search

kubernetes-sigs / apiserver-builder-alpha

apiserver-builder-alpha implements libraries and tools to quickly and easily build Kubernetes apiservers/controllers to support custom resource types based on APIServer Aggregation
Apache License 2.0
787 stars 235 forks source link

How to make the addon apiserver authentication and authonrization in local #603

Closed oldfo4 closed 2 years ago

oldfo4 commented 3 years ago

I want to use this addon apiserver to run standalone and don't delegate the authentication and authonrization to the main kube-apiserver. When i'm start the apiserver with this: `./bin/my-apiserver

--etcd-servers=http://127.0.0.1:12379 --secure-port=19443 --insecure-port=18090 --insecure-bind-address=10.182.34.225 --delegated-auth=false --client-ca-file=/root/go_workspace/src/apiserver-demo/pki/ca.crt --tls-cert-file=/root/go_workspace/src/apiserver-demo/pki/server.crt --tls-private-key-file=/root/go_workspace/src/apiserver-demo/pki/server.key`

But the authencation will not working, i can still curl to access the apis `$ curl -k https://127.0.0.1:19443/apis

{ "kind": "APIGroupList", "groups": [ ...... ] } ` So how to run my-apiserver alone and make the authentication and authonrization work in myself not the main kube-apiserver.

k8s-triage-robot commented 2 years ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 2 years ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot commented 2 years ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

You can:

Please send feedback to sig-contributor-experience at kubernetes/community.

/close

k8s-ci-robot commented 2 years ago

@k8s-triage-robot: Closing this issue.

In response to [this](https://github.com/kubernetes-sigs/apiserver-builder-alpha/issues/603#issuecomment-1038856974): >The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. > >This bot triages issues and PRs according to the following rules: >- After 90d of inactivity, `lifecycle/stale` is applied >- After 30d of inactivity since `lifecycle/stale` was applied, `lifecycle/rotten` is applied >- After 30d of inactivity since `lifecycle/rotten` was applied, the issue is closed > >You can: >- Reopen this issue or PR with `/reopen` >- Mark this issue or PR as fresh with `/remove-lifecycle rotten` >- Offer to help out with [Issue Triage][1] > >Please send feedback to sig-contributor-experience at [kubernetes/community](https://github.com/kubernetes/community). > >/close > >[1]: https://www.kubernetes.dev/docs/guide/issue-triage/ Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.