stackoom
  简体   繁体   中英

How To login to azure kubernetes cluster?

 原文  2019-06-10 04:18:26       kubernetes/ azure-aks

Question

How can we login to a AKS cluster created , by using service account? We are asked to execute kubectl create clusterrolebinding add-on-cluster-admin ......... but we are not aware how to use this and login to the created cluster in Azure

2 answers

solution1
 2  2019-06-10 04:51:47

you can use this quick start tutorial: https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough#connect-to-the-cluster

basically you need to install kubectl: 

az aks install-cli

and pull credentials for AKS: 

az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

solution2
 1 ACCPTED  2019-06-14 10:42:14

As per ducemtaion:

User accounts vs service accounts Kubernetes distinguishes between the concept of a user account and a service account for a number of reasons: User accounts are for humans. Service accounts are for processes, which run in pods . User accounts are intended to be global. Names must be unique across all namespaces of a cluster, future user resource will not be namespaced. Service accounts are namespaced. Typically, a cluster's User accounts might be synced from a corporate database, where new user account creation requires special privileges and is tied to complex business processes. Service account creation is intended to be more lightweight, allowing cluster users to create service accounts for specific tasks (ie principle of least privilege) . Auditing considerations for humans and service accounts may differ. A config bundle for a complex system may include definition of various service accounts for components of that system. Because service accounts can be created ad-hoc and have namespaced names, such config is portable.

As an example: 

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: secret-reader
rules:
- apiGroups: [""]
  resources: ["secrets"]
  verbs: ["get", "watch", "list"]

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: read-secrets-global
subjects:
- kind: User
  name: manager
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: secret-reader
  apiGroup: rbac.authorization.k8s.io

you can find other helpful information here , in official kubernetes documentation , and Azure Kubernetes Service AKS

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to connect a Vagrant Kubernetes cluster to Azure DevOps How to open kubernetes dashboard on azure cluster? How to create namespace in existing azure Kubernetes cluster How to find --name of kubernetes cluster in Azure portal? Configure Kubernetes for an Azure cluster How to monitor the Azure Kubernetes Cluster resource status in Azure Portal? How to login as root user to Azure Kubernetes pod Planning Kubernetes-Cluster on Azure Vertical scaling of azure kubernetes cluster Creating a Kubernetes cluster in Azure fails
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM