Reputation: 547
Enabling RBAC on Kubernetes on Azure
I'm trying to enable RBAC on my k8s cluster on azure. I ssh'ed into my master node and edited the kube-apiserver.yaml with the --authorization-mode=RBAC flag. Then I delete the kube-apiserver pod in order to restart the api server. However, when upon restart the --authorization-mode=RBAC config is ignored. Anybody have any advice?
Also the api server configuration is set to --v=10 and the image is v1.6.6
Upvotes: 0
Views: 1552
Answers (2)
Reputation: 547
I was finally able to generate a cluster that would allow me to enable RBAC on azure by generating an arm template using Azure Container Service Engine: https://github.com/Azure/acs-engine
By using the above library I could create a new arm template with RBAC enabled and then use the Azure CLI to create a RBAC, configurable Kubernetes cluster.
Upvotes: 1
Reputation: 8827
Deleting the pod is not enough. You need to restart kubelet in order for the new options to be applied.
systemctl restart kubelet
Upvotes: 1
Related Questions
- Azure Kubernetes - RBAC role for namespace isolation
- AKS RBAC - Rolebinding has no effect
- Add RBAC to Azure Kubernetes ( AKS ) after the cluster has already been created
- Configuring RBAC for kubernetes
- Kubernetes RBAC "Allowed by RoleBinding" but "cannot list resource"
- How to achieve the RBAC functionality in Azure kubernetes service?
- Kubernetes returns Forbidden even if RBAC permissions are set
- Failed to discover supported resources
- How to work with RBAC in Kubernetes
- How to enable RBAC on existing Kubernetes Cluster