3.2.3. Mint Mode
Mint Mode is supported for AWS, GCP, and Azure.
The default and recommended best practice for running OpenShift Container Platform is to run the installer with an administrator-level cloud credential. The
admin credential is stored in the
kube-system namespace, and then used by the Cloud Credential Operator to process the
CredentialsRequest objects in the cluster and create new users for each with specific permissions.
The benefits of Mint Mode include:
- Each cluster component only has the permissions it requires.
- Automatic, on-going reconciliation for cloud credentials including upgrades, which might require additional credentials or permissions.
One drawback is that Mint Mode requires
admin credential storage in a cluster