K
Q

Accessing Kubernetes API using username and password

11/19/2018

I'm am currently configuring Heketi Server (Deployed on K8S clusterA) to interact with my Glusterfs cluster that is deployed as a DaemonSet on another K8S cluster ClusterB.

One of the configurations required by Heketi to connect to GlusterFS K8S cluster are :

    "kubeexec": {
      "host" :"https://<URL-OF-CLUSTER-WITH-GLUSTERFS>:6443",
      "cert" : "<CERTIFICATE-OF-CLUSTER-WITH-GLUSTERFS>",
      "insecure": false,
      "user": "WHERE_DO_I_GET_THIS_FROM",
      "password": "<WHERE_DO_I_GET_THIS_FROM>",
      "namespace": "default",
      "backup_lvm_metadata": false
    },

As you can see, it requires a user and password. I have no idea where to get that from. One thing that comes to mind is creating a service account on ClusterB and using the token to authenticate but Heketi does not seem to be taking that as an authentication mechanism.

The cert is something that I got from /usr/local/share/ca-certificates/kube-ca.crt but I have no idea where to get the user/password from. Any idea what could be done?

If I do a kubectl config view I only see certificates for the admin user of my cluster.

--
glusterfs
kubernetes

Similar Questions

Store GKE Kubernetes secret on KMS
Kubernetes with Kops is it correct to have each master in its own instance group?
Debugging NATS messages from Kubernetes event
kube-system: Pod Warning FailedScheduling default-scheduler no nodes available to schedule pods
How are git repositories used by Snakemake via kubernetes?
Lots of errors about http: TLS handshake error from &lt;ip&gt;:&lt;port&gt;: remote error: tls: bad certificate

1 Answer

11/20/2018

That could only mean one thing: basic HTTP auth.

You can specify a username/password in a file when you start the kube-apiserver with the --basic-auth-file=SOMEFILE option.

-- Rico
Source: StackOverflow