k8 by examples
matthewdavis.io
k8
k8-byexamples-monorepo
AWS to GCP Proxy
Ingress + TLS Termination
Docker
HAproxy
Troubleshooting
Windows
Commands
Kubernetes Specs
Namespaces
Deployments
InitContainers
Ingress
Services
Storage
Tools
kubectl
Credentials
Port Scanning
Resources
Curated Resources List
Community
Contact Me
Ingress Controller + LetsEncrypt
K8-BYEXAMPLES
IngressController+LetsEncrypt
Powered by GitBook

Credentials

Create ServiceAccount

kubectl create serviceaccount jenkins-sa

Retrieve (decoded) token from secret created for ServiceAccount

kubectl get secret jenkins-sa-token-vnp5k -o jsonpath={.data.token} | base64 -d

Create ~/.kube/config with CA & ServiceAccount Token

~/.kube/config
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <insert plain text CA>
    server: https://<api endpoint>
  name: <cluster name>
contexts:
- context:
    cluster: <cluster name>
    namespace: default
    user: default
  name: <cluster name>
current-context: <cluster name>
kind: Config
preferences: {}
users:
- name: default
  user:
    as-user-extra: {}
    token: <insert base64 decoded token from service account user>
kubectl config set-credentials sa-user \
        --token=$(kubectl get secret <secret_name> -o jsonpath={.data.token} | base64 -d)

Creating a Cluster Admin Binding

kubectl create clusterrolebinding jenkins-sa-binding \
        --clusterrole=cluster-admin \
        --user="system:serviceaccount:default:jenkins-sa"

Tools - Previous
kubectl
Next - Tools
Port Scanning
Last updated last year
Edit on GitHub