Bob Henkel
Aug 25, 2017 · 1 min read

Thanks for the info Chris! I’m also using kops. I tried following the documented steps from the article and used your yaml when doing kop edit cluster. For some reason this isn’t working. Did you skip these or do these steps? I skipped them and didn’t have success with google auth working. Actually when I added your yaml to my kops config my cluster was never viable, I couldn’t get kubectl get nodes to respond or kops validate cluster.

$ sed -i "/- kube-apiserver/a\    - --oidc-issuer-url=https://accounts.google.com\n    - --oidc-username-claim=email\n    - --oidc-client-id=<Your Google Client ID>" /etc/kubernetes/manifests/kube-apiserver.yaml

Add any network CNI plugin and the cluster is ready. Copy /etc/kubernetes/admin.conf to local ~/.kube/config and change the cluster ip.

Thanks

Bob

)
Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade