For Kubernetes CLI from a Local LDAP Linux Account Login

You can establish credentials for executing Kubernetes CLIs (kubectl and helm) for a Local LDAP user, if required; this is not setup by default.

About this task

For more information about ldapusersetup, see Creating LDAP Linux Accounts.

Prerequisites

• You must have a Kubernetes Service Account.

• See Creating an Admin Type Service Account for details on how to create an admin level service account. For more clarifications, ask your ‘sysadmin’.

About this task

It is recommended to use the same username for both your Local LDAP user and your Kubernetes Service Account.

Procedure

1. Add your Local LDAP user account to the ‘root’ group in order to get access to execute kubectl.

   If you have sudo permissions, run the following command first, and then re-ssh to your local LDAP user account, otherwise the ‘sysadmin’ will have to execute this step.

   $sudo usermod -a -G root <ldapusername>
   

2. Configure kubectl access.

   Note

   Your ‘sysadmin’ should have given you a TOKEN while setting up your Kubernetes Service Account.

   Execute the following commands:

   $ kubectl config set-cluster mycluster --server=https://192.168.206.1:6443 --insecure-skip-tls-verify
   $ kubectl config set-credentials joe-admin@mycluster --token=$TOKEN
   $ kubectl config set-context joe-admin@mycluster --cluster=mycluster  --user joe-admin@mycluster
   $ kubectl config use-context joe-admin@mycluster
   

   You now have admin access to StarlingX Kubernetes cluster.