I’m fairly new to Kubernetes in general, I’ve only been working with it for about 8 months and coming from 20 years of working in the Microsoft world it’s been quite the adjustment, but I’m totally loving k3os and we’re looking to utilize it in our environment, however we plan on using Octopus to manage deployments at scale (thousands) and that tool specifically uses either username/password or tokens to authenticate to clusters.
Here is their walkthru on how to use cluster auth:
Essentially, whatever I use would end up being unique to every cluster, and while that is ideal from a security perspective, in all honesty given the other security considerations for each cluster, we’re fine using a shared secret in all clusters due to scale (again, thousands).
I was hoping someone could assist in pointing me in a direction here, such that I could specify a shared secret/token/service account that would allow me to pre-create “targets” in Octopus and basically automate the entire infrastructure build out in Octopus. Currently we’re extracting the user/pass from the
kubectl config view command and that is very much not ideal nor barely able to be automated (barring some nasty remote powershell hackery and a flat file, which I’d rather avoid).
Any help would be appreciated. Thanks, and thanks for working so hard on k3os, it’s really a great product!