Skip to content

Instantly share code, notes, and snippets.

@mikamboo

mikamboo/README.md

Last active October 11, 2020 20:15
Show Gist options
  • Save mikamboo/bc316a837c653380af67ee6042565e05 to your computer and use it in GitHub Desktop.
Save mikamboo/bc316a837c653380af67ee6042565e05 to your computer and use it in GitHub Desktop.
Download ZIP
Kubernetes : Common tasks
Raw
README.md

Create private registry credentials secret

Doc : https://kubernetes.io/fr/docs/tasks/configure-pod-container/pull-image-private-registry

Create docker-registry secret :

read -s -p "Type the registry password : " REGISTRY_PASSWORD
REGISTRY_USERNAME=<username>
REGISTRY_SERVER=<registry-server>
REGISTRY_USER_EMAIL=<your-email>

kubectl create secret docker-registry my-regcred \
--dry-run client -o yaml \
--docker-server=$REGISTRY_SERVER \
--docker-username=$REGISTRY_USERNAME \
--docker-password=$REGISTRY_PASSWORD \
--docker-email=$REGISTRY_USER_EMAIL > my-regcred.yaml

Generate roles and service accounts

Test service account authorization

Doc : https://kubernetes.io/docs/reference/access-authn-authz/rbac/#restrictions-on-role-binding-creation-or-update

To check whether the tiller account has the right to create a ServiceMonitor object on staging namespace:

kubectl auth can-i create servicemonitor --as=system:serviceaccount:staging:tiller -n staging
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment