Accessing Kubernetes API using username and password

11/19/2018

I'm am currently configuring Heketi Server (Deployed on K8S clusterA) to interact with my Glusterfs cluster that is deployed as a DaemonSet on another K8S cluster ClusterB.

One of the configurations required by Heketi to connect to GlusterFS K8S cluster are :

    "kubeexec": {
      "host" :"https://<URL-OF-CLUSTER-WITH-GLUSTERFS>:6443",
      "cert" : "<CERTIFICATE-OF-CLUSTER-WITH-GLUSTERFS>",
      "insecure": false,
      "user": "WHERE_DO_I_GET_THIS_FROM",
      "password": "<WHERE_DO_I_GET_THIS_FROM>",
      "namespace": "default",
      "backup_lvm_metadata": false
    },

As you can see, it requires a user and password. I have no idea where to get that from. One thing that comes to mind is creating a service account on ClusterB and using the token to authenticate but Heketi does not seem to be taking that as an authentication mechanism.

The cert is something that I got from /usr/local/share/ca-certificates/kube-ca.crt but I have no idea where to get the user/password from. Any idea what could be done?

If I do a kubectl config view I only see certificates for the admin user of my cluster.

--
glusterfs
kubernetes

1 Answer

11/20/2018

That could only mean one thing: basic HTTP auth.

You can specify a username/password in a file when you start the kube-apiserver with the --basic-auth-file=SOMEFILE option.

-- Rico
Source: StackOverflow