djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Miscellaneous wording changes

Browse Source
This commit is contained in:
Margo Crawford 2020-12-17 16:42:45 -08:00
parent 28e23e14b5
commit 2e191084b0
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
site/content/docs/architecture.md
View File

@ -11,10 +11,10 @@ clusters. Pinniped hopes to enable this access across a wide range of Kubernetes
environments with zero configuration. environments with zero configuration.
This integration is composed of two parts. This integration is composed of two parts.
One part, the supervisor, is a service which allows users One part, the supervisor, is an OIDC server which allows users
to authenticate with their external Identity Provider, to authenticate with their external Identity Provider,
then issues its own federation id tokens based on the information from the external then issues its own federation id tokens to be passed on to clusters
Identity Provider's token. based on the information from the external Identity Provider's token.
The other, the concierge, is a credential exchange API which takes as input a token The other, the concierge, is a credential exchange API which takes as input a token
(from the supervisor or elsewhere), and returns a credential which is understood by (from the supervisor or elsewhere), and returns a credential which is understood by
the host Kubernetes cluster. the host Kubernetes cluster.

6
site/content/docs/concierge-only-demo.md
View File

@ -13,9 +13,9 @@ cascade:
Don't have a cluster handy? Consider using [kind](https://kind.sigs.k8s.io/) on your local machine. Don't have a cluster handy? Consider using [kind](https://kind.sigs.k8s.io/) on your local machine.
See below for an example of using kind. See below for an example of using kind.
1. An identity provider of a type supported by Pinniped as described in [architecture](/docs/architecture). 1. An authenticator of a type supported by Pinniped as described in [architecture](/docs/architecture).
Don't have an identity provider of a type supported by Pinniped handy? No problem, there is a demo identity provider Don't have an authenticator of a type supported by Pinniped handy? No problem, there is a demo authenticator
available. Start by installing local-user-authenticator on the same cluster where you would like to try Pinniped available. Start by installing local-user-authenticator on the same cluster where you would like to try Pinniped
by following the directions in [deploy/local-user-authenticator/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/local-user-authenticator/README.md). by following the directions in [deploy/local-user-authenticator/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/local-user-authenticator/README.md).
See below for an example of deploying this on kind. See below for an example of deploying this on kind.
@ -77,7 +77,7 @@ as the identity provider.
```bash ```bash
# Example of manually choosing a release version... # Example of manually choosing a release version...
pinniped_version=v0.2.0 pinniped_version=v0.3.0
``` ```
1. Deploy the local-user-authenticator app. This is a demo identity provider. In production, you would use your 1. Deploy the local-user-authenticator app. This is a demo identity provider. In production, you would use your

4
site/content/docs/demo.md
View File

@ -5,5 +5,5 @@ cascade:
--- ---
# Trying Pinniped # Trying Pinniped
1. [Concierge demo](/docs/concierge-only-demo) 1. [Concierge with webhook demo](/docs/concierge-only-demo)
1. [Supervisor and Concierge demo](/docs/concierge-and-supervisor-demo) 1. [Concierge with supervisor and JWTAuthenticator demo](/docs/concierge-and-supervisor-demo)