Infra: A Promising Way To Manage Kubernetes Users

Madokai
Nerd For Tech
Published in
7 min readAug 14, 2022

--

Photo by Jason Strull on Unsplash

Kubernetes is not a secure platform. Its implementation in production requires the integration of several components to ensure its security and good operation by both administrators and users.

The management of cluster access is obviously an important point in the adoption of the platform. Several tools exist today to manage this critical security aspect. Infra is a new player in this field and deserves some attention.

What Is Infra?

Infra is an open source tool developed by InfraHQ to facilitate the access management to different platforms, starting with Kubernetes. The product is still in development at the time of writing this article, but it already has some interesting features (described in the next sections) to facilitate the adoption and use of Kubernetes.

Infra integrates with existing or new clusters thanks to its simple architecture, consisting mainly of five modules:

  • Infra Server, the heart of the system and the single point of entry for all connection and configuration requests
  • Infra Database, to store configuration and useful information such as connection history
  • Infra Connector, the agent to be deployed on all Kubernetes clusters in order to manage access to them from the central server
  • Infra CLI (Command Line Interface), which allows interaction with the server, used by both administrators and users of the service
  • Infra Providers, a source of truth for the list of users and groups to use to attach permissions to
Source: Infra Architecture

Infra’s architecture and its integration with various identity providers make it a good candidate to centralize user management in a unique source of truth. It allows administrators to decouple user management from the enterprise infrastructure. For example, multi Cloud or on-premises companies can focus their efforts on an identity provider like Google or Okta instead of relying on multiple LDAP servers or multiple Identity Access Management (IAM) services.

How To Deploy Infra?

--

--

Madokai
Nerd For Tech

DevOps, Observability, Cloud Computing and Automation!