3 docs tagged with "kubernetes"

The Kubernetes API server can be configured to trust an OpenID Connect (OIDC) provider to authenticate users. We recommend you work with your Kubernetes administrator and security team to configure the Kubernetes API server to trust the OIDC provider. Depending on your infrastructure provider and the Kubernetes platform you are using, such as AWS EKS, Azure AKS, or Google GKE, the steps to configure the Kubernetes API server to trust the OIDC provider may vary.

PaletteAI supports Kubernetes User Impersonation. User impersonation is a feature that allows a user to impersonate another user. This is useful for scenarios where you are unable to configure the Kubernetes API server to trust the Dex as an OpenID Connect (OIDC) provider. Through the user impersonation feature, you can continue to use your existing OIDC provider or local Dex users, the key part is to ensure that proper group mappings are configured so that the user has the correct permissions to access the resources they need.

This page guides you through the process of installing PaletteAI on any Kubernetes cluster, whether it is managed by cloud providers (EKS, GKE, AKS) or self-managed in on-premises or edge environments. The deployment method covered uses the hub-as-spoke pattern, which allows the hub cluster to also act as a spoke cluster, and deploys Zot for the Open Container Initiative (OCI) registry. By acting as a spoke cluster, AI/ML applications can be deployed directly on the hub cluster. To learn more about hub and spoke clusters, refer to our Hub-Spoke Model guide.