Amit:
I am not exactly getting clusters users concepts in kubernetes. I mean I am not understanding who will create users in kubernetes cluster.from course video,I come to know kubernetes does not manage any user .but then how different users can access kubernetes cluster.I am aware they can access using kube-config but again in kube-config we mentioned username.so confusion is who will create users mentioned in kube-config file? who can create admin users and non admin user? how cluster will come to know particular user admin Vs non-admin user?
I Malla:
@amit I am also confused regarding the same as you said .
And suppose u (another admin)and I (developer) are in different team and have 10 other members in both of our team. Then different member’s pc should have different kubeconfig right? And further these kubeconfig needs users, user certificate . Also when clusterrole and roles are binded using rolebinding and clusterrolebinding , there is no validation if that user is a correct one inside binding file.
unnivkn:
HI Amit… Did you gone through the Security section of the CKA course ? If not please go through it. Your questions are answered there.
Amit:
Hi I gone through that section but still not 100% clear who will create users?
Amit:
I am confuse actually users are just name given in certificate or they are actual users in cluster?
Amit:
from video steps are given how users can access uisng kube-config bt it is not clear to me who will create users and where users are located or users are not really exists but certificate exists on cluster etc
SaidBen:
For basic authentication, you create a file that contains list of usernames and passwords or tokens then add this flag to the apiserver yaml - --basic-auth-file=/tmp/users/user-details.csv, this is the path to the file of the users list. and if I remember correctly from the lecture, there are solutions such as AD that you can integrate with k8s to create users