Skip to content

Instantly share code, notes, and snippets.

@Nurlan199206
Last active March 30, 2024 16:04
Show Gist options
  • Save Nurlan199206/28d6d98f229cb62643a7bcfbd9799f8a to your computer and use it in GitHub Desktop.
Save Nurlan199206/28d6d98f229cb62643a7bcfbd9799f8a to your computer and use it in GitHub Desktop.
OKD console OIDC integration
Vanilla OKD Console integration with Keycloak OIDC
Software version:
Keycloak: 23.0.7
Kubernetes: 1.26.5
# Run Keycloak on port 443 with custom domain
1) bash kc.sh start-dev --https-certificate-file=/etc/letsencrypt/live/auth.dev-ops.kz/fullchain.pem --https-certificate-key-file=/etc/letsencrypt/live/auth.dev-ops.kz/privkey.pem --https-port=443
# Add to each master node OIDC settings in /etc/kubernetes/manifests/kube-apiserver.yaml
- --oidc-issuer-url=https://auth.dev-ops.kz/realms/kubernetes
- --oidc-client-id=kubernetes
- --oidc-groups-claim=groups
- --oidc-username-claim=preferred_username
10) kubectl create clusterrolebinding admin --clusterrole=cluster-admin --user https://auth.dev-ops.kz/realms/kubernetes#admin
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment