如何查看kubeadm搭建出来的集群,admin.conf文件,使用的是哪些用户?


当使用kubeadm工具搭建一个k8s集群之后,会自动的创建一个admin.conf文件。

 

同时,会建议将这个文件拷贝到$HOME/.kube/config,kubectl会使用这个配置文件来访问k8s集群,也可以说是访问apiserver。

 

那么,在admin.conf中,到底设置的是哪个用户呢?

 

下面,我们就来看下。

 

1、首先,获取admin中的客户端证书信息

 

[root@nccztsjb-node-23 .kube]# cd $HOME/.kube
[root@nccztsjb-node-23 .kube]# cat config 
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvakNDQWVhZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJek1ESXlOekEzTXpFeE5sb1hEVE16TURJeU5EQTNNekV4Tmxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTUZoClNxaXNMalFIS29MMDlCWlJtUG12bkgwbzcwZWlmOXpZTCtROXlNUzlVODNwRXQ5dk93VnhvWk1JOWdqSEhxMnAKZjNlYk8xaktYVEhscnpmQ3VTL1pMSW1yRjF6ZElIV0NJb281dlRPbWxSbjNlQlNBNGZiUnhXQVBtTlZLc2txKwpxRmJ0NmhXM0pqaXFSZGdzSGd2ZnZGU0szZktmMmdRdjNpUDljb2p1NG5lNHRYWHUyVUIxSFZGY2l4UUxHK3NGCmNUektCU2RSSFJncXhiMUJWWEJXT2pmdjVqUGo4WFhxWEdFbVdLZ0czV0FQVkRQSjZqUWFQZ1VsWWNURmhpOTMKZHZwSTduanhxaXhCdm1XZEV4ZXorcVRJa0Z0N1p5bUpjdUVuWlNmK2E3UFZwWENhc2tiVUJnRmxkVHp5eVFUKwpwVnlZR1gzc3pOUGRJQndWNjdzQ0F3RUFBYU5aTUZjd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZGT1QyTzhvYlJXdWFrRHIxck1mZklqK0NGcVZNQlVHQTFVZEVRUU8KTUF5Q0NtdDFZbVZ5Ym1WMFpYTXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBQnRld3lIaitYaGZmUElIQ2p4YwpockpkcFNIdTJZbElsL3BhOFFGTHdyZUtQZHpzYXNYUElhUUJyU2FsNUQ0TTlQVVFwSk9XMzhpQjBqUnpXZU9FCmJWN25jNnhTOVZJWThSSEdmSytDWGlqbGowYWFFNHFERm9oWUZQeCtHVlV6SG1YdUp6bXlGSnhPYVc2VG9XSkIKYXE0OFY1YktBSzBHaTJnUlA5Q053d01DQTBBeFV2Y25HUHJWVjNDckNnMFhxcElQc2dyTWdkUFpwbllkdUk3RApydnZXZkFvZU9QL2w0SzJrSkw5QWJTMG91Z0F0cy9GTFB1dEhRbFNLWDZ2T0FtUWtVNzFtbXBuNDkzUEt0ckNjCllHamFxQjZnbFpzVGI0emovdlBDMUJIbTM2S2JUeHptckRVWXd2Z2oxQWhOSmtuNDE5MlFRRExwTzMzdGFaTkUKdFZJPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
    server: https://172.20.58.83:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lJYlU0Q2orYkRzSEV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TXpBeU1qY3dOek14TVRaYUZ3MHlOREF5TWpjd056TXhNVGxhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXZIQmk2WEJ4WTBKVUNvdFoKYStlSHU2T3VSYlhIZGZVclRUS1RWaXFkU1IzYzZFdmprTUo0SityeThwbFdRVHduUldoQlNIM0k5MXorUlpldQo1MW5naFQ4R0dmMXBuRlg3ODZyRnl4UmF1SUVmWXozVWhnNEVlS1VxZkFFWjFXSkhEUDlWTjhxem01SmpuZDF0ClJ5MGI5TENqOFVLYUkrbnVieXhwOXl0VVA3TTZsRW83VUNieEc5S3FUSUlTWU14LzdQeGpWUmFGRlk4VjIvK2wKeUpQa25KUVNON3prK01PU29QWTAvWU8xajRnY3I2eDc5MDdYL1dGdHR6OGs2NDR0UkZXYm54Wk5JZWpqdEdjZAp3MXNZYm4zNmFVZ2kxRS9udDdUQm5LOVlBUE5IcGFLU0tYcG0yM1hVcC91ZmwzUjFUS0dQSnRHczZJaEZHRmJEClpNRkZMUUlEQVFBQm8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JSVGs5anZLRzBWcm1wQTY5YXpIM3lJL2doYQpsVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBbXQ0eVBuQ0d2ZUVnZE5XRFFqZ0pja3pKVkhneGhYaUxoUlJyClVFcDd1Z2ZoVFJoSmxnTHlPajJvb0wrMnpKOFFvdC8zaG9xNzFGTXlFcnFubEdUZitKay9IdUlwUkNIM2JlWmwKWmpvZkY0QW5RbU5LL2NjS2VVZGFERFBHeHFPaWFDME15MWN0cDZ6VnltUXkvSklScmlMUEFrYjhSekREN2ZDVQo5QzhFS0I3dEFlTThaZ2ZBZmhxUHVPcEttRXkySU81V042SE51UWRsenNpN0F3UEdhcVNxclNwaW9wV2NQaUxqCm1GMXV6cWQ2d08xTHQzTi9kZENKejFhSWMzL0VoNE1qTmpiTmRzbFJTK3p4Q2U2SnFIU0ppeXZFS2hPZTFyN1UKakhLa3Zxanh2enBvT2N2OTNSZ3NIM3orcmN0REx6YVV6MlJNQ1hZRG1NQVQzOFRqR2c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdkhCaTZYQnhZMEpVQ290WmErZUh1Nk91UmJYSGRmVXJUVEtUVmlxZFNSM2M2RXZqCmtNSjRKK3J5OHBsV1FUd25SV2hCU0gzSTkxeitSWmV1NTFuZ2hUOEdHZjFwbkZYNzg2ckZ5eFJhdUlFZll6M1UKaGc0RWVLVXFmQUVaMVdKSERQOVZOOHF6bTVKam5kMXRSeTBiOUxDajhVS2FJK251Ynl4cDl5dFVQN002bEVvNwpVQ2J4RzlLcVRJSVNZTXgvN1B4alZSYUZGWThWMi8rbHlKUGtuSlFTTjd6aytNT1NvUFkwL1lPMWo0Z2NyNng3CjkwN1gvV0Z0dHo4azY0NHRSRldibnhaTkllamp0R2NkdzFzWWJuMzZhVWdpMUUvbnQ3VEJuSzlZQVBOSHBhS1MKS1hwbTIzWFVwL3VmbDNSMVRLR1BKdEdzNkloRkdGYkRaTUZGTFFJREFRQUJBb0lCQVFDaXVPWWhNWEVveHJFdAovZEYxUlpWSGFudm1SS2YrYTMwK0I0dUZuL3o4azZZY2p0UHZRSTlqNFJaMGVnY3JCQmZoYnJyWkw0Mm9WZ3hZCjZqZ21IYzJ0SXBSUlF5eTh6TjlxTmpEaFFpMXBJRStMY213Z2F1QmZramtTcGh5NTBFa01wenplbGRMdFo4ZFEKSGxMc1lMN0FXUHpwTEp0UW9nUzh5ZnlqYlM0dVprcWwyZTF1MVl0MnpHUUp2WWEzT1piR3I3RXNGaWp4U3J5Sgo5QmNLbDcxT0hOaUJ3ZTlpRFYzNXplbWRFb0prSVd2Q2hlcDc4QVEvKzFuTGRZSmNCYWVldHkyYjhFWWx2c01BClFENnMwR3hZUms2TWNiQTJTT2ZydXVad3pKaFlhdnpEWEVOM1Nnc0Z5MFlZdW95YXJ1SlZGVlUzRDBWaEgzVnUKTk1hcWxwZDlBb0dCQU5iTktxNjZDTGpNbHNJbFpBUmNCNVJzV3VkQzVzL3dBdW94Nlp1V2Jna2VlaXdKRXV2YgpNOEZ4NTFHTWk2ZFFKaUg0aHJYRHRtRE50OE1yUDR4bzR4LzlIMVAvd2txZWkwaDQzeXFyQzVORHpCdWl4OGVqCkdDSno0bjlHdDc3UFpSRlhxaXlyNVFsNVEvNS9tRndxY3crclhsRjJlMHhmNGZFRjFzeW9qbDdiQW9HQkFPQ1UKMElJZXVvcnMrRmJ6bFRQUmY0aVYwa2ZVYnlaaStWWnVaVEp5bXNndy9PZXg1eTlTS3NIQ0FEMUhVeWNqUGlLcQozMFpuVEJib1RTZ1RXKzBoTU12TmpxUVJ0ZXFxUHV0L2VsUmZoMUphK0xJbHUvRVNCeENYcEtKUlA3MHRuVEJQCkw5K3Z4MXQrVkdXVXFoMG4zSExoSm1ONDJZRE1YMGVGWDdoK2laYVhBb0dBUElzSGhNZ2F2VHV0SW51M2ZTTVQKWDlwS3BQUk9hajJVRkw2TXdiWGN2ZVZCT2pnMGhSWDd1SUtLV0luc3N2UDhTNGJwTVVKQW5YaGVXenhOWlI0TApKbkVKNjNzaklEVWZ2UVdVb1Vva3NSVmk2a2N2V0MyNEY3M2lFVTIxYktxNEtmTXptL08zVXJ4RFZmQlEyV2w5CmxPVVFhSldrbXhwTGJNdmdoejdiSWhFQ2dZQUJwN2Nkcm1KTGtkR0d1b2JYK2V4SnNtajVWSXg1S1BPVGVuN08KYjEvS3ArbkZQMTluenVBM3kxazdHbUozZ0YvOTIycUgxMDBOUWlzSFo1VWUyMGJEeWNFS1hvTUx0ck4rQXRPQQorYTlDb1I4Q0dSc1lmTHlHbDhlRDFydDBobmlKR1p4TnRycnVackR5aXJUeVFBLzAzTW51bzc1ZW42TDRJUGlDCm9KUWRBd0tCZ1FEU2pVTWNhWE1KVW5BMWlsdHdCcXJtckttZGlIa1dPY25jVG9IVDVyWDAzcjRZU2krREdRZlkKRDRBTGlEVDBRNVNqSGJGRGxqcTdFNWhHR1RhUEFQS3VNbGdBME05L1VQSXRma2RNZGwvRkVPTW9PYTFQT055WQozLyswUzFtOXJmVHcrUzZScVAwUElKVlY4dVlPT3FyWXJUQjloMHp6NDRHNjdCS0Q4b2U5R0E9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
 

