Skip to content

Instantly share code, notes, and snippets.

@cjellick

cjellick/1.md

Created January 17, 2018 18:31
Show Gist options
  • Save cjellick/526e665a8199723b666ab21db1806a48 to your computer and use it in GitHub Desktop.
Save cjellick/526e665a8199723b666ab21db1806a48 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
1.md

Authentication and Authorization

Backgroudn and Context

  • Rancher APIs
  • Kubernetes concepts
    • Authentication
      • Plugin model
      • Rancher: no special plugin, yes auth proxy
      • Impersonation
    • Authorization
      • Roles
      • RoleBindings
      • ClusterRoles
      • ClusterRoleBindings
      • Subject
      • Rules

Rancher Resource Heirarchy

  • Global - Management API
  • Cluster
    • Nodes
    • Projects
      • Workload

Rancher Auth API Constructs

  • Authentication
    • Tokens
    • Users
    • Principals
  • Authorization
    • RoleTemplates
    • ClusterRoleTemplateBinding
    • ProjectRoleTemplateBinding
    • Groups
    • GroupMembers

CRDs

$ kubectl get crd
NAME                                               AGE
catalogs.management.cattle.io                      2m
clusterevents.management.cattle.io                 2m
clusterregistrationtokens.management.cattle.io     2m
clusterroletemplatebindings.management.cattle.io   2m
clusters.management.cattle.io                      2m
dynamicschemas.management.cattle.io                2m
globalrolebindings.management.cattle.io            2m
globalroles.management.cattle.io                   2m
groupmembers.management.cattle.io                  2m
groups.management.cattle.io                        2m
machinedrivers.management.cattle.io                2m
machines.management.cattle.io                      2m
machinetemplates.management.cattle.io              2m
nodes.management.cattle.io                         2m
podsecuritypolicytemplates.management.cattle.io    2m
principals.management.cattle.io                    2m
projectroletemplatebindings.management.cattle.io   2m
projects.management.cattle.io                      2m
roletemplates.management.cattle.io                 2m
stacks.management.cattle.io                        2m
templates.management.cattle.io                     2m
templateversions.management.cattle.io              2m
tokens.management.cattle.io                        2m
users.management.cattle.io                         2m
workloads.project.cattle.io                        19s
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment