Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Learn more about Admission Webhooks

Avatar for Yuichi Saito Yuichi Saito
September 28, 2018
Technology
1
1.7k

Learn more about Admission Webhooks

kubernetes meetup #13
https://k8sjp.connpass.com/event/100842/
Avatar for Yuichi Saito

Yuichi Saito

September 28, 2018
Tweet

More Decks by Yuichi Saito

See All by Yuichi Saito
失敗から学ぶ - ポストモーテム / Postmotem culture at Wantedly
Avatar for Yuichi Saito munisystem
3
38k
Distributed Tracing with OpenCensus at Wantedly, Inc.
Avatar for Yuichi Saito munisystem
3
5.2k
OpenCensus による APM の実現と、未来 / Implementing APM with OpenCensus
Avatar for Yuichi Saito munisystem
8
7k
Effective Health Checking
Avatar for Yuichi Saito munisystem
2
770
An introduction to monitoring Go Application with OpenCensus
Avatar for Yuichi Saito munisystem
1
1.3k
Dgraph - A high performance graph database written in pure Go
Avatar for Yuichi Saito munisystem
7
7.4k

Other Decks in Technology

See All in Technology
Claude Code Actionを使ったコード品質改善の取り組み
Avatar for Katsunori Kanda potix2
PRO
2
840
AWS アーキテクチャ作図入門/aws-architecture-diagram-101
Avatar for Kohei "Max" MATSUSHITA ma2shita
28
9.5k
25分で解説する「最小権限の原則」を実現するための AWS「ポリシー」大全 / 20250625-aws-summit-aws-policy
Avatar for opelab opelab
6
660
ハノーバーメッセ2025座談会.pdf
Avatar for AIxIoTビジネス共創ラボ iotcomjpadmin
0
140
比起獨自升級 我更喜歡 DevOps 文化 <3
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1.1k
Prox Industries株式会社 会社紹介資料
Avatar for Prox proxindustries
0
160
Snowflake Summit 2025全体振り返り / Snowflake Summit 2025 Overall Review
Avatar for k.muguruma mtpooh
2
170
IAMのマニアックな話 2025を執筆して、​ 見えてきたAWSアカウント管理の現在
Avatar for NRI Netcom nrinetcom
PRO
4
640
Navigation3でViewModelにデータを渡す方法
Avatar for mikan mikanichinose
0
200
Claude Code どこまでも/ Claude Code Everywhere
Avatar for nwiizo nwiizo
53
31k
Amazon S3標準/ S3 Tables/S3 Express One Zoneを使ったログ分析
Avatar for ShigeruOda shigeruoda
2
360
データプラットフォーム技術におけるメダリオンアーキテクチャという考え方/DataPlatformWithMedallionArchitecture
Avatar for Masatoshi Shimada smdmts
5
530

Featured

See All Featured
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1031
460k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
430
65k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
351
20k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
271
27k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.3k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
233
17k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
245
12k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
790
250k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
48
5.4k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.7k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
206
24k

Transcript

  1. ©2018 Wantedly, Inc. Learn more about 
 Admission Webhooks Kubernetes

    meetup #13 Yuichi Saito @munisystem

  2. ©2018 Wantedly, Inc.  "ENJTTJPO$POUSPMMFSͷ͓͞Β͍  "ENJTTJPO8FCIPPLTͱ͸  ·ͱΊ Agenda

  3. ©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍

  4. ©2018 Wantedly, Inc. ਎ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹQPEΛ࡞ͬͯΈΔ

  5. ©2018 Wantedly, Inc. ਎ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE͸࡞Δ͜ͱ͕Ͱ͖ͳ͍

  6. ©2018 Wantedly, Inc. ਎ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE͸࡞Δ͜ͱ͕Ͱ͖ͳ͍ /BNFTQBDF-JGFDZDMF https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#namespacelifecycle

  7. ©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ
 ΫϥΠΞϯτ͔ΒͷཁٻΛड͚ೖΕΔ͔൑ఆ͢ΔͨΊͷ࢓૊Έ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖׵͑Δ

    w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λ൑அ͢Δ "ENJTTJPO$POUSPMMFSͱ͸

  8. ©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͱ͸ https://kubernetes.io/docs/reference/access-authn-authz/controlling-access/

  9. ©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ
 ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷ࢓૊Έ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖׵͑Δ

    w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λ൑அ͢Δ "ENJTTJPO$POUSPMMFSͱ͸

