Bug 1298224

Summary: default .kube/config to support cluster admin for "kubectl" and "oc"
Product: Container Development Kit (CDK) Reporter: Burr Sutter <bsutter>
Component: distributionAssignee: Lalatendu Mohanty <lmohanty>
Status: NEW --- QA Contact: David Kutálek <dkutalek>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.0CC: bgollahe, bsutter, jgreguske, lmohanty, prkumar
Target Milestone: ---Flags: lmohanty: needinfo? (bsutter)
prkumar: needinfo? (bsutter)
Target Release: 2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
The admin config bundled with the virtualbox image none

Description Burr Sutter 2016-01-13 14:23:07 UTC 
Description of problem:
Out-of-the-box, we need a pre-defined user/password that is a cluster-admin for both Kubernetes and OpenShift.  Things like "kubectl get nodes" should just work for the correctly logged in user.  

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Lalatendu Mohanty 2016-01-13 14:27:28 UTC 
Burr,

With the Vagrant file for k8s, the default user i.e. "vagrant" should be able to run kubectl get nodes. Is it not working for you?
Comment 3 Kent Hua 2016-03-04 17:12:29 UTC 
[vagrant@localhost ~]$ ls -la
total 28
drwx------. 4 vagrant vagrant 4096 Mar  4 12:02 .
drwxr-xr-x. 3 root    root    4096 Feb 25 01:54 ..
-rw-r--r--. 1 vagrant vagrant   18 Jul  8  2015 .bash_logout
-rw-r--r--. 1 vagrant vagrant  193 Jul  8  2015 .bash_profile
-rw-r--r--. 1 vagrant vagrant  231 Jul  8  2015 .bashrc
drwxr-xr-x. 2 vagrant vagrant 4096 Mar  4 12:02 .docker
drwx------. 2 vagrant vagrant 4096 Mar  4 12:02 .ssh

Missing .kube/config


[vagrant@localhost ~]$ oc login -u system:admin
Authentication required for https://10.1.2.2:8443 (openshift)
Username: system:admin
Password:
Login successful.

You don't have any projects. You can try to create a new project, by running

    $ oc new-project <projectname>


Need to do this to get cluster-admin access:
[vagrant@localhost ~]$ oc config use-context default/10-0-2-15:8443/system:admin
switched to context "default/10-0-2-15:8443/system:admin".
[vagrant@localhost ~]$ oc whoami
system:admin
[vagrant@localhost ~]$ oc login -u system:admin
Logged into "https://10.0.2.15:8443" as "system:admin" using existing credentials.

You have access to the following projects and can switch between them with 'oc project <projectname>':

  * default (current)
  * openshift
  * openshift-infra
  * test

Using project "default".
Comment 4 Kent Hua 2016-03-04 17:15:39 UTC 
Created attachment 1133219 [details]
The admin config bundled with the virtualbox image

Using this "rhel-cdk-kubernetes-7.2-18.x86_64.vagrant-virtualbox.box"
Comment 5 Praveen Kumar 2016-03-29 08:41:58 UTC 
@kent, @burr We already have user setup as part of openshift provision and currently 'openshift-dev/devel' can used as normal user and 'admin/admin' can be used as cluster-admin. 

[vagrant@rhel-cdk ~]$ oc login -u admin
Server [https://localhost:8443]: 
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y

Authentication required for https://localhost:8443 (openshift)
Username: admin
Password: 
Login successful.

You have access to the following projects and can switch between them with 'oc project <projectname>':

  * default (current)
  * openshift
  * openshift-infra

Using project "default".
Welcome! See 'oc help' to get started.
[vagrant@rhel-cdk ~]$ oc get nodes
NAME       LABELS                            STATUS    AGE
rhel-cdk   kubernetes.io/hostname=rhel-cdk   Ready     5m
[vagrant@rhel-cdk ~]$ oc logout
Logged "admin" out on "https://localhost:8443"

[vagrant@rhel-cdk ~]$ oc login -u openshift-dev
Authentication required for https://localhost:8443 (openshift)
Username: openshift-dev
Password: 
Login successful.

You don't have any projects. You can try to create a new project, by running

    $ oc new-project <projectname>

[vagrant@rhel-cdk ~]$ oc get nodes
Error from server: User "openshift-dev" cannot list all nodes in the cluster