普通主机拥有集群控制权限

如何把普通主机拥有集群控制权限

kubectl config set-cluster myk8s --certificate-authority=./ca.pem --embed-certs=true --server=https://10.0.0.10:7443 --kubeconfig=config

// 使用apiserver证书即可
kubectl config set-credentials cluster-admin --client-certificate=./client.pem --client-key=./client-key.pem --embed-certs=true --kubeconfig=config

kubectl config set-context myk8s-context --cluster=myk8s --user=cluster-admin --kubeconfig=config

kubectl config use-context myk8s-context --kubeconfig=config

kubectl create clusterrolebinding myk8s-admin --clusterrole=cluster-admin --user=cluster-admin

cp /opt/certs/config /root/.kube/default-kubeconfig

 echo "export KUBECONFIG=/root/.kube/default-kubeconfig" >> /etc/profile

 kubectl config view

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://192.168.2.100:7443
  name: myk8s
contexts:
- context:
    cluster: myk8s
    user: k8s-node
  name: myk8s-context
current-context: myk8s-context
kind: Config
preferences: {}
users:
- name: k8s-node
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

[root@yutang2-161 heapster]# kubectl get pod
NAME             READY   STATUS    RESTARTS   AGE
nginx-ds-jk7lx   1/1     Running   0          18h
nginx-ds-nmfhv   1/1     Running   0          18h
nginx-ds-p7szl   1/1     Running   0          18h