Portworx Documentation has moved to https://docs.portworx.com
Portworx Enterprise version 2.13 has reached end of life and end of extended maintenance. Refer to the release support policy doc here.
Upgrade to the latest version of Portworx Enterprise for continued support. Documentation for the latest version of Portworx Enterprise can be found here.
Upgrade to the latest version of Portworx Enterprise for continued support. Documentation for the latest version of Portworx Enterprise can be found here.
Step 1: Enable security in Portworx
This document guides you through enabling PX-Security in your cluster by adding a single flag to your StorageCluster
object.
Prerequisites
- You must have Portworx Operator 1.4 or greater
Overview
The Operator includes first-class support for PX-Security in the StorageCluster
spec. This means that the operator will auto-generate the following for you if security is enabled:
- Shared Secret stored under the secret
px-shared-secret
- Admin token stored under the secret
px-admin-token
- User token stored under the secret
px-user-token
Enabling Security in your cluster
Enable security under
spec.security
of your StorageCluster:apiVersion: core.libopenstorage.org/v1 kind: StorageCluster metadata: name: portworx namespace: kube-system spec: image: portworx/oci-monitor:2.6.0.1 security: enabled: true
You can now apply the StorageCluster spec and wait until Portworx is ready.
Once you’ve enabled security in Portworx, continue to the next section.
Note:
To use
pxctl
in this context, see use pxctl
with security enabled. Otherwise, all pxctl
commands will fail with an access denied
error.
Last edited: Tuesday, May 16, 2023
Questions? Visit the Portworx forum.