mac 上学习k8s系列（8）external auth

% curl -i https://httpbin.org/basic-auth/user/passwd         
HTTP/2 401 
date: Thu, 26 Aug 2021 02:40:51 GMT
content-length: 0
server: gunicorn/19.9.0
www-authenticate: Basic realm="Fake Realm"
access-control-allow-origin: *
access-control-allow-credentials: true

% curl -i https://user:passwd@httpbin.org/basic-auth/user/passwd
HTTP/2 200 
date: Thu, 26 Aug 2021 02:41:04 GMT
content-type: application/json
content-length: 47
server: gunicorn/19.9.0
access-control-allow-origin: *
access-control-allow-credentials: true

{
  "authenticated": true, 
  "user": "user"
}

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/auth-url: https://httpbin.org/basic-auth/user/passwd
  creationTimestamp: 2016-10-03T13:50:35Z
  generation: 1
  name: external-auth
  namespace: default
  resourceVersion: "2068378"
  selfLink: /apis/networking/v1/namespaces/default/ingresses/external-auth
  uid: 5c388f1d-8970-11e6-9004-080027d2dc94
spec:
  rules:
  #- host: external-auth-01.sample.com
   - http:
      paths:
      - pathType: Prefix
        path: /apple
        backend:
          service:
            name: apple-service
            port:
              number: 5678
#status:
#  loadBalancer:
#    ingress:
#    - ip: 172.17.4.99

kubectl delete -f ../../ingress-controller.yaml
kubectl delete -f ../basicAuth/ingress-with-auth.yaml
kubectl apply -f ingress-external-auth.yaml 
kubectl apply -f ../../ingress-controller.yaml

curl 127.0.0.1/apple                     


<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx</center>
</body>
</html>

% curl user:passwd@127.0.0.1/apple
/apple%