search

loft-sh / vcluster

vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
https://www.vcluster.com
Apache License 2.0
6.92k stars 427 forks source link

Add the ability to specify service account and cluster role in exportKubeConfig #2141

Closed ben-z closed 1 month ago

ben-z commented 2 months ago

Is your feature request related to a problem?

I'm working in an environment that does not support ingress ssl-passthrough, and I'm trying to keep everything in Terraform using the Helm chart. However, there does not appear to be a way to export a kubeconfig equivalent to:

vcluster connect <name> --server=<server> --service-account admin --cluster-role cluster-admin --print

The current exportKubeConfig seems to be equivalent to the above command without --service-account and --cluster-role.

Which solution do you suggest?

Can we add options to exportKubeConfig so that we can specify the service account and cluster role?

Which alternative solutions exist?

Using the CLI instead of Terraform+Helm. Though this is more difficult to automate and use in infrastructure-as-code.

Additional context

No response

FabianKramm commented 1 month ago

@ben-z thanks for creating this issue! I think this is a great idea, will start working on this.