-
Notifications
You must be signed in to change notification settings - Fork 1
Create a cluster user
In order to use the application a user has to be created on the cluster. What this actually means is that we have to create a service account, clusterroles and rolebindings in our cluster.
To create a new user you can use the provided script in the scripts directory. The script will ask for a username and your nginx namespace. Please ensure you know your nginx namespace. Within minikube it is kube-system. The username must be alphanumeric lowercase. Ensure youre working directory is the repository root. You can execute it with the following command:
./scripts/CreateUser.shTo create a new user by using the provided yaml script we have to define a cluster unique prefix and nginx namespace first. This can be done by executing:
export KUB_TEMP_PREFIX=user0
export NGINX_NAMESPACE=kube-systemwhere user0 is our unqiue new user prefix and the kube-system where the nginx is deployed.
In the next step we will use the template in .github/create_service_account.yaml.
To replace the environment variables in the file with the acutal value we can use the envsubst tool. The following script will create a new file called new_user.yaml with the prefix filled. Ensure that you use two different files for source and target.
envsubst < .github/create_service_account.yaml > new_user.yamlNow we can apply the file to our cluster to create every kubernetes ressource that represents a user in our application.
kubectl apply -f new_user.yamlAfter the file has been applied our cluster contains:
- A namespace called
user0-namespace - A clusterrole called
user0-role - A serviceaccount called
user0-user - A clusterrolebinding called
user0-clusterrolebinding - A clusterrolebinding called
user0-nginx-clusterrolebinding