Pinniped is the easy, secure way to log in to your Kubernetes clusters.
Go to file
Matt Moyer 1741f832eb
Merge pull request #114 from mattmoyer/new-token-credential-request-api
New "login.pinniped.dev/v1alpha1" group with TokenCredentialRequest API.
2020-09-17 10:23:22 -05:00
.github Small edits to PR template file 2020-09-16 09:06:36 -07:00
apis Add a new login.pinniped.dev API group with TokenCredentialRequest. 2020-09-17 09:52:22 -05:00
cmd Switch our client over to use the new TokenCredentialRequest API. 2020-09-17 09:52:23 -05:00
deploy Allow anonymous access to TokenCredentialRequests. 2020-09-17 09:52:23 -05:00
deploy-local-user-authenticator Use public container images for codegen as as defaults when deploying 2020-09-16 15:46:51 -07:00
doc Update community meeting link to one which requires a host to be present 2020-09-16 16:39:59 -07:00
generated Add a new login.pinniped.dev API group with TokenCredentialRequest. 2020-09-17 09:52:22 -05:00
hack Add a new login.pinniped.dev API group with TokenCredentialRequest. 2020-09-17 09:52:22 -05:00
internal Switch our client over to use the new TokenCredentialRequest API. 2020-09-17 09:52:23 -05:00
pkg/config Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
test Switch our client over to use the new TokenCredentialRequest API. 2020-09-17 09:52:23 -05:00
tools Save 2 lines by using inline-style comments for Copyright 2020-09-16 10:35:19 -04:00
.gitattributes Add .gitattributes as a hint to the GitHub diff viewer. 2020-09-15 11:44:23 -05:00
.gitignore Hello, world! 2020-07-02 17:05:59 -07:00
.golangci.yaml Update copyright to reference Pinniped contributors 2020-09-16 10:05:51 -04:00
.pre-commit-config.yaml Update precommit hook config to ignore generated files and fix whitespace. 2020-08-31 16:41:22 -05:00
ADOPTERS.md ADOPTERS.md: add initial draft 2020-09-14 10:46:05 -04:00
Dockerfile Update copyright to reference Pinniped contributors 2020-09-16 10:05:51 -04:00
go.mod Merge pull request #98 from suzerain-io/get_kubeconfig_cli 2020-09-15 13:34:14 -07:00
go.sum Merge pull request #98 from suzerain-io/get_kubeconfig_cli 2020-09-15 13:34:14 -07:00
LICENSE Add Apache 2.0 license. 2020-07-06 13:50:31 -05:00
MAINTAINERS.md MAINTAINERS.md: add initial draft 2020-09-15 13:14:50 -04:00
README.md Update copyright to reference Pinniped contributors 2020-09-16 10:05:51 -04:00
SECURITY.md Update precommit hook config to ignore generated files and fix whitespace. 2020-08-31 16:41:22 -05:00

Pinniped

Overview

Pinniped provides identity services to Kubernetes.

Pinniped allows cluster administrators to easily plug in external identity providers (IDPs) into Kubernetes clusters. This is achieved via a uniform install procedure across all types and origins of Kubernetes clusters, declarative configuration via Kubernetes APIs, enterprise-grade integrations with IDPs, and distribution-specific integration strategies.

Example Use Cases

  • Your team uses a large enterprise IDP, and has many clusters that they manage. Pinniped provides:
    • Seamless and robust integration with the IDP
    • Easy installation across clusters of any type and origin
    • A simplified login flow across all clusters
  • Your team shares a single cluster. Pinniped provides:
    • Simple configuration to integrate an IDP
    • Individual, revocable identities

Architecture

Pinniped offers credential exchange to enable a user to exchange an external IDP credential for a short-lived, cluster-specific credential. Pinniped supports various IDP types and implements different integration strategies for various Kubernetes distributions to make authentication possible.

To learn more, see architecture.md.

Pinniped Architecture Sketch

Trying Pinniped

Care to kick the tires? It's easy to install and try Pinniped.

Installation

Currently, Pinniped supports self-hosted clusters where the Kube Controller Manager pod is accessible from Pinniped's pods. Support for other types of Kubernetes distributions is coming soon.

To try Pinniped, see deploy/README.md.

Contributions

Contributions are welcome. Before contributing, please see the Code of Conduct and the contributing guide.

Reporting Security Vulnerabilities

Please follow the procedure described in SECURITY.md.

License

Pinniped is open source and licensed under Apache License Version 2.0. See LICENSE file.

Copyright 2020 the Pinniped contributors. All Rights Reserved.