feat(k8s): enable integrates with Microsoft Entra ID

Signed-off-by: 孙振宇 <>

cluster/ansible/manifests/group_vars/k8s_cluster/k8s-cluster.yml

@@ -46,14 +46,14 @@ credentials_dir: "{{ inventory_dir }}/credentials"
 ## Variables for OpenID Connect Configuration https://kubernetes.io/docs/admin/authentication/
 ## To use OpenID you have to deploy additional an OpenID Provider (e.g Dex, Keycloak, ...)
 
-# kube_oidc_url: https:// ...
+kube_oidc_url: https://login.microsoftonline.com/cf151ee8-5c2c-4fe7-a1c4-809ba43c9f24
-# kube_oidc_client_id: kubernetes
+kube_oidc_client_id: 7cd1df19-24ea-46d7-acd3-5336283139e0
 ## Optional settings for OIDC
 # kube_oidc_ca_file: "{{ kube_cert_dir }}/ca.pem"
-# kube_oidc_username_claim: sub
+kube_oidc_username_claim: sub
-# kube_oidc_username_prefix: 'oidc:'
+kube_oidc_username_prefix: 'mathmast:'
-# kube_oidc_groups_claim: groups
+kube_oidc_groups_claim: groups
-# kube_oidc_groups_prefix: 'oidc:'
+kube_oidc_groups_prefix: 'mathmast:'
 
 ## Variables to control webhook authn/authz
 # kube_webhook_token_auth: false