https://github.com/mikejoh/kubeconfgen
OpenStack Magnum kubeconfig generator when using Keystone authn/authz and the client binary
https://github.com/mikejoh/kubeconfgen
client-go gophercloud kubernetes openstack openstack-magnum
Last synced: about 2 months ago
JSON representation
OpenStack Magnum kubeconfig generator when using Keystone authn/authz and the client binary
- Host: GitHub
- URL: https://github.com/mikejoh/kubeconfgen
- Owner: mikejoh
- Created: 2019-11-04T21:00:35.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2019-11-04T21:08:12.000Z (over 6 years ago)
- Last Synced: 2025-09-09T20:11:38.588Z (9 months ago)
- Topics: client-go, gophercloud, kubernetes, openstack, openstack-magnum
- Language: Go
- Size: 9.77 KB
- Stars: 0
- Watchers: 0
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Kubeconfig generator for Magnum and Keystone
The reason i created this small tool was to have an automated way of configuring `kubectl`. Just like running e.g. `aws eks update-kubeconfig --name --region ` in AWS but in this case for a OpenStack created Magnum cluster.
### Notes
This small tool does the following:
1. Fetches the cluster specific CA certificate stored in OpenStack. Only the creator of the cluster can fetch this at the moment. Will be used as CA to be able to validate the Kubernetes API server certificate.
2. Creates a custom made kubeconfig that will utilize the client side Keystone binary when authenticting against Kubernetes.
## Prerequisites
* OpenStack Magnum (stable/stein)
* Magnum created k8s cluster of version >1.12
* Keystone server side auth component >1.16
* Keystone client side auth component >1.16
* Keystone policy ConfigMap with a `v2` auth policy
### Overview of k8s authn and authz through Keystone
Add more info here
### Installation of Keystone Server side component
Add more info here