Reader small image

You're reading from  Kubernetes – An Enterprise Guide - Second Edition

Product typeBook
Published inDec 2021
PublisherPackt
ISBN-139781803230030
Edition2nd Edition
Right arrow
Authors (2):
Marc Boorshtein
Marc Boorshtein
author image
Marc Boorshtein

Marc Boorshtein has been a software engineer and consultant for 20 years and is currently the CTO (Chief Technology Officer) of Tremolo Security, Inc. Marc has spent most of his career building identity management solutions for large enterprises, U.S. Government civilian agencies, and local government public safety systems.
Read more about Marc Boorshtein

Scott Surovich
Scott Surovich
author image
Scott Surovich

Scott Surovich has been involved in the industry for over 25 years and is currently the Global Container Engineering Lead at a tier 1 bank as the Global on-premises Kubernetes product owner architecting and, delivering cluster standards, including the surrounding ecosystem. His previous roles include working on other global engineering teams, including Windows, Linux, and virtualization.
Read more about Scott Surovich

View More author details
Right arrow

Configuring your cluster for impersonation

Let's deploy an impersonating proxy for our cluster. Assuming you're reusing your existing cluster, we'll upgrade our existing orchestra Helm deployment with an updated openunison-values.yaml file:

  1. First, delete the current TLS secret for OpenUnison since it doesn't have the right configuration for Impersonation. When we update the orchestra Helm chart, the operator will generate a new certificate for us.
    kubectl delete secret ou-tls-certificate -n openunison
    
  2. Next, update our Helm chart to use impersonation. Edit the openunison-values.yaml file, update network.api_server_host as shown in the following snippet, and set enable_impersonation to true:
    network:
      openunison_host: "k8sou.apps.192-168-2-131.nip.io"
      dashboard_host: "k8sdb.apps.192-168-2-131.nip.io"
      api_server_host: "k8sapi.apps.192-168-2-131.nip.io"
      session_inactivity_timeout_seconds...
lock icon
The rest of the page is locked
Previous PageNext Page
You have been reading a chapter from
Kubernetes – An Enterprise Guide - Second Edition
Published in: Dec 2021Publisher: PacktISBN-13: 9781803230030

Authors (2)

author image
Marc Boorshtein

Marc Boorshtein has been a software engineer and consultant for 20 years and is currently the CTO (Chief Technology Officer) of Tremolo Security, Inc. Marc has spent most of his career building identity management solutions for large enterprises, U.S. Government civilian agencies, and local government public safety systems.
Read more about Marc Boorshtein

author image
Scott Surovich

Scott Surovich has been involved in the industry for over 25 years and is currently the Global Container Engineering Lead at a tier 1 bank as the Global on-premises Kubernetes product owner architecting and, delivering cluster standards, including the surrounding ecosystem. His previous roles include working on other global engineering teams, including Windows, Linux, and virtualization.
Read more about Scott Surovich