Reputation: 14018
How to enable anonymous authentication for Kubernetes cluster using kops?
I want to enable anonymous authentication using kops, but it's default settings provides the --anonymous-auth=false options to kube-apiserver:
/usr/local/bin/kube-apiserver --allow-privileged=true --anonymous-auth=false --apiserver-count=1 --authorization-mode=RBAC --basic-auth-file=/srv/kubernetes/basic_auth.csv --bind-address=0.0.0.0 --client-ca-file=/srv/kubernetes/ca.crt
How can I change this setting, either for my current cluster or by creating a new cluster?
Upvotes: 1
Views: 3104
Answers (1)
Reputation: 44657
You can ssh to master nodes and modify the kube-apiserver.yaml in /etc/kubernetes/manifests and add that flag.
spec:
containers:
- command:
- --anonymous-auth=true
Then you need to restart your kube-apiserver.
This could vary depending on what you are running in your masters. If something like docker you can do sudo systemctl restart docker or you might need to restart containerd if you are using it instead of docker systemctl restart containerd
Or if you want to just start the kube-apiserver you can do docker restart kube-apiserver or crictl stop kube-apiserver; crictl start kube-apiserver.
Upvotes: 4
Related Questions
- kubectl error You must be logged in to the server (Unauthorized) when accessing EKS cluster
- Error from server (Forbidden):User "system: anonymous" cannot list nodes at the cluster scope even after granting permission
- Kubernetes application authentication
- How to disable --basic-auth-file on kops? Kubernetes
- Provide Kubernetes cluster authentication with kubeconfig over https
- kubectl authentication to aws eks cluster
- How to use kubectl with system:anonymous account without using impersonation with `--as=system:anonymous`?
- How do I authenticate with Kubernetes kubectl using a username and password?
- Kubernetes on AWS using Kops - kube-apiserver authentication for kubectl
- How can I setup kubeapi server to allow kubectl from outside the cluster