K
Q

How to enable anonymous authentication for Kubernetes cluster using kops?

3/23/2020

I want to enable anonymous authentication using kops, but it's default settings provides the --anonymous-auth=false options to kube-apiserver:

/usr/local/bin/kube-apiserver --allow-privileged=true --anonymous-auth=false --apiserver-count=1 --authorization-mode=RBAC --basic-auth-file=/srv/kubernetes/basic_auth.csv --bind-address=0.0.0.0 --client-ca-file=/srv/kubernetes/ca.crt

How can I change this setting, either for my current cluster or by creating a new cluster?

-- Shuzheng
amazon-web-services
cluster-computing
docker
kops
kubernetes

Similar Questions

How to use / install Ansible collections - Content has no field named 'owner' and sorry, community.kubernetes was not found
Running Jobs in Kubernetes
Kubernetes ResourceQuota and Autoscale
Discrepancy in POD memory utilization and RSS from Node's ps

1 Answer

3/23/2020

You can ssh to master nodes and modify the kube-apiserver.yaml in /etc/kubernetes/manifests and add that flag.

spec:
  containers:
  - command:
  - --anonymous-auth=true

Then you need to restart your kube-apiserver.

This could vary depending on what you are running in your masters. If something like docker you can do sudo systemctl restart docker or you might need to restart containerd if you are using it instead of docker systemctl restart containerd

Or if you want to just start the kube-apiserver you can do docker restart kube-apiserver or crictl stop kube-apiserver; crictl start kube-apiserver.

-- Arghya Sadhu
Source: StackOverflow