kuceconfig管理员账户
在python调用api时,需要使用这份config,最高权限
cat > admin-csr.json <<EOF
{
"CN": "admin",
"hosts": [],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "hangzhou",
"ST": "hangzhou",
"O": "system:masters",
"OU": "System"
}
]
}
EOF
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client admin-csr.json | cfssljson -bare admin
# 设置集群参数 kubectl config set-cluster kubernetes --server=https://192.168.18.56:6443 --certificate-authority=/opt/kubernetes/server/bin/cert/ca.pem --embed-certs=true --kubeconfig=admin.kubeconfig # 设置客户端认证参数 kubectl config set-credentials cluster-admin --certificate-authority=/opt/kubernetes/server/bin/cert/ca.pem --embed-certs=true --client-key=/opt/kubernetes/server/bin/cert/admin-key.pem --client-certificate=/opt/kubernetes/server/bin/cert/admin.pem --kubeconfig=admin.kubeconfig # 设置上下文参数 kubectl config set-context default --cluster=kubernetes --user=cluster-admin --kubeconfig=admin.kubeconfig # 设置默认上下文 kubectl config use-context default --kubeconfig=admin.kubeconfig