Tutorials
  • Welcome to Ozone
  • Quick Onboarding
    • Creating a New Project
    • Creating Environments
    • Adding a Registry
    • Adding a Repository
    • Attaching Clusters
    • Creating a Microservice
    • Using out-of-the-box Pipeline Templates
    • Creating a new pipeline on the Ozone Pipeline Studio
    • Configuring Triggers for Automated Deployments
    • Adding a CD Provider
      • Jenkins Pipeline
  • Documentation
    • Dashboard
      • Ozone Dashboard
      • Analyze Metrics & Logs for Kubernetes Clusters
    • CI/CD
      • Create Microservice
        • Link a Git Repo
        • Map a Registry
        • Map to Environments
        • Build Config (Specify where the Docker file exists)
      • Link Pipelines to your Microservice
        • Default Pipelines that are linked
        • What are Input Sets?
        • Execute a linked pipeline
      • Catalog
        • External Pipelines
          • Supported Integrations
          • How to Link an External CI Integration
          • Conversion Of external pipelines to Tekton Pipelines
        • Tasks
          • Create a Custom task
        • Releases (Templates and Runs)
          • What are releases composed of (Pipelines & Approvals)
          • Create a Release Template
          • Run a Release Template
        • Running Your First Pipeline
        • Pipelines (Templates & Runs)
          • Adding Nodes to Canvas
          • Configuring Rollbacks at Pipeline Template
          • Secret Injection + Secrets
          • Input-result mapping between tasks
        • Initiating Pipeline run
          • Manually
      • Triggers
        • Scheduling a pipeline and/or a release run
        • Triggering a pipeline and/or a release run
          • From Github events
          • From GitLab events
          • From Jira events
          • Custom Webhook
          • From Harbor events
          • From Azure DevOps events
          • From Bitbucket events
          • From Dockerhub events
      • Observe your Microservice
      • Verify Your Microservice With AI
    • Helm
      • Create a Helm Channel
      • Create a Helm Release
      • Edit a Helm Release
    • DevSecOps
      • Security Dashboard
      • Scans
      • Supported Integrations
      • Run Your First Security Pipeline
      • Shift Left Policy Management
        • Policies
    • Backups
      • Pre-requisites
      • How do I schedule a backup to create snapshots?
      • How to take snapshots and how do I know the status of backups?
      • How do I restore snapshots to clusters?
    • Setup
      • Manage Cluster
        • Public Cluster
        • Reattach Cluster
      • Setting up Environments
      • Manage Secret
      • Manage Repos
      • Manage Registries
      • Integrations
        • Managing Cloud Integrations
          • AWS
          • Azure
          • GCP
        • Managing Source Code Integrations
          • GitHub
          • GitLab
          • Bit bucket
          • Azure DevOps Repos
          • Git Repo
          • Bitbucket Datacenter
        • Managing Container Registry
          • Docker
          • GCR
          • Harbor
          • Quay
          • Azure ACR
          • Adhoc Registry
        • Managing Container Orchestration
          • AWS EKS
          • GKE
          • Azure AKS
        • Managing Issue Trackers
        • Managing Continuous Deployment
          • Argo CD
          • Azure DevOps
          • Ansible Tower
        • Managing SSO
        • Managing Private Catalogs
        • Managing Notifications
        • Managing Security
          • Snyk
          • Prisma Cloud
        • Managing APM
          • NewRelic
        • Managing Cloud Storage
          • Minio
          • AWS S3 Bucket
          • Google Cloud Storage
          • Azure Blob Storage
        • Managing Network Tunnels
        • Manage Testing
          • K6
        • Managing Secret Store
          • Azure Key Vault
          • Google Secret Manager
          • AWS Secrets Manager
          • Hashicorp Vault
    • Settings
      • Role Based Access Control
        • Create a new role
        • Clone an Existing Role
        • Apply a role to a member
      • Ozone Identity Management
      • Audit Trails
      • Private Cluster Management
      • SSO
        • Pre-Requisites
        • Azure AD
      • Projects
        • Create a new Project
        • Archive a Project
        • Import and remove resources into the project
        • Add Members to a Project
      • Setup Alerts and Notifications
  • Release Notes
    • August - 2024
    • July - 2024
    • June - 2024
    • April - 2024
    • February - 2024
    • November - 2023
    • October - 2023
    • September - 2023
    • August - 2023
    • July - 2023
    • June - 2023
    • May - 2023
    • April - 2023
    • September - 2022
    • August - 2022
    • July - 2022
    • May - 2022
    • April - 2022
    • Mar - 2022
    • Jan - 2022
    • Nov - 2021
  • FAQ
    • In House Applications
    • COTS Applications
    • Tasks
    • Pipelines
    • Releases
    • Projects
    • Members
    • Environments
    • Variables
    • Roles
  • Use Cases
    • For Platform Engineers
      • Standardized Application Delivery Workflows
      • Unified Observability and Alerting
      • On Demand Workload Recovery
    • For Software Developers
      • On Demand Delivery
      • Scalable and Re-usable Workflows
Powered by GitBook
On this page
  1. Documentation
  2. Settings

Private Cluster Management

PreviousAudit TrailsNextSSO

Last updated 1 year ago

To facilitate secure DevOps on private clusters, Ozone provides a secure tunnel for communications between the private cluster and Ozone agents, without being exposed externally and with no hassles over working with firewalls.

It leverages Open Ziti as a provider for a private tunnel which helps establish a secure channel to enable managing deployments to private clusters.

In order to attach a private cluster, head over to the cluster view screen from the resources menu.

Enter the name of the cluster, the environment to which the cluster maps to, and the features that need to be enabled for this cluster:

In the next screen, select the cluster type. Currently, Ozone supports the following cluster types: AKS, GKE, Openshift, TKG, EKS, PKS, and a generic K8s cluster for local instances. Select “Yes” to ensure the setup is for a private cluster.

Once you confirm that it is a private cluster, you will see another pop-up window where you are required to enter the name of the provider and an IP address, as part of configuring a new edge router provider. Ozone uses Netfoundry’s Open Ziti to create the private tunnel.

Once you hit “Submit”, a shell file is downloaded onto your system. Copy the command and run it in your VM to install Ziti.

Download the tunnel config json file once Ziti has finished installing, come back to Ozone, and close the pop-up shown above. You will need to setup the private cluster by adding a public and task registry prefix, selecting the edge router, and finally uploading the tunnel config file:

Clicking on “Download File” will give you the YAML that you will need to run on your cluster along with a kubectl command to install Ozone agents. After successful installation, you can find your new private cluster attached in the cluster view screen.