How to grant permission to your Kubernetes cluster for another users. - Stanislav Kolenkin
?
0 likes?93 views
Talk at Kuberton, 02/03/2019 How to grant permission to your Kubernetes cluster for another users. - Stanislav Kolenkin, Senior DevOps
How to grant permission to your Kubernetes cluster for another users. - Stanislav Kolenkin
- 2. How to grant permission to your Kubernetes cluster for another users.
- 3. 1. Open Google console using the following link: https://console.cloud.google.com/iam-admin/iam
- 4. 2. Enter button +Add and add user and Grant Permissions on GKE 3. Input user Gmail accounts in field New members and Select Kubernetes role: 4. Enter button Save
- 6. Add user via gcloud command in CLI
- 7. # Login gcloud auth login # Get project-id kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user $(gcloud config get-value account) # Add users kubectl create clusterrolebinding your-user-cluster-admin-binding --clusterrole=cluster-admin --user=USER@gmail.com
- 8. #Create Kubernetes cluster: gcloud container clusters create "k8s-cluster" --zone "europe-west1-d" --machine-type "custom-1-1024" --image-type "GCI" --disk-size "100" --network "default" --no-enable-cloud-logging --no-enable-cloud-monitoring --enable-autoscaling --min-nodes="2" --max-nodes="10" --enable-legacy-authorization --cluster-version=1.11
- 9. # Authorization in your Kubernetes cluster gcloud container clusters get-credentials test-rbac --zone us-central1-a --project $PROJECT-ID kubectl get pods #Add users in IAM export PROJECT-ID=`gcloud config get-value project`
- 10. gcloud projects add-iam-policy-binding $PROJECT-ID --member=user:USER@gmail.com --role roles/container.admin #Check access to Kubernetes cluster kubectl get pods --all-namespaces
- 11. Thank you for your attention! Questions?