Re: [Dev] Integrating WSO2 IS with Kubernetes

Hi, Had an offline chat with Nishadi on this. On Tue, Feb 16, 2016 at 1:55 PM, Imesh Gunaratne wrote: > Hi Nishadi, > > On Tue, Feb 16, 2016 at 12:10 PM, Nishadi Kirielle > wrote: > >> Hi, >> >> As of now, it seems LDAP integration of Kuberenetes with IS has

Re: [Dev] Integrating WSO2 IS with Kubernetes

Hi Nishadi, On Tue, Feb 16, 2016 at 12:10 PM, Nishadi Kirielle wrote: > Hi, > > As of now, it seems LDAP integration of Kuberenetes with IS has two basic > approaches. > > First approach is to directly integrate LDAP with Kubernetes. It requires > the authentication and

Re: [Dev] Integrating WSO2 IS with Kubernetes

Hi, As of now, it seems LDAP integration of Kuberenetes with IS has two basic approaches. First approach is to directly integrate LDAP with Kubernetes. It requires the authentication and authorization process to go through a LDAP connector. Although Kismatic has a LDAP/AD integration, it does

Re: [Dev] Integrating WSO2 IS with Kubernetes

@Imesh : This configuration has to be done in kube api server. It provides options to set the authorization mode in 'always allow', 'always deny' or 'ABAC' modes. In using ABAC mode, it provides an option --authorization-policy-file to set the user configured authorization policy. [1]

Re: [Dev] Integrating WSO2 IS with Kubernetes

Hi Nishadi, On Mon, Feb 8, 2016 at 11:11 PM, Nishadi Kirielle wrote: > My initial plan is to connect a LDAP implementation like OpenDS or > ApacheDS with Kubernetes. > Is OpenLDAP[1] not an option? It has a long track record and is the case when most user scenarios are

Re: [Dev] Integrating WSO2 IS with Kubernetes

Hi Nishadi, On Mon, Feb 8, 2016 at 11:11 PM, Nishadi Kirielle wrote: > Hi All, > > As a initial step to be familiar with Kubernetes, I have set up a > Kubernetes cluster and deployed some sample applications. [1] [2] > > In K8s, authorization and authentication happen as two