Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Decide how do we want to handle super-admin.conf kubeconfig #3082

Closed
xmudrii opened this issue Mar 13, 2024 · 2 comments · Fixed by #3319
Closed

Decide how do we want to handle super-admin.conf kubeconfig #3082

xmudrii opened this issue Mar 13, 2024 · 2 comments · Fixed by #3319
Assignees
@kron4eg
Labels
kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. priority/high sig/cluster-management Denotes a PR or issue as being assigned to SIG Cluster Management.
Milestone
KubeOne 1.9

Comments

@xmudrii
Copy link
Member

xmudrii commented Mar 13, 2024

Description of the feature you would like to add / User story

There's a new kubeconfig file at /etc/kubernetes/super-admin.conf starting with Kubernetes 1.29 that's part of system:masters group. The original kubeocnfig at /etc/kubernetes/admin.conf is now bound by RBAC instead of using system:masters group.

We have to figure out how do we want to handle super-admin.conf:

  • do we want to delete it?
  • do we want to generate it on our own, but short-lived?

Solution details

  • TBD

Alternative approaches

TBD
@xmudrii xmudrii added kind/feature Categorizes issue or PR as related to a new feature. sig/cluster-management Denotes a PR or issue as being assigned to SIG Cluster Management. priority/high labels Mar 13, 2024
@xmudrii xmudrii added this to the KubeOne 1.9 milestone Mar 13, 2024
@xmudrii
Copy link
Member Author

xmudrii commented Mar 13, 2024

Potentially can go in 1.8.1

@xmudrii
Copy link
Member Author

xmudrii commented Mar 13, 2024

We discussed:

  • deleting super-admin.conf
  • providing a KubeOne command to generate such a kubeconfig file (using system:masters) but that has limited validity (for a very short time)

@xmudrii xmudrii added the kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API label Jun 24, 2024
@kron4eg kron4eg self-assigned this Jul 24, 2024
@kron4eg kron4eg mentioned this issue Jul 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kron4eg kron4eg

Labels
kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. priority/high sig/cluster-management Denotes a PR or issue as being assigned to SIG Cluster Management.
Projects
None yet
Milestone
KubeOne 1.9
Development

Successfully merging a pull request may close this issue.

Add kubeconfig generate subcommand kron4eg/kubeone
2 participants
@kron4eg @xmudrii