I'm currently working with Minikube and the k8s api-server. I'm able to authorize HTTP requests using the default service account (decode default token into base64 and provide as authorization header), but I am struggling to do the same with my newly created user.
I have created all relevant .crt, .key files, as well as the role, rolebinding, clusterRole, clusterRoleBinding permissions for the user.
I previously tried to decode /Users/ionush/k8s/auth/gameadmin.crt into base64 and add to the authorization header, and set minikube start --extra-config=apiserver.client-ca-file=/Users/ionush/k8s/auth/gameadmin.crt but that didn't work. How can I authenticate as a user via HTTP?
Here is my .kube/config file:
apiVersion: v1
clusters:
- cluster:
certificate-authority: /Users/ionush/.minikube/ca.crt
server: https://192.168.64.7:8443
name: minikube
contexts:
- context:
cluster: minikube
user: gameadmin
name: game-context
- context:
cluster: minikube
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: gameadmin
user:
client-certificate: /Users/ionush/k8s/auth/gameadmin.crt
client-key: /Users/ionush/k8s/auth/gameadmin.key
- name: minikube
user:
client-certificate: /Users/ionush/.minikube/profiles/minikube/client.crt
client-key: /Users/ionush/.minikube/profiles/minikube/client.key
Following is example using curl to authenticate with kube-api server