[英]Kubernetes 1.6+ RBAC: Gain access as role cluster-admin via kubectl
1.6+ sees a lot of changes revolving around RBAC and ABAC. 1.6+带来了围绕RBAC和ABAC的许多变化。 However, what is a little quirky is not being able to access the dashboard etc. by default as previously possible. 但是,有点古怪的是,在默认情况下,默认情况下无法访问仪表板等。
Access will result in 访问将导致
User "system:anonymous" cannot proxy services in the namespace "kube-system".: "No policy matched."
Documentation at the k8s docs is plenty, but not really stating how to gain access practically, as creator of a cluster, to become cluster-admin
k8s文档上的文档很多,但并未真正说明如何作为集群的创建者实际地获得访问权限以成为cluster-admin
What is a practical way to authenticate me as cluster-admin
? 什么是将我认证为cluster-admin
的实用方法?
By far the easiest method is to use the credentials from /etc/kubernetes/admin.conf (this is on your master if you used kubeadm) . 到目前为止,最简单的方法是使用/etc/kubernetes/admin.conf中的凭据(如果使用kubeadm,则在您的主服务器上)。 Run kubectl proxy --kubeconfig=admin.conf
on your client and then you can visit http://127.0.0.1:8001/ui from your browser. 在客户端上运行kubectl proxy --kubeconfig=admin.conf
,然后可以从浏览器访问http://127.0.0.1:8001/ui 。
You might need to change the master address in admin.conf after you copied to you client machine. 复制到客户端计算机后,可能需要在admin.conf中更改主地址。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.