K
Q

Explicit configuration for oidc and k8s

8/7/2017

I have setup k8s single node cluster with kubeadm. I have configured oidc with it and made changes to ~/.kube/config file. Is there any explicit configuration that has to be done to kubectl context or credentials?

I have added the user, client-id, client-secret, id_token and refresh id to the /.kube/config file. Apart from this i have added oidc-issuer-url, oidc-username-claim and oidc-client-id to kube-apiserver.yaml file.

Apart from this is there anything else that has to be added? I assume i am missing something due to which i get error: You must be logged in to the server (the server has asked for the client to provide credentials) when i try the command kubectl --user=name@gmail.com get nodes

-- NSP
kubeadm
kubectl
kubernetes

Similar Questions

How to get the kubernetes config via sudo when using gcloud?
How to add new Pod property in yaml in kubernetes
kubectl - error: You must be logged in to the server
Why does kubectl have different behavior with sudo?

1 Answer

9/5/2017

you may take a look at the log of apiserver to check what error you get during authentication.

And you should add oidc-issuer-url, oidc-username-claim, oidc-client-id, and --oidc-ca-file in apiserver.yaml.

-- Jian Qiu
Source: StackOverflow