forked from k-space/kube
Update README: Cluster access OIDC Client ID
This commit is contained in:
parent
776535d6d5
commit
ab7e4d10e4
@ -24,7 +24,7 @@ patch /etc/kubernetes/manifests/kube-apiserver.yaml - << EOF
|
|||||||
- --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
|
- --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
|
||||||
- --etcd-servers=https://127.0.0.1:2379
|
- --etcd-servers=https://127.0.0.1:2379
|
||||||
+ - --oidc-issuer-url=https://auth2.k-space.ee/
|
+ - --oidc-issuer-url=https://auth2.k-space.ee/
|
||||||
+ - --oidc-client-id=kubelogin
|
+ - --oidc-client-id=oidc-gateway.kubelogin
|
||||||
+ - --oidc-username-claim=sub
|
+ - --oidc-username-claim=sub
|
||||||
+ - --oidc-groups-claim=groups
|
+ - --oidc-groups-claim=groups
|
||||||
- --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
|
- --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
|
||||||
@ -65,7 +65,7 @@ users:
|
|||||||
- oidc-login
|
- oidc-login
|
||||||
- get-token
|
- get-token
|
||||||
- --oidc-issuer-url=https://auth2.k-space.ee/
|
- --oidc-issuer-url=https://auth2.k-space.ee/
|
||||||
- --oidc-client-id=oidc-gateway-kubelogin
|
- --oidc-client-id=oidc-gateway.kubelogin
|
||||||
- --oidc-use-pkce
|
- --oidc-use-pkce
|
||||||
- --oidc-extra-scope=profile,email,groups
|
- --oidc-extra-scope=profile,email,groups
|
||||||
- --listen-address=127.0.0.1:27890
|
- --listen-address=127.0.0.1:27890
|
||||||
|
Loading…
Reference in New Issue
Block a user