Configuring KinD for OpenID Connect
For our example deployment, we will use a scenario from our customer, FooWidgets. FooWidgets has a Kubernetes cluster that they would like integrated using OIDC. The proposed solution needs to address the following requirements:
- Kubernetes must use our central authentication system, Active Directory
- We need to be able to map Active Directory groups into our RBAC
RoleBinding
objects - Users need access to the Kubernetes Dashboard
- Users need to be able to use the CLI
- All enterprise compliance requirements must be met
- Additional cluster management applications need to be managed centrally as well
Let's explore each of these in detail and explain how we can address the customer's requirements.
Addressing the requirements
Our enterprise's requirements require multiple moving parts, both inside and outside our cluster. We'll examine each of these components and how they relate...