Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Learn more about Admission Webhooks
Search
Yuichi Saito
September 28, 2018
Technology
1
1.7k
Learn more about Admission Webhooks
kubernetes meetup #13
https://k8sjp.connpass.com/event/100842/
Yuichi Saito
September 28, 2018
Tweet
Share
More Decks by Yuichi Saito
See All by Yuichi Saito
失敗から学ぶ - ポストモーテム / Postmotem culture at Wantedly
munisystem
3
37k
Distributed Tracing with OpenCensus at Wantedly, Inc.
munisystem
3
5.1k
OpenCensus による APM の実現と、未来 / Implementing APM with OpenCensus
munisystem
8
6.9k
Effective Health Checking
munisystem
2
740
An introduction to monitoring Go Application with OpenCensus
munisystem
1
1.2k
Dgraph - A high performance graph database written in pure Go
munisystem
7
7.3k
Other Decks in Technology
See All in Technology
ABWG2024採択者が語るエンジニアとしての自分自身の見つけ方〜発信して、つながって、世界を広げていく〜
maimyyym
1
190
1行のコードから社会課題の解決へ: EMの探究、事業・技術・組織を紡ぐ実践知 / EM Conf 2025
9ma3r
12
4.3k
クラウド食堂とは?
hiyanger
0
120
役員・マネージャー・著者・エンジニアそれぞれの立場から見たAWS認定資格
nrinetcom
PRO
4
6.4k
技術スタックだけじゃない、業務ドメイン知識のオンボーディングも同じくらいの量が必要な話
niftycorp
PRO
0
120
AWSを活用したIoTにおけるセキュリティ対策のご紹介
kwskyk
0
420
エンジニアリング価値を黒字化する バリューベース戦略を用いた 技術戦略策定の道のり
kzkmaeda
7
3.1k
Snowflake ML モデルを dbt データパイプラインに組み込む
estie
0
110
JavaにおけるNull非許容性
skrb
2
2.7k
事業モメンタムを生み出すプロダクト開発
macchiitaka
0
100
Two Blades, One Journey: Engineering While Managing
ohbarye
4
2.3k
RayでPHPのデバッグをちょっと快適にする
muno92
PRO
0
190
Featured
See All Featured
4 Signs Your Business is Dying
shpigford
183
22k
Bash Introduction
62gerente
611
210k
The Invisible Side of Design
smashingmag
299
50k
Gamification - CAS2011
davidbonilla
80
5.2k
Speed Design
sergeychernyshev
27
810
Stop Working from a Prison Cell
hatefulcrawdad
268
20k
Raft: Consensus for Rubyists
vanstee
137
6.8k
Documentation Writing (for coders)
carmenintech
68
4.6k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
114
51k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
251
21k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
2.1k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
Transcript
©2018 Wantedly, Inc. Learn more about Admission Webhooks Kubernetes
meetup #13 Yuichi Saito @munisystem
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍ "ENJTTJPO8FCIPPLTͱ ·ͱΊ Agenda
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͷ͓͞Β͍
