Deep Dive: Auth SIG
We present a thorough walkthrough of the Kubernetes authentication and authorization codebase, where we will cover interface contracts and give specific examples of how they are implemented in Kuberne …
| Talk Title | Deep Dive: Auth SIG |
| Speakers | Mo Khan (Software Engineer, VMware), Matt Rogers (Senior Software Engineer, Red Hat) |
| Conference | KubeCon + CloudNativeCon Europe |
| Conf Tag | |
| Location | Barcelona, Spain |
| Date | May 19-23, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
We present a thorough walkthrough of the Kubernetes authentication and authorization codebase, where we will cover interface contracts and give specific examples of how they are implemented in Kubernetes. The audience will also be given a high level overview of the request processing pipeline. The generic nature of these interfaces will be explored along with a look into areas where Kubernetes has a strong opinion on the implementation specifics such as service accounts and the node authorizer. As a case study, the OpenShift auth stack will be discussed. OpenShift’s use of OAuth for authentication and role based access control for authorization will lead into discussions around token delegation, auditing, access controlled resource lists, etc.
