K
Q

Enabling RBAC on Kubernetes on Azure

10/3/2017

I'm trying to enable RBAC on my k8s cluster on azure. I ssh'ed into my master node and edited the kube-apiserver.yaml with the --authorization-mode=RBAC flag. Then I delete the kube-apiserver pod in order to restart the api server. However, when upon restart the --authorization-mode=RBAC config is ignored. Anybody have any advice?

Also the api server configuration is set to --v=10 and the image is v1.6.6

-- user1828780
azure
kubernetes
rbac

Similar Questions

Upgrade kubernetes from 1.5.5 to 1.5.8 or to 1.7/1.8
Kubectl apply return certificate has expired or is not yet valid
OpenShift route - Unable to connect to remote host: No route to host
How to use variables with .Values in helm template

2 Answers

10/4/2017

Deleting the pod is not enough. You need to restart kubelet in order for the new options to be applied.

   systemctl restart kubelet
-- Javier Salmeron
Source: StackOverflow
10/6/2017

I was finally able to generate a cluster that would allow me to enable RBAC on azure by generating an arm template using Azure Container Service Engine: https://github.com/Azure/acs-engine

By using the above library I could create a new arm template with RBAC enabled and then use the Azure CLI to create a RBAC, configurable Kubernetes cluster.

-- user1828780
Source: StackOverflow