K
Q

Use multiple contexts with same user-name in kubectl config

3/12/2020

I want to use multiple clusters with my kubectl so I either put everything into one config or add one config file per cluster to the KUBECONFIG env variable. That's all fine.

My problem is now, that I've users with the same user-name for each cluster but they use different client-key-data for each cluster (context) but somehow the context uses that user-name so it's not clear which user belongs to which cluster.

Better give an example:

Cluster 1:

apiVersion: v1
kind: Config
clusters:
- cluster:
    server: https://10.11.12.13:8888
  name: team-cluster
contexts:
- context:
    cluster: team-cluster
    user: kubernetes-admin
  name: kubernetes-admin@team-cluster
users:
- name: kubernetes-admin
  user:
    client-certificate-data: XXYYYZZZ
    client-key-data: XXXYYYZZZ

Cluster 2:

apiVersion: v1
kind: Config
clusters:
- cluster:
    server: https://10.11.12.14:8888
  name: dev-cluster
contexts:
- context:
    cluster: dev-cluster
    user: kubernetes-admin
  name: kubernetes-admin@dev-cluster
users:
- name: kubernetes-admin
  user:
    client-certificate-data: AABBCC
    client-key-data: AABBCC

As you see, in both cluster there's a user with name kubernetes-admin but from the context it's not clear which of those. Maybe there's another way to give it a unique identifier that is used by the context.

Maybe the solution is obvious but I've not found any example for such a case. Thanks for any help.

-- Christof Aenderl
kubectl
kubernetes

Similar Questions

EFK - Have preconfigured filter by container that will appear in Kibana
How to terminate another container in the same pod when your main container finish its job
Error on OpenShift when trying to use Dockerfile
Helm Chart Versions

1 Answer

3/12/2020

If you have multiple kubeconfig files in the KUBECONFIG variable, then kubectl internally merges them before usage (see here). So, if you have two users with the same name in your kubeconfig files, they will probably override each other and you get either one or the other.

The solution is to either use different names for the users in the various kubeconfig files, or to explicitly specify one of the kubeconfig files, e.g. kubectl --kubeconfig dev-cluster.conf or having only a single kubeconfig file in the KUBECONFIG variable at a time.

In general, I would recommend the first approach and use a unique name for each different set of credentials (i.e. user) across your entire local configuration.

-- weibeld
Source: StackOverflow