K
Q

enable kubernetes authentication api on gke

9/25/2017

It seems that in order to use the vault kubernetes auth backend, the authentication.k8s.io api must be enabled. GKE does not seem to have this enabled (/apis/authentication.k8s.io/ returns a 404)

Any idea why this is not enabled? From what i understand, this is not an alpha feature. I am using kubernetes 1.7.6.

-- snkcld
google-cloud-platform
google-kubernetes-engine
kubernetes

Similar Questions

OpenShift - how to create a new image stream?
Kubernetes pod deployment error FailedSync| Error syncing pod
Run a pod without scheduler in Kubernetes
Kubernetes share volume between containers inside a Deployment

2 Answers

9/25/2017

According to https://kubernetes.io/docs/admin/authentication/

Additionally, the API server must enable the authentication.k8s.io/v1beta1 API extensions group (--runtime-config=authentication.k8s.io/v1beta1=true).

I advise you to change that configuration on the api server and restart it.

-- Javier Salmeron
Source: StackOverflow
9/25/2017

You're correct that GKE does not turn on the TokenReview API (if you're managing your own Kubernetes cluster, then Javier's answer is the one to look at).

GKE is planning to turn on the APIs in an upcoming release.

-- CJ Cullen
Source: StackOverflow