polished Tech RShiny Authentication

抛光技术RShiny认证

Helm Charts

舵图

Terraform EKS Recipes

Terraform EKS食谱

Rocker Shiny Docker Image

摇杆闪亮的Docker映像

EKS — AWS Managed Kubernetes Clusters

EKS — AWS托管的Kubernetes集群

Add SSL Tutorial AWS — Regions

添加SSL教程 AWS —区域

AWS — Configure the CLI AWS — EKS IAM Policy

AWS —配置CLI AWS — EKS IAM策略

Originally published at https://www.dabbleofdevops.com.

最初发布在 https://www.dabbleofdevops.com

翻译自: https://levelup.gitconnected.com/rshiny-authentication-with-polished-on-aws-kubernetes-358baff9a61c

aws 短信验证

    原文作者:一二三是五六十
    原文地址: https://blog.csdn.net/weixin_26717681/article/details/108898875
    本文转自网络文章,转载此文章仅为分享知识,如有侵权,请联系博主进行删除。
点赞