One of the most scalable approaches to Kubernetes Authentication has to be OpenID Connect Token. These JWT (Json Web Tokens) are issued by a third party (in our case Keycloak) Token Issuer. Kubernetes can then verify whether the token is valid, without having to query Token Issuer. This is what makes this setup quite decoupled and very scalable.

In this video, you'll learn how to configure the apiserver using a minikube Kubernetes cluster. We're running Keycloak as an Identity Provider outside of the Cluster on our local machine using Docker. This leads us to yet another problem though: How can the Minikube cluster (which is running inside a virtual machine) access the Keycloak instance on the host machine? Learn how we tackle this and other issues in this brand new episode on Kubernetes Authentication.