For Kubernetes CLI from a Local LDAP Linux Account Login¶
You can establish credentials for executing Kubernetes CLIs (kubectl and helm) for a Local LDAP user, if required; this is not setup by default.
About this task
For more information about ldapusersetup, see Creating LDAP Linux Accounts.
Prerequisites
You must have a Kubernetes Service Account.
See Creating an Admin Type Service Account for details on how to create an admin level service account. For more clarifications, ask your ‘sysadmin’.
About this task
It is recommended to use the same username for both your Local LDAP user and your Kubernetes Service Account.
Procedure
Add your Local LDAP user account to the ‘root’ group in order to get access to execute kubectl.
If you have sudo permissions, run the following command first, and then re-ssh to your local LDAP user account, otherwise the ‘sysadmin’ will have to execute this step.
$sudo usermod -a -G root <ldapusername>
Configure kubectl access.
Note
Your ‘sysadmin’ should have given you a TOKEN while setting up your Kubernetes Service Account.
Execute the following commands:
$ kubectl config set-cluster mycluster --server=https://192.168.206.1:6443 --insecure-skip-tls-verify $ kubectl config set-credentials joe-admin@mycluster --token=$TOKEN $ kubectl config set-context joe-admin@mycluster --cluster=mycluster --user joe-admin@mycluster $ kubectl config use-context joe-admin@mycluster
You now have admin access to StarlingX Kubernetes cluster.