{"id":386,"date":"2022-12-01T15:02:12","date_gmt":"2022-12-01T07:02:12","guid":{"rendered":"http:\/\/idaas-doc.cloudentify.com\/docs\/?p=386"},"modified":"2023-03-23T16:46:28","modified_gmt":"2023-03-23T08:46:28","slug":"rancher","status":"publish","type":"post","link":"https:\/\/idaas-doc.cloudentify.com\/docs\/rancher\/","title":{"rendered":"Rancher"},"content":{"rendered":"\n

1. IDaaS\u5e73\u53f0\u6dfb\u52a0Rancher<\/strong><\/span><\/h3>\n\n\n\n

1.1 \u7528\u7ba1\u7406\u5458\u8d26\u53f7\u767b\u5f55\u98de\u5929\u4e91\u4fe1IDaaS\u7ba1\u7406\u5e73\u53f0<\/a>\u3002<\/p>\n\n\n\n

1.2 \u70b9\u51fb\u3010\u5e94\u7528\u7ba1\u7406\u3011-\u3010\u4f01\u4e1a\u5e94\u7528\u5217\u8868\u3011\u67e5\u770b\u81ea\u5df1\u7684\u6240\u6709\u5e94\u7528\u3002<\/p>\n\n\n\n

1.3 \u70b9\u51fb\u3010\u6dfb\u52a0\u5e94\u7528\u3011\u6309\u94ae\uff0c\u9009\u62e9\u3010\u96c6\u6210\u5e94\u7528\u3011\uff0c\u70b9\u51fb\u3010\u8fdb\u5165\u5e94\u7528\u5e02\u573a\u3011\uff08\u6216\u8005\u70b9\u51fb\u3010\u5e94\u7528\u7ba1\u7406\u3011-\u3010\u5e94\u7528\u5e02\u573a\u3011\uff09\uff0c\u9009\u62e9\u3010Rancher\u3011\uff0c\u586b\u5165\u5e94\u7528\u540d\u79f0\u540e\uff0c\u70b9\u51fb\u3010\u4e0b\u4e00\u6b65\u3011\uff0c\u5728\u901a\u7528\u914d\u7f6e\u5904\u6309\u8981\u6c42\u586b\u5165\u4fe1\u606f\u540e\uff0c\u70b9\u51fb\u3010\u786e\u5b9a\u3011\uff0c\u5373\u53ef\u5728\u4f01\u4e1a\u5e94\u7528\u5217\u8868\u67e5\u770b\u65b0\u6dfb\u52a0\u7684\u5e94\u7528\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

\u5b57\u6bb5\u8bf4\u660e\uff1a<\/strong><\/p>\n\n\n\n

\u5b57\u6bb5<\/strong><\/td>\u5b57\u6bb5\u8bf4\u660e<\/strong><\/td><\/tr>
\u96c6\u6210\u5e94\u7528\u540d\u79f0<\/td>\u901a\u5e38\u586b\u5199\u4e3aRancher\uff0c\u4e5f\u53ef\u81ea\u5b9a\u4e49\u3002\u6b64\u540d\u79f0\u4f1a\u5c55\u793a\u5728\u4f60\u7684\u5e94\u7528\u5217\u8868\u3002<\/td><\/tr>
\u8ba4\u8bc1\u5730\u5740<\/td>\u53ef\u968f\u610f\u586b\u5199\uff0c\u914d\u7f6e\u5b8c\u6210\u540e\u7528\u6237\u53ef\u590d\u5236\u8be5\u94fe\u63a5\u76f4\u63a5\u767b\u5f55\u5230Rancher\u3002<\/td><\/tr>
\u7528\u6237\u6807\u8bc6<\/td>\u8bbf\u95ee\u5e94\u7528\u65f6\u5145\u5f53\u7528\u6237\u6807\u8bc6\u7684\u5c5e\u6027\u3002<\/td><\/tr>
ACS\u5730\u5740<\/td>Rancher\u5e73\u53f0\u4e0a\u914d\u7f6e\u5355\u70b9\u767b\u5f55\u540e\u7684\u8ba4\u8bc1\u8fd4\u56de\u5730\u5740\u3002<\/td><\/tr>
\u767b\u5f55\u5730\u5740<\/td>Rancher\u4f01\u4e1a\u8d26\u53f7URL\uff0c\u5728\u4f01\u4e1a\u7ba1\u7406\u2014\u4f01\u4e1a\u4fe1\u606f\u2014\u57fa\u7840\u4fe1\u606f\u4e0b\u9762\u3002<\/td><\/tr>
App Secret<\/td>\u7cfb\u7edf\u81ea\u52a8\u751f\u6210<\/td><\/tr>
\u5b89\u5168\u7b49\u7ea7<\/td>\u8be5\u5e94\u7528\u672a\u5173\u8054\u4efb\u4f55\u7b56\u7565\u65f6\uff0c\u5c06\u667a\u80fd\u5339\u914d\u5bf9\u5e94\u5b89\u5168\u7b49\u7ea7\u7684\u8ba4\u8bc1\u7b56\u7565\uff0c\u5177\u4f53\u7b56\u7565\u914d\u7f6e\u8be6\u60c5\u53ef\u5728\u3010\u8ba4\u8bc1\u7ba1\u7406\u3011-\u3010\u81ea\u9002\u5e94\u8ba4\u8bc1\u3011\u9875\u9762\u67e5\u770b\u3002<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

1.4 \u5728\u4f01\u4e1a\u5e94\u7528\u5217\u8868\u70b9\u51fb\u5e94\u7528\u56fe\u6807\uff0c\u5207\u6362\u5230\u3010\u8bbf\u95ee\u6388\u6743\u3011\u6807\u7b7e\u9875\uff0c\u6dfb\u52a0\u5141\u8bb8\u7528\u6237\u8bbf\u95ee\u6743\u9650\u3002<\/p>\n\n\n\n

2. Rancher\u5e73\u53f0\u914d\u7f6e<\/strong><\/span><\/h3>\n\n\n\n

2.1 \u4ee5\u7ba1\u7406\u5458\u8eab\u4efd\u767b\u5f55 Rancher\uff0c\u627e\u5230 User & Authentication \u914d\u7f6e\uff0c\u70b9\u51fb\u8fdb\u5165\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

2.2 \u70b9\u51fb\u300cAuth Provider\u300d\uff0c\u7136\u540e\u70b9\u51fb\u300cEdit Config\u300d\u8fdb\u5165Shibboleth\u914d\u7f6e\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

2.3 \u586b\u5199\u89c4\u5219\u5982\u4e0b\uff1a<\/p>\n\n\n\n

Display Name Field \u767b\u5f55\u540e\u7684\u5c55\u793a\u540d\u5b57\uff0c\u53ef\u9009\u503c\u6709 username, name, nickname, familyName, givenName, middleName, preferredUsername\uff1b<\/p>\n\n\n\n

User Name Field \u5373\u7528\u6237\u540d\uff0c\u5efa\u8bae\u586b\u5199 username\uff1b<\/p>\n\n\n\n

UID Field \u5373\u7528\u6237\u552f\u4e00\u6807\u8bc6\uff0c\u5efa\u8bae\u586b\u5199 email\uff1b<\/p>\n\n\n\n

Groups Field \u7528\u6237\u7ec4\u5c5e\u6027\uff0c\u53ef\u586b\u5199 roles\uff1b<\/p>\n\n\n\n

Rancher API Host \u7528 Rancher \u8bbf\u95ee\u5730\u5740\uff0c\u4f1a\u9ed8\u8ba4\u586b\u5199\uff1b<\/p>\n\n\n\n

Private Key \u548c Certificate\uff0c\u7528 openssl \u751f\u6210\u4e0a\u4f20\u5373\u53ef\uff0c\u5982 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout myservice.key -out myservice.cert\uff1b<\/p>\n\n\n\n