 

2、获取client-certificate-data的部分

 

[root@nccztsjb-node-23 .kube]# cat config | grep client-certificate-data | awk -F ":" '{print $2}' | tr -d " "
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lJYlU0Q2orYkRzSEV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TXpBeU1qY3dOek14TVRaYUZ3MHlOREF5TWpjd056TXhNVGxhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXZIQmk2WEJ4WTBKVUNvdFoKYStlSHU2T3VSYlhIZGZVclRUS1RWaXFkU1IzYzZFdmprTUo0SityeThwbFdRVHduUldoQlNIM0k5MXorUlpldQo1MW5naFQ4R0dmMXBuRlg3ODZyRnl4UmF1SUVmWXozVWhnNEVlS1VxZkFFWjFXSkhEUDlWTjhxem01SmpuZDF0ClJ5MGI5TENqOFVLYUkrbnVieXhwOXl0VVA3TTZsRW83VUNieEc5S3FUSUlTWU14LzdQeGpWUmFGRlk4VjIvK2wKeUpQa25KUVNON3prK01PU29QWTAvWU8xajRnY3I2eDc5MDdYL1dGdHR6OGs2NDR0UkZXYm54Wk5JZWpqdEdjZAp3MXNZYm4zNmFVZ2kxRS9udDdUQm5LOVlBUE5IcGFLU0tYcG0yM1hVcC91ZmwzUjFUS0dQSnRHczZJaEZHRmJEClpNRkZMUUlEQVFBQm8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JSVGs5anZLRzBWcm1wQTY5YXpIM3lJL2doYQpsVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBbXQ0eVBuQ0d2ZUVnZE5XRFFqZ0pja3pKVkhneGhYaUxoUlJyClVFcDd1Z2ZoVFJoSmxnTHlPajJvb0wrMnpKOFFvdC8zaG9xNzFGTXlFcnFubEdUZitKay9IdUlwUkNIM2JlWmwKWmpvZkY0QW5RbU5LL2NjS2VVZGFERFBHeHFPaWFDME15MWN0cDZ6VnltUXkvSklScmlMUEFrYjhSekREN2ZDVQo5QzhFS0I3dEFlTThaZ2ZBZmhxUHVPcEttRXkySU81V042SE51UWRsenNpN0F3UEdhcVNxclNwaW9wV2NQaUxqCm1GMXV6cWQ2d08xTHQzTi9kZENKejFhSWMzL0VoNE1qTmpiTmRzbFJTK3p4Q2U2SnFIU0ppeXZFS2hPZTFyN1UKakhLa3Zxanh2enBvT2N2OTNSZ3NIM3orcmN0REx6YVV6MlJNQ1hZRG1NQVQzOFRqR2c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
 

