Authentication in PMK
PMK provides a layer of multi-tenancy on top of Kubernetes, so that you and members of your organization can collaborate and utilize multiple Kubernetes clusters across different teams and geographical regions.
Read more about PMK multitenancy here
PMK achieves the multitenancy using an open source component called Keystone. Each deployment of PMK comes with an instance of Keystone, deployed in the PMK Management Plane.
Configure Authentication for a Cluster
When your PMK deployment is first created, a new user account with Administrator privileges is created in Keystone within the ‘service’ tenant for an authorized user provided by you. If you signup for PMK Free Tier, a new user account with Administrator privileges is created in the ‘service’ tenant in Keystone using your registered email address and password.
The Administrator user can then invite more users to the PMK deployment by adding them to PMK using the UI or API. This operation adds the users to Keystone with the appropriate role.
Configure External Access
You can configure external clients such as
kubectl to work with your PMK cluster by downloading the
kubeconfig file for that cluster. Follow these tutorials to learn more about this topic:
- [What is kubeconfig]
- [Download kubecofig via PMK UI]
- [Download kubeconfig via PMK REST API]
- [Run kubectl]
Thank you for your feedback! What did you like about this article?
Thank you for your feedback! How could this article be improved?
Thank you for your feedback! For specific questions about PMK or PMK free tier, visit our PMK forum.