WIP: Example running OpenShift Origin as pod on Kubernetes #4591
Conversation
|
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project, in which case you'll need to sign a Contributor License Agreement (CLA) at https://cla.developers.google.com/. If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check the information on your CLA or see this help article on setting the email on your git commits. Once you've done that, please reply here to let us know. If you signed the CLA as a corporation, please let us know the company's name. |
derekwaynecarr
force-pushed
the
origin_example
branch
3 times, most recently
from
a059962 to
0f8e2a5
Compare
| $ examples/openshift-origin/secret-generator.sh | ||
| ``` | ||
|
|
||
| This will generate a secret resource that will contain all the information needed by a .kubeconfig file in order to authenticate with a provider. |
There was a problem hiding this comment.
@liggitt @deads2k I assume this is something we want to have as a command - generate a new .kubeconfig file that contains a targeted set of credentials (and those credentials may not be the user's). For instance, you may want to generate a token and generate a .kubeconfig for use with a pod, so the generate -> secrets upload -> launch flow would be important.
There was a problem hiding this comment.
generate a new .kubeconfig file that contains a targeted set of credentials
Can we get some examples of how the credential requestor and the generated credential identity is specified? Does the user we're generating for have to exist ahead of time? Do we need to bind roles to the identity?
derekwaynecarr
force-pushed
the
origin_example
branch
from
0f8e2a5 to
c013c4a
Compare
|
Coverage decreased (-0.01%) to 53.83% when pulling c013c4a146b2c4e2ffaafc423e72e19130700a04 on derekwaynecarr:origin_example into 984fb2e on GoogleCloudPlatform:master. |
derekwaynecarr
force-pushed
the
origin_example
branch
from
c013c4a to
b8172f9
Compare
|
LGTM, merging. |
WIP: Example running OpenShift Origin as pod on Kubernetes
|
I had this as WIP... not yet ready to merge, I need to send updates ;-) |
|
It was so awesome we had to merge it. :-) |
This is an example of running OpenShift Origin as a pod on Kubernetes.
It demonstrates the usage of secrets to allow OpenShift Origin to securely communicate with the Kubernetes provider.
This is very much work in progress, and does not fully work (yet).
/cc @smarterclayton @pmorie