 

保存在config文件中的值,是经过base64加密的

 

进行解密,就是原始的证书的值

 

[root@nccztsjb-node-23 .kube]# cat config | grep client-certificate-data | awk -F ":" '{print $2}' | tr -d " " | base64 -d
-----BEGIN CERTIFICATE-----
MIIDITCCAgmgAwIBAgIIbU4Cj+bDsHEwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE
AxMKa3ViZXJuZXRlczAeFw0yMzAyMjcwNzMxMTZaFw0yNDAyMjcwNzMxMTlaMDQx
FzAVBgNVBAoTDnN5c3RlbTptYXN0ZXJzMRkwFwYDVQQDExBrdWJlcm5ldGVzLWFk
bWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHBi6XBxY0JUCotZ
a+eHu6OuRbXHdfUrTTKTViqdSR3c6EvjkMJ4J+ry8plWQTwnRWhBSH3I91z+RZeu
51nghT8GGf1pnFX786rFyxRauIEfYz3Uhg4EeKUqfAEZ1WJHDP9VN8qzm5Jjnd1t
Ry0b9LCj8UKaI+nubyxp9ytUP7M6lEo7UCbxG9KqTIISYMx/7PxjVRaFFY8V2/+l
yJPknJQSN7zk+MOSoPY0/YO1j4gcr6x7907X/WFttz8k644tRFWbnxZNIejjtGcd
w1sYbn36aUgi1E/nt7TBnK9YAPNHpaKSKXpm23XUp/ufl3R1TKGPJtGs6IhFGFbD
ZMFFLQIDAQABo1YwVDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRTk9jvKG0VrmpA69azH3yI/gha
lTANBgkqhkiG9w0BAQsFAAOCAQEAmt4yPnCGveEgdNWDQjgJckzJVHgxhXiLhRRr
UEp7ugfhTRhJlgLyOj2ooL+2zJ8Qot/3hoq71FMyErqnlGTf+Jk/HuIpRCH3beZl
ZjofF4AnQmNK/ccKeUdaDDPGxqOiaC0My1ctp6zVymQy/JIRriLPAkb8RzDD7fCU
9C8EKB7tAeM8ZgfAfhqPuOpKmEy2IO5WN6HNuQdlzsi7AwPGaqSqrSpiopWcPiLj
mF1uzqd6wO1Lt3N/ddCJz1aIc3/Eh4MjNjbNdslRS+zxCe6JqHSJiyvEKhOe1r7U
jHKkvqjxvzpoOcv93RgsH3z+rctDLzaUz2RMCXYDmMAT38TjGg==
-----END CERTIFICATE-----
[root@nccztsjb-node-23 .kube]
 

 

3、通过openssl工具,查看这个证书的内容

 

[root@nccztsjb-node-23 .kube]# cat config | grep client-certificate-data | awk -F ":" '{print $2}' | tr -d " " | base64 -d > admin.crt
[root@nccztsjb-node-23 .kube]# 
[root@nccztsjb-node-23 .kube]# openssl x509 -in admin.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7876235615392739441 (0x6d4e028fe6c3b071)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=kubernetes
        Validity
            Not Before: Feb 27 07:31:16 2023 GMT
            Not After : Feb 27 07:31:19 2024 GMT
        Subject: O=system:masters, CN=kubernetes-admin
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bc:70:62:e9:70:71:63:42:54:0a:8b:59:6b:e7:
                    87:bb:a3:ae:45:b5:c7:75:f5:2b:4d:32:93:56:2a:
                    9d:49:1d:dc:e8:4b:e3:90:c2:78:27:ea:f2:f2:99:
                    56:41:3c:27:45:68:41:48:7d:c8:f7:5c:fe:45:97:
                    ae:e7:59:e0:85:3f:06:19:fd:69:9c:55:fb:f3:aa:
                    c5:cb:14:5a:b8:81:1f:63:3d:d4:86:0e:04:78:a5:
                    2a:7c:01:19:d5:62:47:0c:ff:55:37:ca:b3:9b:92:
                    63:9d:dd:6d:47:2d:1b:f4:b0:a3:f1:42:9a:23:e9:
                    ee:6f:2c:69:f7:2b:54:3f:b3:3a:94:4a:3b:50:26:
                    f1:1b:d2:aa:4c:82:12:60:cc:7f:ec:fc:63:55:16:
                    85:15:8f:15:db:ff:a5:c8:93:e4:9c:94:12:37:bc:
                    e4:f8:c3:92:a0:f6:34:fd:83:b5:8f:88:1c:af:ac:
                    7b:f7:4e:d7:fd:61:6d:b7:3f:24:eb:8e:2d:44:55:
                    9b:9f:16:4d:21:e8:e3:b4:67:1d:c3:5b:18:6e:7d:
                    fa:69:48:22:d4:4f:e7:b7:b4:c1:9c:af:58:00:f3:
                    47:a5:a2:92:29:7a:66:db:75:d4:a7:fb:9f:97:74:
                    75:4c:a1:8f:26:d1:ac:e8:88:45:18:56:c3:64:c1:
                    45:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                keyid:53:93:D8:EF:28:6D:15:AE:6A:40:EB:D6:B3:1F:7C:88:FE:08:5A:95

