Cluster access is strictly managed through kubeconfig files downloaded from Omni and enforced using Kubernetes Role-Based Access Control (RBAC) policies.
See Omni Documentation: Use Kubectl With Omni for detailed instructions.
kubeconfig Management
kubeconfig files are user-specific and downloaded from Omni (Sidero Omni management plane).
# Install kubectl oidc-login plugin
brew install kubelogin
📘 Info
Authentication foromnictl,talosctl, andkubectlwill last for 8 hours. After 8 hours you will need to re-authenticate each tool for your environment.
Steps to Create a new Omni User
- Login to Omni UI [https://kyjung.omni.siderolabs.io/omni/]
- Navigate to Settings → Users. Click Add User
- Add email address of the user and select ‘Operator’ or ‘Admin’ as the role.
Steps to Download and Configure kubeconfig:
- Login to Omni UI or use the Omni CLI tool. [https://kyjung.omni.siderolabs.io/omni/]
- Select the target cluster you wish to operate.
- Download the kubeconfig using the Omni interface:
- In UI:
Clusters > [Your Cluster] > Download Kubeconfig
- In CLI:
- In UI:
omni get kubeconfig --cluster <cluster-name> --output ~/.kube/config- Merge kubeconfig if you manage multiple clusters:
KUBECONFIG=~/.kube/config:~/.kube/another-cluster-config kubectl config view --merge --flatten > ~/.kube/merged-config
mv ~/.kube/merged-config ~/.kube/config- Verify cluster access
kubectl get nodes