Re: Webhook token auth
Exactly. Em 1 de dez de 2017 19:09, "Clayton Coleman" escreveu: > At the current time authenticator web hooks aren't supported (3.6). It's > being discussed for 3.9, but more realistically 3.10. > > This is for IAM integration with AWS? > > On Fri, Dec 1, 2017 at 3:48 PM, Mateus Caruccio < > mateus.caruc...@getupcloud.com> wrote: > >> Hi. >> Is it possible to use external webhook auth on openshift? >> >> I've edited origin-master with this fragment: >> >> kubernetesMasterConfig: >> apiServerArguments: >> authentication-token-webhook-config-file: >> /etc/kubernetes/heptio-authenticator-aws/kubeconfig.yaml >> >> However it looks like apiserver is not even hitting the webhook service >> at 127.0.0.1 >> No log messages messages even when loglevel=10 >> >> >> $ oc version >> oc v3.6.1+008f2d5 >> kubernetes v1.6.1+5115d708d7 >> features: Basic-Auth GSSAPI Kerberos SPNEGO >> >> Server https://XXX.XXX.getupcloud.com:443 >> openshift v3.6.1+008f2d5 >> kubernetes v1.6.1+5115d708d7 >> >> >> Thanks >> >> -- >> Mateus Caruccio / Master of Puppets >> GetupCloud.com >> We make the infrastructure invisible >> Gartner Cool Vendor 2017 >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: Webhook token auth
At the current time authenticator web hooks aren't supported (3.6). It's being discussed for 3.9, but more realistically 3.10. This is for IAM integration with AWS? On Fri, Dec 1, 2017 at 3:48 PM, Mateus Caruccio < mateus.caruc...@getupcloud.com> wrote: > Hi. > Is it possible to use external webhook auth on openshift? > > I've edited origin-master with this fragment: > > kubernetesMasterConfig: > apiServerArguments: > authentication-token-webhook-config-file: > /etc/kubernetes/heptio-authenticator-aws/kubeconfig.yaml > > However it looks like apiserver is not even hitting the webhook service at > 127.0.0.1 > No log messages messages even when loglevel=10 > > > $ oc version > oc v3.6.1+008f2d5 > kubernetes v1.6.1+5115d708d7 > features: Basic-Auth GSSAPI Kerberos SPNEGO > > Server https://XXX.XXX.getupcloud.com:443 > openshift v3.6.1+008f2d5 > kubernetes v1.6.1+5115d708d7 > > > Thanks > > -- > Mateus Caruccio / Master of Puppets > GetupCloud.com > We make the infrastructure invisible > Gartner Cool Vendor 2017 > > ___ > dev mailing list > dev@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/dev > > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Webhook token auth
Hi. Is it possible to use external webhook auth on openshift? I've edited origin-master with this fragment: kubernetesMasterConfig: apiServerArguments: authentication-token-webhook-config-file: /etc/kubernetes/heptio- authenticator-aws/kubeconfig.yaml However it looks like apiserver is not even hitting the webhook service at 127.0.0.1 No log messages messages even when loglevel=10 $ oc version oc v3.6.1+008f2d5 kubernetes v1.6.1+5115d708d7 features: Basic-Auth GSSAPI Kerberos SPNEGO Server https://XXX.XXX.getupcloud.com:443 openshift v3.6.1+008f2d5 kubernetes v1.6.1+5115d708d7 Thanks -- Mateus Caruccio / Master of Puppets GetupCloud.com We make the infrastructure invisible Gartner Cool Vendor 2017 ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev