Skip to content
This repository was archived by the owner on Jul 23, 2019. It is now read-only.

microdc/k8s-namespace-rbac-cert-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
create-user-cert.sh
create-user-cert.sh
 
 
role-user.yaml
role-user.yaml
 
 
rolebinding-user.yaml
rolebinding-user.yaml
 
 

Repository files navigation

apps-namespace

Kubernetes configuration and extras for an apps namespace

script to perform the following:

  • create certs
  • sign certs
  • generate zip file for distribution
  • describe user setup

Where possible encourage users to generate their own keys and only supply CSRs

This can be done by the admin but really users keys should never leave their own environment.

Prerequisites

  • openssl (command line util)

Share the following two commands with the user to have them generate a key.

openssl genrsa -out "${USER}.key" 4096 generates a key

openssl req -new -key "${USER}.key" -out "${USER}.csr" -subj "/CN=${USER}/O=developer" generates a CSR for a user in the developer group

Create, sign and zip up user creds

$ export K8S_USER=jim
$ export K8S_NAMESPACE=apps
$ export K8S_ADMIN=0  # 0 for no admin rights, 1 for cluster admin
$ export USER_CSR=/tmp/jim.csr ## This is optional but encouraged, keys will be generated if no CSR is supplied
$ ./create-user-cert.sh

About

Kubernetes configuration and extras for an apps namespace

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

9 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages