Explore a comprehensive conference talk on managing Role-Based Access Control (RBAC) across multiple Kubernetes clusters. Dive into the challenges of administering users and permissions in heterogeneous Kubernetes environments. Learn about an open-source authentication/authorization framework that leverages Kubernetes Custom Resource Definitions (CRDs) to simplify cross-cluster auth and RBAC. Discover how to implement a single authentication and authorization point for multiple clusters, manage user RBAC permissions across clusters with automatic permission grants, and effectively group cluster resources into manageable subsets for easier application of RBAC, PodSecurity, and NetworkPolicy. Gain insights into various use cases for multiple Kubernetes clusters, authentication flows, global roles, project concepts, and network access controls. Follow along with a live demo showcasing Rancher's implementation, including cluster import, authentication providers, and role management.
Managing RBAC Across Multiple Kubernetes Clusters
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Introduction
When do you need multiple Kubernetes clusters
History of infrastructure
Kubernetes as a commodity
Multiple Kubernetes clusters
Use cases of multiple Kubernetes clusters
Kubernetes cloud types
Challenges
Missing Puzzle Piece
Authentication Authorization
Custom Controller Definition
Native Application Definition
Bonus
Open Source
Overson
Rancher
Authentication with Rancher
Flow
RBAC Global Role
Project Role
Project Concept
Project Controller
Network Access
Part Security Policy
Live Demo
Launching Rancher
Importing clusters into Rancher
Running custom import
Testing custom import
Local setup
Authentication provider
Authentication rules
How to access your cluster
Cubectl
Roles
Global View
Project View
Questions
Taught by
CNCF [Cloud Native Computing Foundation]