  10. ©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛॻ͖׵͑Δ͜ͱͰɺϚχϑΣετʹॻ͔ͣͱ΋ҎԼͷ͜ͱ͕ߦ͑Δ w ೚ҙͷBOOPUBUJPO΍MBCFMΛ෇༩͢Δ w ΞϓϦέʔγϣϯͷ؀ڥม਺ʹ೚ҙͷσʔλΛຒΊࠐΊΔ w QPEͷલ໘ʹQSPYZΛஔ͘

    w ΠϝʔδΛॻ͖׵͑Δ w FUD "ENJTTJPO$POUSPMMFSͱ͸

  11. ©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ
 ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷ࢓૊Έ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖׵͑Δ

    w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λ൑அ͢Δ "ENJTTJPO$POUSPMMFSͱ͸

  12. ©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔ͷ൑அΛҎԼͷ৘ใ͔Βߦ͑Δ w ϚχϑΣετͷ಺༰ w ΫϥΠΞϯτͷΞΧ΢ϯτ΍ϩʔϧͷछྨ w ֎෦αʔϏεͱͷ࿈ܞ

    w FUD "ENJTTJPO$POUSPMMFSͱ͸

  13. ©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ
 ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷ࢓૊Έ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖׵͑Δ

    w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λ൑அ͢Δ "ENJTTJPO$POUSPMMFSͱ͸ ෳࡶͳΦϖϨʔγϣϯ΍ػೳΛ,VCFSOFUFT಺෦Ͱ࣮ݱͰ͖Δ

  14. ©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͱ͸

  15. ©2018 Wantedly, Inc. w Wd͔Βαϙʔτ͞Εͨ"ENJTTJPO$POUSPMMFSΛ֦ு͢ΔͨΊͷػೳ CFUB  w BENJTTJPOQMVHJOTͰҎԼΛ༗ޮʹ͢Δ͜ͱͰར༻͕ՄೳʹͳΔ w

    .VUBUJOH"ENJTTJPO8FCIPPL w 7BMJEBUJOH"ENJTTJPO8FCIPPL w Ͳ͜Ͱ࢖ΘΕ͍ͯΔʁ w *TUJP͕TJEFDBSͱͯ͠FOWPZΛEFQMPZ͢Δ࣌ʹར༻͍ͯ͠Δ w SFGIUUQTHJUIVCDPNJTUJPJTUJPCMPCNBTUFSQJMPUQLHLVCFJOKFDUXFCIPPLHP "ENJTTJPO8FCIPPLTͱ͸

  16. ©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLT0WFSWJFX https://kubernetes.io/blog/2018/01/extensible-admission-is-beta/

  17. ©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ࿥͢Δ͜ͱͰɺ
 ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU

    w "ENJTTJPO3FRVFTUʹର͠ฦ౴͢Δ3FTQPOTFͷܗࣜʹΑͬͯ
 "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ͸

  18. ©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ࿥͢Δ͜ͱͰɺ
 ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU

    w "ENJTTJPO3FRVFTUʹର͠ฦ౴͢Δ3FTQPOTFͷܗࣜʹΑͬͯ
 "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ͸

  19. ©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͷઃఆ 7BMJEBUJOH8FCIPPLTͷྫ ͜ͷઃఆͩͱ w ৚݅ w $MJFOU͔Βͷཁٻ͕


    BQJ7FSTJPOWͷQPEͷ$3&"5&ͷ৔߹ w Ͳ͜ʹ w EFGBVMUOBNFTQBDFͷ
 FYBNQMFIPPLTFSWFSTFSWJDFͷ
 BENJUQPETʹରͯ͠ w ͳʹ͕ w 7BMJEBUJOHͷͨΊͷ"ENJTTJPO3FRVFTU ͕ૹΒΕͯ͘ΔΑ͏ʹͳΔ

  20. ©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ࿥͢Δ͜ͱͰɺ
 ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU

    w "ENJTTJPO3FRVFTUʹର͠ฦ౴͢Δ3FTQPOTFͷܗࣜʹΑͬͯ
 "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ͸

  21. ©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ

  22. ©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ

  23. ©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ QPEͷ࡞੒͕ඞࣦͣഊ͢Δ

  24. ©2018 Wantedly, Inc. w "ENJTTJPO8FCIPPLT͸,VCFSOFUFTΛΧελϚΠζ͢Δ࢓૊Έ w ͜ΕΛ͔ͭ͏͜ͱͰ,VCFSOFUFTʹෳࡶͳΦϖϨʔγϣϯΛ࣮ݱͰ͖Δ w ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ w

    ΫϥΠΞϯτͷཁٻΛॻ͖׵͑Δ w /05ۜͷ஄ؙ w ͝ར༻͸ܭըతʹ ·ͱΊ