My quick and dirty script for granting users access to a Kubernetes cluster, which takes care of all the hassle with generating a certificate, signing it with Kubernetes CA, generating a properly formatted kubeconfig, etcetera. All you gonna need is:
- A pre-defined Kubernetes ClusterRole with needed permissions (the script uses
cluster-adminby default, if nothing is specified) base64command-line toolopensslcommand-line toolkubectltool, configured with enough permissions to create cluster roles, generate certificate requests and approving thembash(Duh!) Will most probably work with any other compatible shell, but I couldn't be bothered to test that. Sorry :D
./gen-kubeconfig.sh <username> <certificate OU> <role_to_assign>
The last two arguments are optional.
Have fun! :)