Loading

集群外访问 apiservice

设置集群参数

kubectl config set-cluster kubernetes \--insecure-skip-tls-verify=true \--server="https://101.33.33.216:30001"

设置客户端认证参数

apiVersion: v1
kind: Service
metadata:
  labels:
    app: apiserver
  name: apiserver-export
  namespace: default
spec:
  ports:
    - name: https
      port: 60002
      protocol: TCP
      targetPort: 60002
      nodePort: 30001
  type: NodePort

---
kind: Endpoints
apiVersion: v1
metadata:
  labels:
    app: apiserver
  name: apiserver-export
  namespace: default
subsets:
  - addresses:
      - ip: 169.254.128.6
    ports:
      - port: 60002
        name: https
        protocol: TCP
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

获取token

 kubectl -n kube-system get secret
 kubectl -n kube-system get secret admin-token-j2hdn -o jsonpath={.data.token}|base64 -d
 
 kubectl config set-credentials crd-admin --token=eyJhbGciOiJSUzI1NiIsImtpZCI6IkNuaS1HSVdvMm5GVE8zTjJxWlV1dnZXcnFZLUdnY01KWXd1MlhLeTVaSFEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi10b2tlbi1qMmhkbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImE4ZTNkMDQ1LWFkYzAtNGQ0ZC1iNmMwLTAwMGVhM2ZjY2RkMCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbiJ9.O4TiAWNtqxipdv6_42d4DurWQWx5JWp3B4KgTzh6LdWsX_jKVLXCJKP2OV0G6_Pf-HO33kIYV9UXu3PL1ui2YV7dS7egMNSbXPcrFzZn20JSVCTbr1Yj7pF2auBLE-MF4tBuPswub_uREC6_4dCr-aN5PwqBee-MLDkcCR15JBNzTCFIafg37exA6OGKWrO_l-lJCEdYT5oZq4m6Y8j6oZ56cOCBIrMuHJsQJSNVLAZuYnz9AjB3mWvAzmphfohhKpziZhSE32hm43UT6-6vTrV15FTciOQRIZcLUUYIEmMOIhrqP9bPAhNDMKqq47SEmFtCU-ntFjhtOeduwn-J9Q

设置上下文参数

kubectl config set-context kubernetes --cluster=kubernetes --user=crd-admin --namespace=crd

设置默认上下文

kubectl config use-context kubernetes

posted @ 2021-03-03 09:39  沧海-旭东  阅读(196)  评论(0)    收藏  举报