There are various identity providers that can be used with OpenShift. In this post, I will mention HTPasswd identity provider and how you can manage your users with it.
First, if you don’t know which identity provider is used in your cluster installation check out the master configuration file. Here is how you can do it:
1- less /etc/origin/master/master-config.yaml file
2- Find “identityProviders” section
3- Below that, there is a “provider” section. See the value of “kind” key
Something like this:
- challenge: true
I want you to realize another key here. “file” key. Value of this key specifies where the htpasswd file is located and the name of this file. In my case, this file is named “admin”.
If you take a look at this file you will see something like this:
As you can see here, passwords are encrypted. htpasswd’s default hash algorithm is different from platform to platform. On Windows, the passwords are hashed using MD5, and on Linux its based on a system function called “crypt()”. OpenShift Container Platform supports the Bcrypt, SHA-1, and MD5 cryptographic hash functions, and MD5 is the default for htpasswd.
When it comes to adding your cluster user with htpasswd, you can use this command:
htpasswd -b /etc/openshift/admin USER_NAME PASSWORD
Note: If you are using a different identityProvider or need a quick authentication solution for your test environment you can use the httpd-tools package to obtain the htpasswd binary that can generate these accounts.
yum -y install httpd-tools
Hope this helps.