    Signature Algorithm: sha256WithRSAEncryption
         9a:de:32:3e:70:86:bd:e1:20:74:d5:83:42:38:09:72:4c:c9:
         54:78:31:85:78:8b:85:14:6b:50:4a:7b:ba:07:e1:4d:18:49:
         96:02:f2:3a:3d:a8:a0:bf:b6:cc:9f:10:a2:df:f7:86:8a:bb:
         d4:53:32:12:ba:a7:94:64:df:f8:99:3f:1e:e2:29:44:21:f7:
         6d:e6:65:66:3a:1f:17:80:27:42:63:4a:fd:c7:0a:79:47:5a:
         0c:33:c6:c6:a3:a2:68:2d:0c:cb:57:2d:a7:ac:d5:ca:64:32:
         fc:92:11:ae:22:cf:02:46:fc:47:30:c3:ed:f0:94:f4:2f:04:
         28:1e:ed:01:e3:3c:66:07:c0:7e:1a:8f:b8:ea:4a:98:4c:b6:
         20:ee:56:37:a1:cd:b9:07:65:ce:c8:bb:03:03:c6:6a:a4:aa:
         ad:2a:62:a2:95:9c:3e:22:e3:98:5d:6e:ce:a7:7a:c0:ed:4b:
         b7:73:7f:75:d0:89:cf:56:88:73:7f:c4:87:83:23:36:36:cd:
         76:c9:51:4b:ec:f1:09:ee:89:a8:74:89:8b:2b:c4:2a:13:9e:
         d6:be:d4:8c:72:a4:be:a8:f1:bf:3a:68:39:cb:fd:dd:18:2c:
         1f:7c:fe:ad:cb:43:2f:36:94:cf:64:4c:09:76:03:98:c0:13:
         df:c4:e3:1a
[root@nccztsjb-node-23 .kube]# 

 

 

通过上面的输出,可以知道:

        Subject: O=system:masters, CN=kubernetes-admin

 

 

证书的用户是kubernetes-admin

所在的用户组是system:masters

 

system:masters是超级用户组,可以绕过授权层。

你好,

如果你读完了整个技术文章,说明你是个技术爱好者,钻研者。

在4年多的k8s体系运维时间里,我整理了230个,k8s最常见(最关键)的问题。

这些问题,让我轻松地应对几乎所有的k8s问题,并且,都是基于项目及大量的实验的总结。

如果你能够彻底掌握这些问题,你的知识体系,k8s基本功,就可以轻松超过80%的k8s运维人员。

更重要的是,掌握这些知识非常简单,每天5个问题,2个月后,你就可以打下k8s的见识基础,让你在云原生领域游刃有余。

每个问题,都有对应的答案,以及相关的示例演示(有些还有项目背景说明)

只要,一步一步,跟着做,就可以了。

当然,如果你想要在更短的时间内,成为k8s高手,你只需要多练习几次就可以了。

不过,和你自己从头摸索相比较,大大减少了你的学习时间,同时,大大提升了你的学习效力。

更加重要的是,如果你知道20/80原理,你就会明白,这些都是工作中最常用,最有效的20%的问题。

这个资料是第一次公开,为了了解市场上,有多少人在关注k8s的技术,我决定免费赠送这个问题指南,只当交个朋友。

添加微信:13240133388,备注:k8s

我将送你一份免费的PDF报告。

你应该知道,一本k8s权威指南(800页,没几个人看得完),要179.90元,这些问题,是在反复阅读和实践了这本书之后,结合项目实践,得出来的精华。

想想看,这将节省你多少时间?而你得到是最精华的部分?

相信你,掌握之后,立马让你的工作的效率大增,你的领导会对你的进步刮目相看。

PS. 行动是一切的开始,现在立马订阅吧。期待你的蜕变。

 

posted @ 2023-09-21 11:42  Zhai_David  阅读(221)  评论(0编辑  收藏  举报