k8s 临时给匿名用户授权

dashboard 提示匿名不发访问deflaut namespace

可以给匿名用户创建角色

kubectl create clusterrolebinding test:anonymous --clusterrole=cluster-admin --user=system:anonymous

临时创建账户绑定角色

apiVersion: v1
kind: ServiceAccount
metadata:
  name: dashboard-admin
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: dashboard-admin
subjects:
  - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

获取token

 $TOKEN=((kubectl -n kube-system describe secret dashboard-admin-token | Select-String "token:") -split " +")[1] 
  echo $TOKEN

给docker-desktop 绑定角色

 kubectl create clusterrolebinding cluster-admin_docker_desktop --clusterrole=cluster-admin --user=docker-desktop

把toekn 加入到kubeconfig

 kubectl config set-credentials docker-desktop --token="${TOKEN}"

posted @ 2022-04-21 14:33 vx_guanchaoguo0 阅读(426) 评论(0) 编辑收藏举报

刷新页面返回顶部

guanchaoguo

k8s 临时给匿名用户授权

dashboard 提示匿名不发访问deflaut namespace

可以给匿名用户创建角色

临时创建账户绑定角色

获取token

给docker-desktop 绑定角色

把toekn 加入到kubeconfig

公告