https://linen.dev logo
i

Ismail Omar

08/19/2021, 3:49 PM
Hello team, any best practice to deploy airbyte in production given that there is no authentication, I want to link it to a subdomain of mine for my team to be able to access it, anyone have tried this before?
u

user

08/19/2021, 7:52 PM
Nginx reverse proxy… https://www.domysee.com/blogposts/reverse-proxy-nginx-docker-compose I’ve not tried it yet, but it’s a pretty common pattern.
u

user

08/20/2021, 2:41 PM
You can also set up an authn/authz filter with Envoy proxy / Istio and oauth2-proxy
u

user

08/20/2021, 2:41 PM
There's also Ory Oathkeeper, Keycloak
u

user

08/20/2021, 2:42 PM
Also you can use Dex from the other happy octopus team https://argoproj.github.io/argo-cd/operator-manual/user-management/#dex
h

haf

08/20/2021, 2:43 PM
Or Apache Httpd with .httpwd
u

user

08/20/2021, 2:43 PM
u

user

08/20/2021, 2:43 PM
In short, you reverse proxy it.
u

user

08/21/2021, 4:31 PM
If you are running on GCP or AWS I believe you can use IAP or Incognito to get an easy secured public endpoint, tied to a company IDP, out of the box without setting up too much infra
u

user

08/22/2021, 6:43 AM
Thanks team, appreciate all the help 🙂
u

user

10/21/2021, 1:28 AM
All great tips! Helped me get set up so thanks everyone! Figured I’d throw my AWS based solution in here for anyone else who searches for this. I used nginx reverse proxy for basic http auth but plan on switching to AWS’s ALB in the future which supports OIDC out of the box.
d

Davin Chia (Airbyte)

11/02/2021, 6:44 PM
Hi @Seth Saperstein I have been looking for AWS based solution with NGNIX. It would be great if you can share to the community. I believe many people might be interested .
u

user

11/02/2021, 6:46 PM
Turning it to IaC currently. I’ll drop the link in here to the terraform once I get the nginx bits in IaC as well as the log forwarding to CW
u

user

11/02/2021, 8:30 PM
That would be great. Specifically with AWS CF or CDK.
5 Views