OpenID connect configuration with kubeadm?

Yassine_Lazaar · October 12, 2019, 4:09pm

Hey everyone,

Im trying to setup a cluster with authentication handled by an OpenID Connect server.
The kubernetes version is 1.15.3
I run kubeadm init --config ~/kubeadm-config.yml with the following kubeadm configration file:

apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 172.17.8.100
  bindPort: 6443
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
apiServer:
  extraArgs:
    oidc-issuer-url: https://keycloak.xxxxxx.xx/auth/realms/master
    oidc-username-claim: sub
    oidc-client-id: kubernetes-cluster
    oidc-ca-file: /root/myCA.pem
networking:
  podSubnet: 10.32.0.0/12

I get the following error:

remote version is much newer: v1.16.1; falling back to: stable-1.15\nerror execution phase wait-control-plane: couldn't initialize a Kubernetes cluster

When I omit all extraArgs related to openid (oidc-issuer-url…etc), the cluster is setup but without the desired configuration. What am’I missing?

Topic		Replies	Views
Kubernetes Using Keycloak OIDC Certification Questions Advisory General Discussions oidc	0	618	April 20, 2023
Initializing k8s with OIDC General Discussions oidc	1	2425	May 29, 2020
Kubeadm init failed api server not healthy General Discussions	20	6840	December 21, 2024
Kubeadm init error on ubuntu 20.04 General Discussions	2	4359	January 10, 2024
KubeAPI Dynamic OIDC, multi tenant IAM General Discussions oidc	0	357	July 28, 2023

OpenID connect configuration with kubeadm?

Related topics