How to create Kubernetes cluster on IBM Cloud with service ID?

7/30/2018

I have created a IAM (identity and access management) service ID on IBM Cloud. Thereafter, I granted Administrator privilege for IBM Cloud Kubernetes Service to that service ID.

Now, how do I create a cluster using that service ID? I cannot log in to IBM Cloud with that id. What are the proper steps?

-- data_henrik
api
ibm-cloud
kubernetes
security

1 Answer

7/30/2018

It can be done by following this flow:
1. Create an API key for that service ID:

ibmcloud iam service-api-key-create KeyName ServiceId-identifier \
-d "an optional description" --file save-Api-key2this-file
  1. Using that API key, obtain an IAM token for that service ID.

    curl -k -X POST   --header "Content-Type: application/x-www-form-urlencoded" \
    --header "Accept: application/json" \
    --data-urlencode "grant_type=urn:ibm:params:oauth:grant-type:apikey" \
    --data-urlencode "apikey=APIKEY-FROM-STEP-1"\
    https://iam.bluemix.net/identity/token
  2. Use the REST API for Kubernetes service to create the cluster. Provide the token from step 2 for authorization:

    curl -X POST --header 'Content-Type: application/json' \
    --header 'Accept: application/json' \
    --header 'X-Region: eu-de' --header 'Authorization: TOKEN-FROM-STEP2' -d '{ \
      "dataCenter": "fra04", \ 
       "disableAutoUpdate": true, \ 
       "diskEncryption": true, \ 
       "enableTrusted": false, \ 
       "machineType": "u2c.2x4", \ 
       "name": "henrik-paid-fra04-serviceID", \ 
       "noSubnet": true, \ 
       "privateVlan": "2397641", \ 
       "publicVlan": "2397639", \ 
       "workerNum": 2 \ 
     }' 'https://containers.bluemix.net/v1/clusters'
-- data_henrik
Source: StackOverflow