I am working on both Kubernetes and OpenShift. What I am missing in Kubernetes is the Authentication and Authorization mechanism that has OpenShift.
I want to manage users, limit users access to namespaces, advanced RBAC operations, etc..
I saw some integration of OIDC using Google or Github, but it is very limited and not really OpenShift-like..
I saw some integration of OIDC using Google or Github, but it is very limited and not really OpenShift-like..
My understanding about "OpenShift-like.." is meaning various identity providers
can be configure simply as specifying parameters in the configuration file, and provided various built in authorization role
set as default
.
Personally, I think Kubernetes
might be configured like OpenShift
, but it seems to struggle to implement your needs simply. You should configure manually to apiserver
of Kubernetes
and defined the roles
you want or required based on RBAC
. Yes, Kubernetes
have the features as follows, but it's not to configure as easy as OpenShift
.
Kunernetes
OpenShift
OpenShift
is Enterprise Kubernetes
+ CI/CD
+ Support Services
, so OpenShift
is extended from basic Kubernetes
. Additionally, it has implemented various comfortable features about authentication and authorization by simple format, because it's not only container orchestration but it is also enterprise solution.