Metadata XML\uff0c\u98de\u5929\u4e91\u4fe1IDaaS\u7ba1\u7406\u5e73\u53f0\u6dfb\u52a0Rancher\u5e94\u7528\u540e\u7684SAML\u6587\u6863\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

\u4ee5\u4e0a\u5185\u5bb9\u586b\u5199\u5b8c\u6210\u540e\uff0c\u70b9\u51fb\u53f3\u4e0b\u89d2\u7684\u3010save\u3011\u6309\u94ae\uff0cRancher\u4f1a\u5f00\u59cb\u6d4b\u8bd5\u767b\u5f55\uff0c\u5728\u6253\u5f00\u7684\u767b\u5f55\u9875\u9762\u4e2d\u8f93\u5165\u98de\u5929\u4e91\u4fe1IDaaS\u7ba1\u7406\u5e73\u53f0\u4e2d\u5f00\u542f\u767b\u5f55\u8bbf\u95ee\u7684\u7528\u6237\u8d26\u53f7\u5bc6\u7801\u767b\u5f55\u5373\u53ef\uff0c\u6d4b\u8bd5\u901a\u8fc7\u4f1a\u4fdd\u5b58\u914d\u7f6e\u4fe1\u606f\u3002<\/p>\n\n\n\n

\u63d0\u793a\uff1a\u56e0\u4e3a\u8fd9\u91cc\u914d\u7f6e\u7528\u5230\u4e86email\uff0c\u6240\u4ee5\u98de\u5929\u4e91\u4fe1IDaaS\u7ba1\u7406\u5e73\u53f0\u7684\u7528\u6237\u8981\u7ed1\u5b9a\u90ae\u7bb1\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

3. \u4f53\u9a8c\u5355\u70b9\u767b\u5f55<\/strong><\/span><\/h3>\n\n\n\n

3.1 \u767b\u5f55\u7528\u6237\u95e8\u6237\u7cfb\u7edf\u3002<\/p>\n\n\n\n

3.2 \u767b\u5f55\u6210\u529f\u540e\uff0c\u5728\u83dc\u5355\u680f\u3010\u5e94\u7528\u4e2d\u5fc3\u3011\u5904\uff0c\u53ef\u4ee5\u770b\u52301.3\u6dfb\u52a0\u7684Rancher\u5e94\u7528\u7cfb\u7edf\uff0c\u70b9\u51fb\u5e94\u7528\u56fe\u6807\u6253\u5f00Rancher\u767b\u5f55\u754c\u9762\uff0c\u70b9\u51fb\u3010Log in with Shibboleth\u3011\u5373\u53ef\u5355\u70b9\u767b\u5f55\u5230Rancher\u5e73\u53f0\u3002<\/p>\n\n\n\n

\u63d0\u793a\uff1a\u9700\u8981\u6309\u7167\u5173\u8054\u7b56\u7565\u4e2d\u7684\u89c4\u5219\uff0c\u8ba4\u8bc1\u901a\u8fc7\u540e\u767b\u5f55\u8fdb\u5176\u5e94\u7528\u7cfb\u7edf\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

\u672c\u9875\u9762\u4e3b\u8981\u4ecb\u7ecd\u5c06Rancher\u96c6\u6210\u5230IDaaS\u4e2d\u7684\u8fc7\u7a0b\uff0c\u4f7f\u7528\u6237\u53ef\u4ee5\u5728\u7528\u6237\u95e8\u6237\u5355\u70b9\u767b\u5f55Rancher\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/posts\/386"}],"collection":[{"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/comments?post=386"}],"version-history":[{"count":5,"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/posts\/386\/revisions"}],"predecessor-version":[{"id":1528,"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/posts\/386\/revisions\/1528"}],"wp:attachment":[{"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/media?parent=386"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/categories?post=386"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/idaas-doc.cloudentify.com\/docs\/wp-json\/wp\/v2\/tags?post=386"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}