scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-03 19:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Keystone authentication plugin

Browse Source
This commit is contained in:
Ruddarraju, Uday Kumar Raju
2015-07-23 23:06:14 -07:00
parent c367d3c2e5
commit 937db3f70d
7 changed files with 261 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/admin/authentication.md
View File

@@ -64,6 +64,15 @@ and is a csv file with 3 columns: password, user name, user id.
When using basic authentication from an http client, the apiserver expects an `Authorization` header
with a value of `Basic BASE64ENCODED(USER:PASSWORD)`.
**Keystone authentication** is enabled by passing the `--experimental-keystone-url=<AuthURL>`
option to the apiserver during startup. The plugin is implemented in
`plugin/pkg/auth/authenticator/request/keystone/keystone.go`.
For details on how to use keystone to manage projects and users, refer to the
[Keystone documentation](http://docs.openstack.org/developer/keystone/). Please note that
this plugin is still experimental which means it is subject to changes.
Please refer to the [discussion](https://github.com/GoogleCloudPlatform/kubernetes/pull/11798#issuecomment-129655212)
and the [blueprint](https://github.com/GoogleCloudPlatform/kubernetes/issues/11626) for more details
## Plugin Development
We plan for the Kubernetes API server to issue tokens