TL;DR

Create a portal for developers and admins using Kubernetes native APIs
Add applications that support your cluster to the OpenUnison portal
Cut down on external dependencies when deploying clusters
Automate authentication

In our last post, Building a Multi-Cluster Authentication Portal, we talked about integrating multiple clusters into a single OpenUnison portal. Your clusters are made of more then just Kubernetes though. You have source control systems, dashboards, etc, that all have user interfaces and need authentication. Even if you have already integrated authentication directly for a system, like your enterprise GitHub or AWS console, you still want to provide a single starting point for your developers to access these applications.

Enter OpenUnison 1.0.20! You could always add and customize to OpenUnison, but now you can do it by adding objects to your Kubernetes namespace. No need to rebuild. We added documentation for integrating ArgoCD into OpenUnison. You can follow the same model for adding other applications too to build you developer portal!

ArgoCD Integrated into OpenUnison

Using OpenUnison as your developer portal gives your developers and administrators a single place to access tools for your clusters from. It also cuts down on external dependencies when on-boarding new systems. Lets say your standard cluster, in addition to Kubernetes, has ArgoCD and GitLab in it and your centralized authentication provider is Okta. Using a traditional approach you would need to create trusts between Kubernetes, ArgoCD, and GitLab to Okta.

Using OpenUnison, you only need to establish one trust between OpenUnison and Okta. When adding a new cluster you're team is able to onboard each application's SSO capabilities using Kubernetes APIs without having to rely on the Okta team to onboard them. This lets you automate cluster creation and removing an important external dependency!

Interested in building your own developer portal with OpenUnison? Take a look at our editions for authenticating with Active Directory, GitHub, SAML2, and OpenID Connect to get started!

Related Posts

Using Okta with Kubernetes

Combine OpenUnison and Okta for a simple and powerful access solution for Kubernetes. Combine CLI access and the dashboard to provide a unified login system for your Kubernetes clusters and control access using Okta groups.

Amazon EKS and OIDC

Amazon EKS now supports OpenID Connect! This post will take you through the setup and configuration of integrating your cluster with Okta and OpenUnison.

February 15, 2021

Pipelines and Kubernetes Authentication

Don't use ServiceAccount tokens in your external pipelines. Learn why you shouldn't use ServiceAccount tokens and how to properly authenticate your pipelines to your Kubernetes cluster.

September 1, 2020

Building a Developer Portal

Integrate the applications that manage your cluster, like ArgoCD, into your OpenUnison deployment to give your developers and admins a central portal for accessing those applications.

August 24, 2020

Building a Multi Cluster Authentication Portal

Quickly build a multi-cluster authentication portal for all your clusters, both on-premises and managed in the cloud. In this blog post we'll walk you through creating an authentication portal for accessing all your clusters and dashboards from a single site.

Kubectl without Configuration Files

Login to your clusters with no upfront configuration!

Multi-tenant Amazon EKS - The Easy Way - Part I: Authentication

Use Active Directory to login to your Amazon EKS clusters and use AD groups to authorize access to your cluster.

Kubernetes Impersonation, DUO, Okta, and AzureAD in OpenUnison 1.0.18

New features in OpenUnison 1.0.18 - Kubernetes Impersonation, Prometheus metrics, Okta and AzureAD support.

Kubernetes and Active Directory with Canonical

Use OopenUnison to integration Active Directory and Cononical's Kubernetes Distribution!

Beyond RBAC in OpenShift – Open Policy Agent

February 21, 2020

Automate OpenShift Identity Management and Project Deployment with Unison 1.0.10

February 21, 2020

Containers are (Not) Doomed Because of Dirty Cow, and Why Identity Management is Important For Mitigation

Unison 1.0.8 Available

February 24, 2020

Kubernetes on Raspberry Pi II – Networking

February 24, 2020

Building an Identity Enabled Kubernetes Cluster on Raspberry Pi

February 24, 2020

Missed Google DevFestDC? Here’s My Talk on Kubernetes Identity Management

February 24, 2020

Kubernetes Identity Management Part II – RBAC and User Provisioning

Open Source Identity Manager for Red Hat Identity Management and FreeIPA

Kubernetes Identity Management - Part I : SSO

Details on our OpenShift Demo

Multi-tenant Amazon EKS The Easy Way - Part II : Provisioning Namespaces

Automate the creation of namespaces and on-boarding of users for EKS with a self-service portal that takes administrators out of user management.

December 14, 2020

Is Kubernetes Multi-Tenant?

Building a multi-tenant cluster will lead to better experience for your customers and an overall more secure platform. In this blog post learn why Kubernetes is an important part of a multi-tenant platform.

January 5, 2021

OpenUnison Operator 2.0, New Helm Charts, and Portal Updates

OpenUnison includes better support for long term management, NetworkPolicies, and more!

Secure Access to Kubernetes From Your Pipeline

Secure access to Kubernetes from your pipelines without a third party identity provider

What the NSA and CISA Left Out of Their Kubernetes Hardening Guide

See what the NSA and CISA left out of their Kubernetes hardening guide for authentication and authorization!

Receive Email Updates

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.