Alternte to kubeconfig examples

Question

Alternte to kubeconfig examples

deekshahegde86 opened this issue 4 years ago · 7 comments

What options can we have if we dont want to use Kube config ?

Can you share examples

Answer 1 · 2020-10-13T10:28:02.000Z

what requirements do you have? how would you like to connect instead of kube config?

in cluster pods just need a service account with appropriate rolebindings, and there are a few ways of passing auth parameters, but really I'd recommend either kube config or a pod service account

Answer 2 · 2021-01-11T12:07:06.000Z

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

Answer 3 · 2021-02-10T17:17:17.000Z

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

Answer 4 · 2021-02-21T15:56:34.000Z

I have same requirements, now i try to explain my point of view and my scenario:

i call api from an external app (ex from provisioning sw), not in cluster
I prefear use an external idp (es our LDAP) for central manage the "tecnical" credentials and avoid generation and management of serviceaccount in multiple cluster
I don't trust use of a kubeconfig or a static token retreived from a serviceaccount, for my point of view this isn't the best security approach.

Now i try to authenticate me with oauth for have the token to spend for create a CoreV1 session.

I don't know is this approach is correct, What do you think about it?

Answer 5 · 2021-03-14T18:04:04.000Z

Hi,
I just sent this PR (#399) implementig the user-password login extending the kubernetes.client.Configuration class.

Answer 6 · 2021-04-13T18:40:55.000Z

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Answer 7 · 2021-04-13T18:42:09.000Z

@openshift-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.