K
Q

GOCD agent registration with kubernetes

8/9/2018

I want register kubernetes-elastic-agents with gocd-server. In the doc https://github.com/gocd/kubernetes-elastic-agents/blob/master/install.md

I need kubernetes security token and cluster ca certificate. My Kubernetes is running. How do I create a security token? Where can I find the cluster ca cert?

Jake

-- Jake He
go-cd
kubernetes

Similar Questions

How to give full permissions to a shared volume in kubernetes
how to configure an internal static ip for pod inside of minikube
Google Cloud Kubernetes not reading application credentials correctly
Minikube running out of space and failing despite --disk-size flag
Integrate bitbucket with Tekton as k8s basic-auth
How to change the persistent volume claims change default directory?
What role permissions are required to support “rollout undo”?

1 Answer

8/10/2018

There are two answers:

The first is that it's very weird that one would need to manually input those things since they live in a well-known location on disk of any Pod (that isn't excluded via the automountServiceAccountToken field) as described in Accessing the API from a Pod

The second is that if you really do need a statically provisioned token belonging to a ServiceAccount, then you can either retrieve an existing token from the Secret that is created by default for every ServiceAccount, or create a second Secret as described in Manually create a service account API token

The CA cert you requested is present in every Pod in the cluster at the location mentioned in the first link, as well as in the ~/.kube/config of anyone who wishes to access the cluster. kubectl config view -o yaml will show it to you.

-- mdaniel
Source: StackOverflow