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹQPEΛ࡞ͬͯΈΔ
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE࡞Δ͜ͱ͕Ͱ͖ͳ͍
©2018 Wantedly, Inc. ۙʹ͋Δ"ENJTTJPO$POUSPMMFSͷྫ ଘࡏ͠ͳ͍OBNFTQBDFʹରͯ͠QPE࡞Δ͜ͱ͕Ͱ͖ͳ͍ /BNFTQBDF-JGFDZDMF https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#namespacelifecycle
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛड͚ೖΕΔ͔ఆ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. "ENJTTJPO$POUSPMMFSͱ https://kubernetes.io/docs/reference/access-authn-authz/controlling-access/
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛॻ͖͑Δ͜ͱͰɺϚχϑΣετʹॻ͔ͣͱҎԼͷ͜ͱ͕ߦ͑Δ w ҙͷBOOPUBUJPOMBCFMΛ༩͢Δ w ΞϓϦέʔγϣϯͷڥมʹҙͷσʔλΛຒΊࠐΊΔ w QPEͷલ໘ʹQSPYZΛஔ͘
w ΠϝʔδΛॻ͖͑Δ w FUD "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔ͷஅΛҎԼͷใ͔Βߦ͑Δ w ϚχϑΣετͷ༰ w ΫϥΠΞϯτͷΞΧϯτϩʔϧͷछྨ w ֎෦αʔϏεͱͷ࿈ܞ
w FUD "ENJTTJPO$POUSPMMFSͱ
©2018 Wantedly, Inc. w ೝূೝՄͷ͋ͱɺ0CKFDU͕ӬଓԽ͢Δલʹ ΫϥΠΞϯτ͔ΒͷཁٻΛΤΫηϓτ͢ΔͨΊͷΈ w "ENJTTJPO$POUSPMMFSNVUBUJOHͱWBMJEBUJOHͷछྨ͕ଘࡏ͢Δ w NVUBUJOHΫϥΠΞϯτͷཁٻΛॻ͖͑Δ
w WBMJEBUJOHΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ͔Ͳ͏͔Λஅ͢Δ "ENJTTJPO$POUSPMMFSͱ ෳࡶͳΦϖϨʔγϣϯػೳΛ,VCFSOFUFT෦Ͱ࣮ݱͰ͖Δ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. w Wd͔Βαϙʔτ͞Εͨ"ENJTTJPO$POUSPMMFSΛ֦ு͢ΔͨΊͷػೳ CFUB w BENJTTJPOQMVHJOTͰҎԼΛ༗ޮʹ͢Δ͜ͱͰར༻͕ՄೳʹͳΔ w
.VUBUJOH"ENJTTJPO8FCIPPL w 7BMJEBUJOH"ENJTTJPO8FCIPPL w Ͳ͜ͰΘΕ͍ͯΔʁ w *TUJP͕TJEFDBSͱͯ͠FOWPZΛEFQMPZ͢Δ࣌ʹར༻͍ͯ͠Δ w SFGIUUQTHJUIVCDPNJTUJPJTUJPCMPCNBTUFSQJMPUQLHLVCFJOKFDUXFCIPPLHP "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLT0WFSWJFX https://kubernetes.io/blog/2018/01/extensible-admission-is-beta/
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. "ENJTTJPO8FCIPPLTͷઃఆ 7BMJEBUJOH8FCIPPLTͷྫ ͜ͷઃఆͩͱ w ݅ w $MJFOU͔Βͷཁٻ͕
BQJ7FSTJPOWͷQPEͷ$3&"5&ͷ߹ w Ͳ͜ʹ w EFGBVMUOBNFTQBDFͷ FYBNQMFIPPLTFSWFSTFSWJDFͷ BENJUQPETʹରͯ͠ w ͳʹ͕ w 7BMJEBUJOHͷͨΊͷ"ENJTTJPO3FRVFTU ͕ૹΒΕͯ͘ΔΑ͏ʹͳΔ
©2018 Wantedly, Inc. w LVCFBQJTFSWFSʹ$BMMCBDLઌͱͯ͠)551TFSWFSΛొ͢Δ͜ͱͰɺ ͦ͜ʹ"ENJTTJPO3FRVFTU͕ඈΜͰ͘ΔΑ͏ʹͳΔ w 7BMJEBUJOH8FCIPPL$POpHVSBUJPO0CKFDU w .VUBUJOH8FCIPPL$POpHVSBUJPO0CKFDU
w "ENJTTJPO3FRVFTUʹର͠ฦ͢Δ3FTQPOTFͷܗࣜʹΑͬͯ "ENJTTJPO$POUSPMΛ࣮ݱ͢Δ "ENJTTJPO8FCIPPLTͱ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ
©2018 Wantedly, Inc. γϯϓϧͳ"ENJTTJPO8FCIPPLTͷྫ QPEͷ࡞͕ඞࣦͣഊ͢Δ
©2018 Wantedly, Inc. w "ENJTTJPO8FCIPPLT,VCFSOFUFTΛΧελϚΠζ͢ΔΈ w ͜ΕΛ͔ͭ͏͜ͱͰ,VCFSOFUFTʹෳࡶͳΦϖϨʔγϣϯΛ࣮ݱͰ͖Δ w ΫϥΠΞϯτͷཁٻΛड͚ೖΕΔ w
ΫϥΠΞϯτͷཁٻΛॻ͖͑Δ w /05ۜͷؙ w ͝ར༻ܭըతʹ ·ͱΊ