Alternte to kubeconfig examples
deekshahegde86 opened this issue · 7 comments
What options can we have if we dont want to use Kube config ?
Can you share examples
what requirements do you have? how would you like to connect instead of kube config?
in cluster pods just need a service account with appropriate rolebindings, and there are a few ways of passing auth parameters, but really I'd recommend either kube config or a pod service account
Issues go stale after 90d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen
.
If this issue is safe to close now please do so with /close
.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh by commenting /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen
.
If this issue is safe to close now please do so with /close
.
/lifecycle rotten
/remove-lifecycle stale
I have same requirements, now i try to explain my point of view and my scenario:
- i call api from an external app (ex from provisioning sw), not in cluster
- I prefear use an external idp (es our LDAP) for central manage the "tecnical" credentials and avoid generation and management of serviceaccount in multiple cluster
- I don't trust use of a kubeconfig or a static token retreived from a serviceaccount, for my point of view this isn't the best security approach.
Now i try to authenticate me with oauth for have the token to spend for create a CoreV1 session.
I don't know is this approach is correct, What do you think about it?
Hi,
I just sent this PR (#399) implementig the user-password login extending the kubernetes.client.Configuration
class.
Rotten issues close after 30d of inactivity.
Reopen the issue by commenting /reopen
.
Mark the issue as fresh by commenting /remove-lifecycle rotten
.
Exclude this issue from closing again by commenting /lifecycle frozen
.
/close
@openshift-bot: Closing this issue.
In response to this:
Rotten issues close after 30d of inactivity.
Reopen the issue by commenting
/reopen
.
Mark the issue as fresh by commenting/remove-lifecycle rotten
.
Exclude this issue from closing again by commenting/lifecycle frozen
./close
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.