Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enabling RBAC ? #499

Closed
sebgoa opened this issue Aug 17, 2016 · 11 comments
Closed

Enabling RBAC ? #499

sebgoa opened this issue Aug 17, 2016 · 11 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@sebgoa
Copy link

sebgoa commented Aug 17, 2016

Hi folks, how can we enable RBAC in minikube so we can use Role, RoleBinding objects...etc to test the alpha RBAC feature ?
thanks
@sebgoa
Copy link
Author

sebgoa commented Aug 17, 2016

In the same token, it does not seem that we can create ThirdPartyResource objects. Is that enabled in the API server ?

@dlorenc
Copy link
Contributor

dlorenc commented Aug 18, 2016

We don't currently set the Authorization mode in apiserver.go, but we would need to make this configurable via a flag to enable RBAC.

@dlorenc dlorenc added the kind/feature Categorizes issue or PR as related to a new feature. label Aug 18, 2016
@dlorenc
Copy link
Contributor

dlorenc commented Aug 18, 2016

Looks like ThirdPartyResources need this to work: kubernetes/kubernetes#28414

@sebgoa
Copy link
Author

sebgoa commented Aug 19, 2016

@dlorenc where would you like to keep track of feature requests like this ? and would you prefer I open a separate issue for supporting ThirdPartyResource ?

@dlorenc
Copy link
Contributor

dlorenc commented Aug 19, 2016

This is a fine place to track the feature requests. We have a 1.4 alpha build coming out soon that should have the upstream fix for ThirdPartyResources, no need to open another bug.

@dlorenc
Copy link
Contributor

dlorenc commented Aug 25, 2016

ref #512

@dlorenc dlorenc mentioned this issue Aug 31, 2016
Merged
@dlorenc
Copy link
Contributor

dlorenc commented Oct 7, 2016

This is now possible and documented in the README.md here: https://github.com/kubernetes/minikube#examples

Let me know if it works!

@dlorenc dlorenc closed this as completed Oct 7, 2016
@thomasfricke
Copy link

I tried it, and I could not bootstrap the RBAC. How can I use this from scratch?

@brancz
Copy link
Member

brancz commented Feb 15, 2017

I created a minikube cluster like this as described in the examples section:

$ minikube start --vm-driver=virtualbox --kubernetes-version=v1.5.2 --memory=4096 --extra-config=apiserver.GenericServerRunOptions.AuthorizationMode=RBAC --extra-config=apiserver.GenericServerRunOptions.AuthorizationRBAC,SuperUser=minikube

Then tried to create a bundle of resources and received the following:

$ kubectl create -f bundle.yaml 
Error from server (Forbidden): error when creating "bundle.yaml": the server does not allow access to the requested resource (post serviceaccounts)
error validating "bundle.yaml": error validating data: the server does not allow access to the requested resource; if you choose to ignore these errors, turn validation off with --validate=false

@rongutierrez
Copy link

I'm also running into the same issue as @brancz

@Hashfyre
Copy link

Hashfyre commented Jun 12, 2017
edited
Loading

Currently the documentation is here: https://github.com/kubernetes/minikube/blob/master/docs/configuring_kubernetes.md#examples

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@rongutierrez @thomasfricke @Hashfyre @dlorenc @sebgoa @brancz