Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Learn more about Admission Webhooks
Search
Yuichi Saito
September 28, 2018
Technology
1
1.8k
Learn more about Admission Webhooks
kubernetes meetup #13
https://k8sjp.connpass.com/event/100842/
Yuichi Saito
September 28, 2018
Tweet
Share
More Decks by Yuichi Saito
See All by Yuichi Saito
失敗から学ぶ - ポストモーテム / Postmotem culture at Wantedly
munisystem
3
38k
Distributed Tracing with OpenCensus at Wantedly, Inc.
munisystem
3
5.2k
OpenCensus による APM の実現と、未来 / Implementing APM with OpenCensus
munisystem
8
7k
Effective Health Checking
munisystem
2
790
An introduction to monitoring Go Application with OpenCensus
munisystem
1
1.3k
Dgraph - A high performance graph database written in pure Go
munisystem
7
7.5k
Other Decks in Technology
See All in Technology
2025-07-31: GitHub Copilot Agent mode at Vibe Coding Cafe (15min)
chomado
2
380
Segment Anything Modelの最新動向:SAM2とその発展系
tenten0727
0
430
마라톤 끝의 단거리 스퍼트: 2025년의 AI
inureyes
PRO
1
690
Claude Codeから我々が学ぶべきこと
s4yuba
9
2.1k
AI人生苦節10年で会得したAIがやること_人間がやること.pdf
shibuiwilliam
1
270
Perlアプリケーションで トレースを実装するまでの 工夫と苦労話
masayoshi
1
410
AWS re:Inforce 2025 re:Cap Update Pickup & AWS Control Tower の運用における考慮ポイント
htan
1
210
Amazon Q と『音楽』-ゲーム音楽もAmazonQで作成してみた感想-
senseofunity129
0
110
【CEDEC2025】現場を理解して実現!ゲーム開発を効率化するWebサービスの開発と、利用促進のための継続的な改善
cygames
PRO
0
720
KubeCon + CloudNativeCon Japan 2025 Recap
donkomura
0
170
2時間で300+テーブルをデータ基盤に連携するためのAI活用 / FukuokaDataEngineer
sansan_randd
0
130
Google Agentspaceを実際に導入した効果と今後の展望
mixi_engineers
PRO
3
330
Featured
See All Featured
Mobile First: as difficult as doing things right
swwweet
223
9.9k
Raft: Consensus for Rubyists
vanstee
140
7k
Done Done
chrislema
185
16k
How STYLIGHT went responsive
nonsquared
100
5.7k
Making the Leap to Tech Lead
cromwellryan
134
9.5k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
Building an army of robots
kneath
306
45k
How to Ace a Technical Interview
jacobian
278
23k
The Straight Up "How To Draw Better" Workshop
denniskardys
235
140k
[RailsConf 2023] Rails as a piece of cake
palkan
56
5.7k
Producing Creativity
orderedlist
PRO
346
40k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
130
19k
Transcript
©2018 Wantedly, Inc. Learn more about Admission Webhooks Kubernetes
meetup #13 Yuichi Saito @munisystem
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍ "ENJTTJPO8FCIPPLTͱ ·ͱΊ Agenda
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹQPEΛ࡞ͬͯΈΔ
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE࡞Δ͜ͱ͕Ͱ͖ͳ͍
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE࡞Δ͜ͱ͕Ͱ͖ͳ͍ /BNFTQBDF-JGFDZDMF https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#namespacelifecycle
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛड͚ೖΕΔ͔ఆ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͱ https://kubernetes.io/docs/reference/access-authn-authz/controlling-access/
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛॻ͖͑Δ͜ͱͰɺϚχϑΣετʹॻ͔ͣͱҎԼͷ͜ͱ͕ߦ͑Δ w ҙͷBOOPUBUJPOMBCFMΛ༩͢Δ w ΞϓϦέʔγϣϯͷڥมʹҙͷσʔλΛຒΊࠐΊΔ w QPEͷલ໘ʹQSPYZΛஔ͘
w ΠϝʔδΛॻ͖͑Δ w FUD "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔ͷஅΛҎԼͷใ͔Βߦ͑Δ w ϚχϑΣετͷ༰ w ΫϥΠΞϯτͷΞΧϯτϩʔϧͷछྨ w ֎෦αʔϏεͱͷ࿈ܞ
w FUD "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ ෳࡶͳΦϖϨʔγϣϯػೳΛ,VCFSOFUFT෦Ͱ࣮ݱͰ͖Δ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. w Wd͔Βαϙʔτ͞Εͨ"ENJTTJPO$POUSPMMFSΛ֦ு͢ΔͨΊͷػೳ CFUB w BENJTTJPOQMVHJOTͰҎԼΛ༗ޮʹ͢Δ͜ͱͰར༻͕ՄೳʹͳΔ w
.VUBUJOH"ENJTTJPO8FCIPPL w 7BMJEBUJOH"ENJTTJPO8FCIPPL w Ͳ͜ͰΘΕ͍ͯΔʁ w *TUJP͕TJEFDBSͱͯ͠FOWPZΛEFQMPZ͢Δ࣌ʹར༻͍ͯ͠Δ w SFGIUUQTHJUIVCDPNJTUJPJTUJPCMPCNBTUFSQJMPUQLHLVCFJOKFDUXFCIPPLHP "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLT0WFSWJFX https://kubernetes.io/blog/2018/01/extensible-admission-is-beta/
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͷઃఆ 7BMJEBUJOH8FCIPPLTͷྫ ͜ͷઃఆͩͱ w ݅ w $MJFOU͔Βͷཁٻ͕
BQJ7FSTJPOWͷQPEͷ$3&"5&ͷ߹ w Ͳ͜ʹ w EFGBVMUOBNFTQBDFͷ FYBNQMFIPPLTFSWFSTFSWJDFͷ BENJUQPETʹରͯ͠ w ͳʹ͕ w 7BMJEBUJOHͷͨΊͷ"ENJTTJPO3FRVFTU ͕ૹΒΕͯ͘ΔΑ͏ʹͳΔ
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ QPEͷ࡞͕ඞࣦͣഊ͢Δ
©2018 Wantedly, Inc. w "ENJTTJPO8FCIPPLT,VCFSOFUFTΛΧελϚΠζ͢ΔΈ w ͜ΕΛ͔ͭ͏͜ͱͰ,VCFSOFUFTʹෳࡶͳΦϖϨʔγϣϯΛ࣮ݱͰ͖Δ w ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ w
ΫϥΠΞϯτͷཁٻΛॻ͖͑Δ w /05ۜͷؙ w ͝ར༻ܭըతʹ ·ͱΊ