Skip to content
This repository has been archived by the owner on Jan 31, 2023. It is now read-only.

update readme to include kube-api oidc config #29

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

update readme to include kube-api oidc config #29

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a168246
update readme to include kube-api oidc config
Mar 29, 2019
9e436d5
update Complete SSO Integration with Kubernetes
Mar 30, 2019
36a9f0b
Add clarification to SSO integration
Mar 30, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,10 @@ Once you see `Completed`, you can exit the script (`Ctl+C`). This script create

Run `kubectl describe configmap api-server-config -n openunison` to get the SSO integration artifacts. The output will give you both the certificate that needs to be trusted and the API server flags that need to be configured on your API servers.

Copy the certificate to a file on your master nodes such as ```/etc/kubernetes/pki/ou-ca.pem```

Then add the parameters to ```/etc/kubernetes/manifests/kube-apiserver.yaml``` on your master nodes using the certificate file location above. The kube-apiservers will automatically restart.

## First Login

To login, open your browser and go to the host you specified for `OU_HOST` in your `input.props`. For instance if `OU_HOST` is `k8sou.tremolo.lan` then navigate to https://k8sou.tremolo.lan. You'll be prompted for your Active Directory username and password. Once authenticated you'll be able login to the portal and generate your `.kube/config` from the Tokens screen.
Expand Down