Srinivas Naga Kotaru (skotaru) wrote on 02/19/2016 08:00 PM:
David
Thanks for info
It looks like a big problem from management or client experience
perceptive . Have seen most of the clients are using a single cluster
but what about if a client has multiple clusters but client base is
common? Authentication, authorization, API end points all are
different or need to be managed independent to each other.
I think you can setup proper certificate auth on all clusters to avoid
need to obtain different tokens from each cluster. i.e. all clusters
would accept the same client certificates. I'm not sure trying to make
tokens work across clusters is a good idea. At least doing it right
might not be easier than cert auth, I suspect it will be ugly.
Btw for web console users, one can have same SSO across clusters so that
user will login only once per time period. For example kerberos or
google auth. This would be much easier than certificate auth but limited
to web console.
This is what current solution or can we change anything for better
client experience in multi cluster environments ?
Do you mean only auth or also other difficulties?
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
