Рет қаралды 7,366
In this video we looked into the details of how we can generate certificate and key file to authenticate a user against a Kubernetes cluster.
We looked into two ways to do that, generating they private key and CSR then manually signing that CSR using API Server's CA key and certificate file. And the other one where we created CertificateSigningRequest resource and approved it to generate certificate.
Web:
viveksingh.dev/
Twitter:
00:00 Introduction
00:25 Agenda
01:57 K8S doesn't have APIs to support users
03:32 Check if client certificate is supported
04:34 Creating client key and certificate
11:13 Two ways to generate client certificate
16:30 Adding created key and certificate file into kubeconfig
21:06 Authorise newly created user
26:45 Create CertificateSigningRequest to generate client certificate
35:16 Common name and group for user
35:38 Contents of authenticated request
36:41 Thank you, Like and Subscribe