kubernetes keystone #9

  • By csd-garr
  • Latest version (#9)
  • xenial, bionic
  • Stable

Description

Provides Webhook Token Authorization to charm kubernetes-master by creating a deployment that receives the token requests from kubernetes and handles them to keystone.


Kubernetes-keystone

This charm deploys a service that provides
Webhook Token Authentication
to Kubernetes through OpenStack Keystone.

Deployment

This is a subordinate charm to the
kubernetes-master charm.
In order to deploy it, do:

$ juju deploy cs:~csd-garr/kubernetes-keystone
$ juju add-relation kubernetes-master kubernetes-keystone

Configuration

This charm supports some configuration options to set up a Webhook Token Authentication server for Keystone:

keystone-url

URL of the Keystone endpoint.

k8s-keystone-auth-url

URL for downloading the Keystone authentication server.

authn-server-url

The URL of the Keystone endpoint.

authz-server-url

URL for the Webhook authorization server.

More information

Contact

The kubernetes-keystone charm is free and open source operations created
by the CSD team at GARR csd@garr.it.

Configuration

authz-server-url
(string) URL for the Webhook authorization server.
https://localhost:8443/webhook
keystone-url
(string) URL of the Keystone endpoint.
authn-server-url
(string) URL for the Webhook authentication server.
https://localhost:8443/webhook
k8s-keystone-auth-url
(string) URL for downloading the Keystone authentication server.
https://git.garr.it/cloud/charms/kubernetes-keystone/raw/master/bin/linux-amd64/k8s-keystone-auth