Kubernetes and OIDC

mrbobbytables · June 15, 2018, 11:18pm

OIDC has been a bit of a topic lately and I figured it’d be worth it to start a discussion on the subject.

It was featured on this week’s TGIK – Going over OIDC/OAuth2 in general along with hooking Kubernetes into Github for auth via CoreOS’s Dex and Heptio’s Gangway.

TGIK Episode 39 Notes

and if you don’t mind a little bit of self promotion – I posted a tutorial on the same subject, but using RedHat’s Keycloak.

Topic Starter

To kick things off, I’d love to know what OIDC provider folks are using along with what Identity backend. e.g.

Dex + Github?
Dex + Google?
Keycloak + AD/LDAP?
Azure, Google etc directly?

If any, what pain points have you had?

Office Hours

Additionally, if you’re having any problems or would prefer to toss out a question live – myself and some of the other volunteers on next week’s Office Hours (June 20th) should be available to answer questions Just hop in the the #office-hours slack channel and ask away!

jimangel · June 27, 2018, 2:29am

Kuberos + Dex + LDAP = great! The hardest part is figuring out Dex

MHBauer · June 27, 2018, 8:51am

Going by the kubeconfig used to connect, IBM’s hosted kubernetes service uses an oidc auth-provider. Not sure of the details of what’s in the backend, but the IBM Cloud CLI is obviously doing the authentication and token stuff out of band of kubectl.

Topic		Replies	Views
LDAP Authentication for Kubernetes Cluster General Discussions docs	4	1482	June 18, 2024
Kubernetes Using Keycloak OIDC Certification Questions Advisory General Discussions oidc	0	611	April 20, 2023
Why did kubernetes did not implement authentication mechanism? General Discussions authn	0	553	December 24, 2020
New Open Source Login Portal for Kubernetes Announcements oidc , authn , authz	0	1259	October 29, 2018
How to configure OIDC with mulitple ClientId & Secret? General Discussions authn	0	369	November 23, 2022

Kubernetes and OIDC

Topic Starter

Office Hours

Related topics