Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Learn more about Admission Webhooks
Search
Yuichi Saito
September 28, 2018
Technology
1
1.7k
Learn more about Admission Webhooks
kubernetes meetup #13
https://k8sjp.connpass.com/event/100842/
Yuichi Saito
September 28, 2018
Tweet
Share
More Decks by Yuichi Saito
See All by Yuichi Saito
失敗から学ぶ - ポストモーテム / Postmotem culture at Wantedly
munisystem
3
36k
Distributed Tracing with OpenCensus at Wantedly, Inc.
munisystem
3
5.1k
OpenCensus による APM の実現と、未来 / Implementing APM with OpenCensus
munisystem
8
6.9k
Effective Health Checking
munisystem
2
720
An introduction to monitoring Go Application with OpenCensus
munisystem
1
1.2k
Dgraph - A high performance graph database written in pure Go
munisystem
7
7.3k
Other Decks in Technology
See All in Technology
UI State設計とテスト方針
rmakiyama
2
630
日本版とグローバル版のモバイルアプリ統合の開発の裏側と今後の展望
miichan
1
130
LINE Developersプロダクト(LIFF/LINE Login)におけるフロントエンド開発
lycorptech_jp
PRO
0
120
LINEスキマニにおけるフロントエンド開発
lycorptech_jp
PRO
0
330
LINEヤフーのフロントエンド組織・体制の紹介【24年12月】
lycorp_recruit_jp
0
530
PHP ユーザのための OpenTelemetry 入門 / phpcon2024-opentelemetry
shin1x1
1
310
Google Cloud で始める Cloud Run 〜AWSとの比較と実例デモで解説〜
risatube
PRO
0
110
DevFest 2024 Incheon / Songdo - Compose UI 조합 심화
wisemuji
0
120
サイバー攻撃を想定したセキュリティガイドライン 策定とASM及びCNAPPの活用方法
syoshie
3
1.3k
Turing × atmaCup #18 - 1st Place Solution
hakubishin3
0
490
私なりのAIのご紹介 [2024年版]
qt_luigi
1
120
事業貢献を考えるための技術改善の目標設計と改善実績 / Targeted design of technical improvements to consider business contribution and improvement performance
oomatomo
0
100
Featured
See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.3k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Testing 201, or: Great Expectations
jmmastey
40
7.1k
KATA
mclloyd
29
14k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
Designing on Purpose - Digital PM Summit 2013
jponch
116
7k
The Pragmatic Product Professional
lauravandoore
32
6.3k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.2k
Speed Design
sergeychernyshev
25
670
Embracing the Ebb and Flow
colly
84
4.5k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.3k
Transcript
©2018 Wantedly, Inc. Learn more about Admission Webhooks Kubernetes
meetup #13 Yuichi Saito @munisystem
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍ "ENJTTJPO8FCIPPLTͱ ·ͱΊ Agenda
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹQPEΛ࡞ͬͯΈΔ
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE࡞Δ͜ͱ͕Ͱ͖ͳ͍
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE࡞Δ͜ͱ͕Ͱ͖ͳ͍ /BNFTQBDF-JGFDZDMF https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#namespacelifecycle
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛड͚ೖΕΔ͔ఆ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͱ https://kubernetes.io/docs/reference/access-authn-authz/controlling-access/
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛॻ͖͑Δ͜ͱͰɺϚχϑΣετʹॻ͔ͣͱҎԼͷ͜ͱ͕ߦ͑Δ w ҙͷBOOPUBUJPOMBCFMΛ༩͢Δ w ΞϓϦέʔγϣϯͷڥมʹҙͷσʔλΛຒΊࠐΊΔ w QPEͷલ໘ʹQSPYZΛஔ͘
w ΠϝʔδΛॻ͖͑Δ w FUD "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔ͷஅΛҎԼͷใ͔Βߦ͑Δ w ϚχϑΣετͷ༰ w ΫϥΠΞϯτͷΞΧϯτϩʔϧͷछྨ w ֎෦αʔϏεͱͷ࿈ܞ
w FUD "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ ෳࡶͳΦϖϨʔγϣϯػೳΛ,VCFSOFUFT෦Ͱ࣮ݱͰ͖Δ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. w Wd͔Βαϙʔτ͞Εͨ"ENJTTJPO$POUSPMMFSΛ֦ு͢ΔͨΊͷػೳ CFUB w BENJTTJPOQMVHJOTͰҎԼΛ༗ޮʹ͢Δ͜ͱͰར༻͕ՄೳʹͳΔ w
.VUBUJOH"ENJTTJPO8FCIPPL w 7BMJEBUJOH"ENJTTJPO8FCIPPL w Ͳ͜ͰΘΕ͍ͯΔʁ w *TUJP͕TJEFDBSͱͯ͠FOWPZΛEFQMPZ͢Δ࣌ʹར༻͍ͯ͠Δ w SFGIUUQTHJUIVCDPNJTUJPJTUJPCMPCNBTUFSQJMPUQLHLVCFJOKFDUXFCIPPLHP "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLT0WFSWJFX https://kubernetes.io/blog/2018/01/extensible-admission-is-beta/
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͷઃఆ 7BMJEBUJOH8FCIPPLTͷྫ ͜ͷઃఆͩͱ w ݅ w $MJFOU͔Βͷཁٻ͕
BQJ7FSTJPOWͷQPEͷ$3&"5&ͷ߹ w Ͳ͜ʹ w EFGBVMUOBNFTQBDFͷ FYBNQMFIPPLTFSWFSTFSWJDFͷ BENJUQPETʹରͯ͠ w ͳʹ͕ w 7BMJEBUJOHͷͨΊͷ"ENJTTJPO3FRVFTU ͕ૹΒΕͯ͘ΔΑ͏ʹͳΔ
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ QPEͷ࡞͕ඞࣦͣഊ͢Δ
©2018 Wantedly, Inc. w "ENJTTJPO8FCIPPLT,VCFSOFUFTΛΧελϚΠζ͢ΔΈ w ͜ΕΛ͔ͭ͏͜ͱͰ,VCFSOFUFTʹෳࡶͳΦϖϨʔγϣϯΛ࣮ݱͰ͖Δ w ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ w
ΫϥΠΞϯτͷཁٻΛॻ͖͑Δ w /05ۜͷؙ w ͝ར༻ܭըతʹ ·ͱΊ