You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I read your tutorial Kubernetes-The-Hard-Way-on-BareMetal.md which is complete and very useful, so thank you very much !
I have an issue that I am still struggling with. In authorization section you provide a file "authorization-policy.jsonl" which is here to define some users and their rights if I am not mistaken. Then your provide a file "token.csv" with the exact same users and a token . Based on this I'm able to start my cluster and everything works !
Now I want to be able to type kubectl XXX from my PC. So I did a config file in .kube folder using admin user and chAng3m3 as a token (same info as in the tutorial). Giving CA cert ect... it worked !
This is my question, how can I use client-certificate and client-key instead of token in my kubectl config file ? I've tried to create special certs for this new user "my user", add him in authorization-policy.jsonl with the same rights as the admin but I never succeeded => "kubectl get pods
Error from server (Forbidden): pods is forbidden: User "system:anonymous" cannot list pods in the namespace "default": No policy matched."
Thank you in advance for your help !
The text was updated successfully, but these errors were encountered:
Hello,
I read your tutorial Kubernetes-The-Hard-Way-on-BareMetal.md which is complete and very useful, so thank you very much !
I have an issue that I am still struggling with. In authorization section you provide a file "authorization-policy.jsonl" which is here to define some users and their rights if I am not mistaken. Then your provide a file "token.csv" with the exact same users and a token . Based on this I'm able to start my cluster and everything works !
Now I want to be able to type kubectl XXX from my PC. So I did a config file in .kube folder using admin user and chAng3m3 as a token (same info as in the tutorial). Giving CA cert ect... it worked !
This is my question, how can I use client-certificate and client-key instead of token in my kubectl config file ? I've tried to create special certs for this new user "my user", add him in authorization-policy.jsonl with the same rights as the admin but I never succeeded => "kubectl get pods
Error from server (Forbidden): pods is forbidden: User "system:anonymous" cannot list pods in the namespace "default": No policy matched."
Thank you in advance for your help !
The text was updated successfully, but these errors were encountered: