Is it posible with omni to add an existing talos cluster (no etcd manage) #1167
-
|
I would like to use omni as SSO for keycloak so I can authorize users over the web ui and give them permission for namespaces, so they can easily just download their kubeconfig file (over the ui). Is that possible. I want to use my existing talos cluster (and omni should not manage the etcd or else). Omni should only be used for my cluster so that other people can easily download their kubeconfig and I can as a group admin give them over the web ui (like Paralus https://github.com/paralus/paralus) the rights (so install omni operator as helm chart into the cluster). Is that possible? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Sorry that's not something we have plans to support. Omni "owns" the Talos configuration for machines that are connected to it and the clusters that are created. It does provide user authentication but it's not intended to be used for only user authentication. If you have a Kubernetes cluster running on top of Talos there are lots of ways to handle k8s authentication like OpenUnison which might be a better fit for what you're asking. |
Beta Was this translation helpful? Give feedback.
-
|
Or Paralus is also good. Was just thinking that omni would be nicer. |
Beta Was this translation helpful? Give feedback.
Sorry that's not something we have plans to support. Omni "owns" the Talos configuration for machines that are connected to it and the clusters that are created. It does provide user authentication but it's not intended to be used for only user authentication.
If you have a Kubernetes cluster running on top of Talos there are lots of ways to handle k8s authentication like OpenUnison which might be a better fit for what you're asking.