如何把普通主机拥有集群控制权限
kubectl config set-cluster myk8s --certificate-authority=./ca.pem --embed-certs=true --server=https://10.0.0.10:7443 --kubeconfig=config
// 使用apiserver证书即可
kubectl config set-credentials cluster-admin --client-certificate=./client.pem --client-key=./client-key.pem --embed-certs=true --kubeconfig=config
kubectl config set-context myk8s-context --cluster=myk8s --user=cluster-admin --kubeconfig=config
kubectl config use-context myk8s-context --kubeconfig=config
kubectl create clusterrolebinding myk8s-admin --clusterrole=cluster-admin --user=cluster-admin
cp /opt/certs/config /root/.kube/default-kubeconfig
echo "export KUBECONFIG=/root/.kube/default-kubeconfig" >> /etc/profile
kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://192.168.2.100:7443
name: myk8s
contexts:
- context:
cluster: myk8s
user: k8s-node
name: myk8s-context
current-context: myk8s-context
kind: Config
preferences: {}
users:
- name: k8s-node
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
[root@yutang2-161 heapster]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-ds-jk7lx 1/1 Running 0 18h
nginx-ds-nmfhv 1/1 Running 0 18h
nginx-ds-p7szl 1/1 Running 0 18h