Last active
June 27, 2018 15:19
-
-
Save pandeybk/37ae32db52ca23f0cfa60dd4a058f152 to your computer and use it in GitHub Desktop.
Kubernetes Dashboard login with cluster-admin role
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create service and assign cluster-admin role | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: dashboard-admin | |
| namespace: kube-system | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: dashboard-cluster-rule | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: cluster-admin | |
| subjects: | |
| - kind: ServiceAccount | |
| name: dashboard-admin | |
| namespace: kube-system | |
| --- | |
| # Now find newly created secrets and find service token as follows | |
| $ kubectl get secrets -n kube-system | grep dashboard-admin | |
| dashboard-admin-token-5dtnk kubernetes.io/service-account-token 3 4m | |
| $ kubectl describe secrets dashboard-admin-token-5dtnk -n kube-system | |
| ``` | |
| Name: dashboard-admin-token-5dtnk | |
| Namespace: kube-system | |
| Labels: <none> | |
| Annotations: kubernetes.io/service-account.name=dashboard-admin | |
| kubernetes.io/service-account.uid=6ca26bdf-7a1c-11e8-a4b9-ea63d16507ef | |
| Type: kubernetes.io/service-account-token | |
| Data | |
| ==== | |
| ca.crt: 1196 bytes | |
| namespace: 11 bytes | |
| token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tNWR0bmsiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNmNhMjZiZGYtN2ExYy0xMWU4LWE0YjktZWE2M2QxNjUwN2VmIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.o008LTikkJ2KBIaY3ZW9Jy0sAy49Wk0JC9m25ZTvXGZ1eqUkDgwpRTsbL6mL1UrJ-lLjENhqoiT0fXwLLOjUB0awDyEGl-Pd9ufBmrGWbx-AN7wUuvjJInd2w0h-qwb5-miSM2zJ-nVCaCrfgaHzis2vMTvDj2659CpY8ZXd_dGpQEFI_OIqWgM4nqmGDOvDtl1ybGngdWhryJlMA2lKDsMrZ9joy8MVmalFWzcbESEoMuLhBsXsITRGVehTANVmaYCFhLj6OlbNQ6KYGJlHey13O8GofrLkAd5Gc14WCgGw8vzqHEmOJtn51fR0KBuKquyV__O4gKSdvydgsxQ6wg | |
| ``` | |
| # Copy paste token value in dashboard ui. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment