User Tools
безопасность_в_kubernetes
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
безопасность_в_kubernetes [2025/10/27 12:48] val [Шаг 2. Что у нас есть для начала] |
безопасность_в_kubernetes [2025/10/27 16:51] (current) val [Шаг 2. Создание учетной записи] |
||
|---|---|---|---|
| Line 28: | Line 28: | ||
| <code> | <code> | ||
| user2@server:~$ cat user2.req | base64 -w0 | user2@server:~$ cat user2.req | base64 -w0 | ||
| + | </code> | ||
| + | * [[https://stackoverflow.com/questions/75735249/what-do-the-values-in-certificatesigningrequest-spec-usages-mean|What do the values in CertificateSigningRequest.spec.usages mean?]] | ||
| + | <code> | ||
| + | kube1:~/users# kubectl explain csr.spec.usages | ||
| kube1:~/users# cat user2.req.yaml | kube1:~/users# cat user2.req.yaml | ||
| Line 39: | Line 43: | ||
| expirationSeconds: 8640000 # 100 * one day | expirationSeconds: 8640000 # 100 * one day | ||
| usages: | usages: | ||
| - | - digital signature | + | # - digital signature |
| - | - key encipherment | + | # - key encipherment |
| - client auth | - client auth | ||
| Line 57: | Line 61: | ||
| user2@server:~$ scp root@kube1:users/user2.crt . | user2@server:~$ scp root@kube1:users/user2.crt . | ||
| - | <code> | ||
| - | * [[Система Kubernetes#Инструмент командной строки kubectl]] | ||
| </code> | </code> | ||
| + | * [[Система Kubernetes#Инструмент командной строки kubectl]] | ||
| + | <code> | ||
| user2@server:~$ kubectl config set-cluster cluster.local --insecure-skip-tls-verify=true --server=https://192.168.13.221:6443 | user2@server:~$ kubectl config set-cluster cluster.local --insecure-skip-tls-verify=true --server=https://192.168.13.221:6443 | ||
| Line 69: | Line 73: | ||
| user2@server:~$ kubectl config use-context default-context | user2@server:~$ kubectl config use-context default-context | ||
| + | |||
| + | user2@server:~$ kubectl auth whoami | ||
| user2@server:~$ kubectl get pods | user2@server:~$ kubectl get pods | ||
| Error from server (Forbidden) | Error from server (Forbidden) | ||
| </code> | </code> | ||
безопасность_в_kubernetes.1761558486.txt.gz · Last modified: 2025/10/27 12:48 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
