ETOOBUSY 🚀 minimal blogging for the impatient
Easily create a Kubernetes-ready user with a basic script.
This program creates a new user’s credentials that are (well, should be) valid for a Kubernetes cluster where the CA certificate and key have a known position in the filesystem.
Use it like this:
k8s-new-user <username> [<group> [<group> [...]]]
The output will be a file named
<username>.kubeconfig that is suitable for
being used instead of the default
~/.kube/config (e.g. it might be provided
to the target user).
export KUBECONFIG="$PWD/$USERNAME.kubeconfig" kubectl get pod ....
Using this script is not very secure because it makes sure to also generate the user’s private key. In a more secure process, each user would generate its own key/CSR pair and provide the CSR to the CA for signing.
Again… it’s a start 🤓