Identity Platform
- Identity Charmers | bundle
| Channel | Revision | Published |
|---|---|---|
| latest/edge | 39 | 14 Jan 2025 |
| istio/edge | 38 | 12 Jan 2025 |
| 0.3/edge | 32 | 20 Sep 2024 |
| 0.2/edge | 25 | 09 May 2024 |
| 0.1/edge | 17 | 25 Apr 2024 |
juju deploy identity-platform --channel edge
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
-
basic_auth_user | string
Enables the `basicAuth` middleware for **all** routes on this proxy. The format of this string must be: `name:hashed-password`, generated with e.g. htpasswd. Supported hashing algorithms are: MD5, SHA1, BCrypt. For more documentation see https://doc.traefik.io/traefik/middlewares/http/basicauth/ Once this config option is set, the username/password pair will be required to authenticate http requests on all routes proxied by this traefik app.
-
enable_experimental_forward_auth | boolean
Enables `forward-auth` middleware capabilities required to set up Identity and Access Proxy. This feature is experimental and may be unstable.
-
external_hostname | string
The DNS name to be used by Traefik ingress. If unspecified, the gateway ingress ip address will be used, e.g, as provided by MetalLB. This needs to be a `bare` hostname: i.e. no schema prefix and no port.
-
routing_mode | string
Default: path
The routing mode allows you to specify how Traefik going to generate routes on behalf of the requesters. Valid values are "path" and "subdomain". With the "path" routing mode, Traefik will use its externally-visible url, and create a route for the requester that will be structure like: `<external_url>/<requester_model_name>-<requester_application_name>-<requester-unit-index>` For example, an ingress-per-unit provider with `http://foo` external URL, will provide to the unit `my-unit/2` in the `my-model` model the following URL: `http://foo/my-model-my-unit-2` With the "subdomain" routing mode, Traefik will use its externally-visible url, and create a route for the requester that will be structure like: `<protocol>://<requester_model_name>-<requester_application_name>-<requester-unit-index>.<external_hostname>:<port>/` For example, an ingress-per-unit provider with `http://foo:8080` external URL, will provide to the unit `my-unit/2` in the `my-model` model the following URL: `http://my-model-my-unit-2.foo:8080` Note that, for 'subdomain' routing mode, the external_hostname must be set and not be set to an IP address. This is because subdomains are not supported for IP addresses.
-
tls-ca | string
CA cert used for TLS termination.
-
tls-cert | string
SSL cert used for TLS termination.
-
tls-key | string
Key used for TLS termination.