{"type":"rich","title":"kubelogin\u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3057\u3066OpenID Connect\u3067Kubernetes\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b","version":"1.0","published":"2018-03-23 21:08:13","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fint128.hatenablog.com%2Fentry%2F2018%2F03%2F23%2F210813\" title=\"kubelogin\u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3057\u3066OpenID Connect\u3067Kubernetes\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b - GeekFactory\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","url":"https://int128.hatenablog.com/entry/2018/03/23/210813","categories":["Kubernetes","keycloak","OpenID Connect"],"provider_url":"https://hatena.blog","author_name":"int128","author_url":"https://blog.hatena.ne.jp/int128/","image_url":null,"provider_name":"Hatena Blog","width":"100%","description":"TL;DR Kubernetes\u306e\u8a8d\u8a3c\u306f\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a3c\u660e\u66f8\u3084ID/\u30d1\u30b9\u30ef\u30fc\u30c9\u3060\u3051\u3067\u306a\u304f\u3001OpenID Connect\u306b\u5bfe\u5fdc\u3057\u3066\u3044\u308b\u3002 RBAC\u3092\u8a2d\u5b9a\u3059\u308b\u3053\u3068\u3067\u3001\u30e6\u30fc\u30b6\u3084\u30b0\u30eb\u30fc\u30d7\u306b\u3088\u308b\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u304c\u3067\u304d\u308b\u3002 \u4ee5\u4e0b\u306e\u8a2d\u5b9a\u304c\u5fc5\u8981\u306b\u306a\u308b\u3002 Keycloak\uff08OpenID Connect IdP\uff09 kube-apiserver\uff08Kubernetes API\u30b5\u30fc\u30d0\uff09 kubectl\uff08Kubernetes\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\uff09 \u4ee5\u524d\u306b Keycloak\u306eOpenID Connect\u3067Kubernetes\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b - GeekFactory \u3068\u3044\u3046\u8a18\u4e8b\u3092\u66f8\u304d\u307e\u3057\u305f\u304c\u3001\u672c\u7a3f\u3067\u306fkubelogin\u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3057\u3066\u2026","height":"190","blog_url":"https://int128.hatenablog.com/","blog_title":"GeekFactory"}