OpenShift Enable system:admin Remote Access: Difference between revisions
Jump to navigation
Jump to search
Line 43: | Line 43: | ||
- name: <font color=red>'''system:admin'''</font/>/master-openshift-example-com:443 | - name: <font color=red>'''system:admin'''</font/>/master-openshift-example-com:443 | ||
user: {} | user: {} | ||
Access the OpenShift master server and get the 'client-certificate-data' and 'client-key-data' entries from /etc/origin/master/admin.kubeconfig, for the "system:admin" user. | |||
Append them to the local .kube/config as follows: | |||
... | |||
users: | |||
- name: system:admin/master-openshift-example-com:443 | |||
user: | |||
client-certificate-data: LS0tLS1... | |||
client-key-data: LS0tLS1... |
Revision as of 22:18, 5 July 2017
Internal
Overview
This procedure will enable remote access with oc for the cluster administrator.
Procedure
Log in as a regular user, this will create the .kube/config structure.
oc login Server [https://localhost:8443]: https://master.openshift.example.com ... Username: ... ... Login successful.
This will create a .kube/config file.
Log out:
oc logout
Edit .kube/config file, replacing the username provided during the last login with "system:admin" as follows:
apiVersion: v1 clusters: - cluster: insecure-skip-tls-verify: true server: https://master.openshift.example.com:443 name: master-openshift-example-com:443 contexts: - context: cluster: master-openshift-example-com:443 user: system:admin/master-openshift-example-com:443 name: /master-openshift-example-com:443/ovidiu current-context: /master-openshift-example-com:443/system:admin kind: Config preferences: {} users: - name: system:admin/master-openshift-example-com:443 user: {}
Access the OpenShift master server and get the 'client-certificate-data' and 'client-key-data' entries from /etc/origin/master/admin.kubeconfig, for the "system:admin" user.
Append them to the local .kube/config as follows:
... users: - name: system:admin/master-openshift-example-com:443 user: client-certificate-data: LS0tLS1... client-key-data: LS0tLS1...