Inside Kubernetes RBAC

Inside Kubernetes RBAC

  • March 22, 2019
Table of Contents

Inside Kubernetes RBAC

Kubernetes is a Container Orchestration Engine designed to host containerized applications on a set of nodes, commonly referred to as a cluster. Using a systems modeling approach, this series aims to advance the understanding of Kubernetes and its underlying concepts. The Kubernetes API is an Http API that provides Create/Read/Update/Delete access to query and modify the Kubernetes Object Store.

Kubernetes supports multiple authentication and authorization strategies to control the access to the API. This post provides a concise, detailed model of Kubernetes’ Role-based Access Control (RBAC), but may not be suitable as introductory material. The model is supported by partial specifications in TLA+.

Conceptually, general authorization may be modeled as a relation hasAccess between a requesting user and a requested operation.

Source: medium.com

Tags :
Share :
comments powered by Disqus

Related Posts

Istio and Kubernetes in production. Part 2. Tracing

Istio and Kubernetes in production. Part 2. Tracing

In the previous post, we took a look at the building blocks of Service Mesh Istio, got familiar with the system, and went through the questions that new Istio users often ask. In this post, we will look at how to organize the collection of tracing information over the network. The first thing that developers and system administrators think about when they hear the term Service Mesh is tracing.

Read More
Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

Ambassador: Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

Read More
Kubernetes at CERN: Use Cases, Integration and Challenges

Kubernetes at CERN: Use Cases, Integration and Challenges

Kubernetes at CERN: Use Cases, Integration and Challenges.

Read More