Skip to main content

kubeconfig


kubeconfig

apiVersion: v1
kind: Config
preferences: {}
clusters:
- name: cluster-1
cluster:
server: <api-server-url>
certificate-authority-data: <base64-encoded-certificate> # root ca 인증서
# certificate-authority: <ca-path>
users:
- name: user-1
user:
client-certificate-data: <base64-encoded-certificate> # client 인증서
# client-certificate: <client-ca-path>
client-key-data: <base64-encoded-private-key> # client 개인키
# client-key: <client-key-path>
- name: user-2
user:
token: <jwt-token> # ServiceAccount의 토큰
- name: user-3
user:
auth-provider:
name: oidc
config:
client-id: <client-id>
client-secret: <client-secret>
idp-issuer-url: <idp-issuer-url>
- name: user-4
user:
exec: # credential plugin
apiVersion: client.authentication.k8s.io/v1beta1
command: kubectl
args:
- oidc-login
- get-token
- --oidc-issuer-url=<oidc-issuer-url>
- --oidc-client-id=<client-id>
- --oidc-client-secret=<client-secret>
contexts: # cluster
- name: context-1
cluster: cluster-1
user: user-1
namespace: default # 설정 안하면 default가 기본입니다.
current-context: context-1 # 현재 설정된 접속 정보입니다.
curl --cacert <certificate-authority> \
--cert <client-certificate> \
--key <client-key> \
<api-server-url>
curl --cacert <certificate-authority> \
-H "Authorization: Bearer <jwt-token>" \
<api-server-url>

Reference