Introduction to AuthX

Explore Kubernetes AuthX concepts by understanding how kube-apiserver handles authentication and authorization. Learn various methods like tokens, certificates, RBAC, and webhook integration to secure your cluster and customize access control tailored to organizational needs.

We'll cover the following...

The security center of Kubernetes
- Authentication
- Authorization
Summary

The security center of Kubernetes

The kube-apiserver is the heart of a Kubernetes cluster. All the system-level authentications (AuthN) and authorizations (AuthZ) are handled by it. AuthX usually refers to both AuthN and AuthZ. We can also say that the kube-apiserver is the security center of Kubernetes.

We could run the kube-apiserver with insecure settings, but that isn’t suggested, especially in production environments. It’s strongly suggested to enable transport layer security (TLS) between all the Kubernetes components. This helps improve the whole cluster’s security.

Just as the graph below shows, all the ...

1.Before Getting Started

2.Kubernetes Architecture

3.Customizing AuthX

4.Dynamic Admission Control

5.Customizing Schedulers

6.Extending APIs with CustomResourceDefinition (CRD)

7.Extending APIs with Aggregated APIServer

8.Container Network Interface

9.Container Runtime Interface

10.Extend kubectl

11.How to Write Good Kubernetes Operators

Assessment

12.Wrap Up

Introduction to AuthX

The security center of Kubernetes