Duo Network Gateway & Kubernetes?


#1

I’m currently using DAG for securing applications in my environment, and am interested in the Duo Network Gateway but the documentation is a little hard to parse and I have a special case in which I’m using it.

I have re-written the docker-compose files as Kubernetes services and deployments but have run into a few issues. Even if this wasn’t a Kubernetes deployment, I still believe I would have similar questions to the below.

DNG is 3 containers - admin, portal, and a redis container. The admin was the easy one, that’s the site where the config is done, I ended up pointing redis at an AWS elasticache because the .rdb file was being overwritten every time I re-launched a new pod, that leads me to my final problem.

What is the “portal” pod for?? It’s given me some errors that the Nginx services isn’t able to start, and it doesn’t seem to be listening on any port, (HTTP? HTTPS?), it seems the admin port is the only one listening.


#2

Hi seth.

The “portal” container is how end users access the Duo Network Gateway (it handles the redirect to the SAML IdP for primary auth, etc.). It should be listening on 80 and 443, while “Admin” listens on 8443.