infra

command module

v0.1.0 Latest Latest Go to latest Published: Aug 16, 2021 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/infrahq/infra

Links

Open Source Insights

README ¶

Introduction

Infra is identity and access management for Kubernetes. Provide any user fine-grained access to Kubernetes clusters via existing identity providers such as Okta, Google Accounts, Azure Active Directory and more.

Features:

One-command access: infra login
No more out of sync Kubeconfig files
Fine-grained role assignment
Onboard & offboard users via Okta (Azure AD, Google, GitHub coming soon)
Audit logs for who did what, when (coming soon)

Quickstart

Create infra.yaml

# Configure external identity providers
sources:
  - type: okta
    domain: acme.okta.com
    clientId: 0oapn0qwiQPiMIyR35d6
    clientSecret: infra-registry-okta/clientSecret
    apiToken: infra-registry-okta/apiToken

# Map groups or individual users pulled from identity providers
# Roles refer to available roles or cluster-roles currently 
# configured in the cluster. Custom roles are supported. 
groups:
  - name: developers
    sources:
      - okta
    roles:
      - name: writer
        kind: cluster-role
        clusters:
          - cluster-1
users:
  - name: person@example.com
    roles:
      - name: admin
        kind: cluster-role
        clusters:
          - cluster-1
          - cluster-2

Please follow Okta configuration guide to obtain your Okta API token.

Install Infra Registry with configuration

helm repo add infrahq https://helm.infrahq.com
helm repo update

helm install infra-registry infrahq/registry --namespace infrahq --create-namespace --set-file config=./infra.yaml

Connect Kubernetes Cluster(s)

In a web browser visit the Infra Registry dashboard. The URL may be found using:

kubectl get svc -n default -w infra -o jsonpath="{.status.loadBalancer.ingress[*]['ip', 'hostname']}"

Login

Once in the dashboard, navigate to Infrastructure and click Add Cluster

Add cluster

Run this command to connect an existing Kubernetes cluster. Note, this command can be re-used for multiple clusters or scripted via Infrastructure As Code (IAC).

Usage Guide

Install Infra CLI

macOS & Linux

brew install infrahq/tap/infra

Windows

scoop bucket add infrahq https://github.com/infrahq/scoop.git
scoop install infra

infra login <your infra registry endpoint>

After login, Infra will automatically synchronize all the Kubernetes clusters configured for the user into their default kubeconfig file.

Accessing clusters

To list all the clusters, please run infra list.

Users can then switch Kubernetes context via kubectl config use-context <name> or via any Kubernetes tools.

Next Steps

Add a custom domain to make it easy for sharing with your team
Connect more Kubernetes clusters
Update roles

Documentation

Security

We take security very seriously. If you have found a security vulnerability please disclose it privately to us by email via security@infrahq.com

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
internal
cmd
docgen
engine
generate
kubernetes
logging Package logging provides a shared logger and log utilities to be used in all internal packages.	Package logging provides a shared logger and log utilities to be used in all internal packages.
registry
registry/mocks
timer
v1 Package v1 is a reverse proxy.	Package v1 is a reverse proxy.
version Package version is used check what the verson variable was set to when the running build was created.	Package version is used check what the verson variable was set to when the running build was created.
tools/querylinter Module
test module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL