-
- Downloads
Granular authentication Control
It is now possible to deactivate selected authentication methods (basic auth, token auth) inside the cluster by adding removing the required arguments to the Kube API Server and generating the secrets accordingly. The x509 authentification is currently not optional because disabling it would affect the kubectl clients deployed on the master nodes.
Showing
- inventory/group_vars/k8s-cluster.yml 8 additions, 2 deletionsinventory/group_vars/k8s-cluster.yml
- roles/kubernetes/master/defaults/main.yml 7 additions, 1 deletionroles/kubernetes/master/defaults/main.yml
- roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 4 additions, 0 deletions...tes/master/templates/manifests/kube-apiserver.manifest.j2
- roles/kubernetes/secrets/tasks/check-tokens.yml 1 addition, 1 deletionroles/kubernetes/secrets/tasks/check-tokens.yml
- roles/kubernetes/secrets/tasks/main.yml 1 addition, 1 deletionroles/kubernetes/secrets/tasks/main.yml
Loading
Please register or sign in to comment