Last active
April 22, 2024 16:45
-
-
Save xchandan/b25ef1a56643c17c272581838f026b58 to your computer and use it in GitHub Desktop.
Revisions
-
xchandan revised this gist
Apr 22, 2024 . No changes.There are no files selected for viewing
-
Apr 22, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -36,4 +36,4 @@ kubectl auth can-i create deployments --namespace=default --as=chandan kubectl get pods --as=chandan #https://aungzanbaw.medium.com/a-step-by-step-guide-to-creating-users-in-kubernetes-6a5a2cfd8c71 -
Apr 21, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,39 @@ openssl genpkey -out chandan.key -algorithm Ed25519 cat chandan.key openssl req -new -key chandan.key -out chandan.csr -subj "/CN=chandan/O=edit" creq=$(cat chandan.csr | base64 | tr -d "\n") cat <<EOF | kubectl apply -f - apiVersion: certificates.k8s.io/v1 kind: CertificateSigningRequest metadata: name: chandan spec: request: ${creq} signerName: kubernetes.io/kube-apiserver-client expirationSeconds: 86400 # one day usages: - client auth EOF kubectl get certificatesigningrequest.certificates.k8s.io kubectl certificate approve chandan kubectl describe csr/chandan kubectl get csr/chandan -o json kubectl get csr/chandan -o jsonpath="{.status.certificate}" | base64 -d > chandan.crt cp ~/.kube/config chandan-kube-config #always backup kubectl --kubeconfig chandan-kube-config config set-credentials chandan --client-key chandan.key --client-certificate chandan.crt --embed-certs=true kubectl auth can-i create deployments --namespace=default --as=chandan kubectl get pods --as=chandan