In-person + Virtual
October 11-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, October 15 • 2:30pm - 3:05pm
Everything Wrong with K8s Authentication and How We Worked Around It - Mo Khan & Margo Crawford, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Kubernetes provides many flexible authentication options, but they are inaccessible to a large portion of Kubernetes users in practice. When enterprise cluster administrators have clusters across many providers or distributions of Kubernetes, they struggle to unify them under a single identity platform. Kubernetes authentication options are often not available on managed cloud provider platforms, and even on self-hosted clusters it is non-trivial to integrate with common identity technologies such as OIDC or LDAP. This session will describe common pitfalls and limitations of Kubernetes authentication and show how to work around them. We will describe how to integrate identities from OIDC/LDAP into any Kubernetes cluster, provide nice login flows for cluster users, and enable federated logins across multiple clusters. Attend this session to learn about the latest Kubernetes auth integration techniques and see what’s coming in future Kubernetes versions.

avatar for Mo Khan

Mo Khan

Software Engineer, Microsoft
Mo Khan is a software engineer who is passionate about open source and security. He started working on Kubernetes in 2016, and currently serves as a chair and subproject owner for Kubernetes SIG Auth, a member of the Kubernetes Security Response Committee and a contributor to SIG... Read More →
avatar for Margo Crawford

Margo Crawford

MTS Software Engineer, VMware
Margo Crawford is a software engineer for VMware Tanzu on Project Pinniped. She lives in San Francisco. When she's not thinking about Kubernetes authentication, she likes roller skating, baking, and playing board games.

Friday October 15, 2021 2:30pm - 3:05pm PDT
Room 408 AB + Online