Aug 25, 2017 · 1 min read
Thanks for the info Chris! I’m also using kops. I tried following the documented steps from the article and used your yaml when doing kop edit cluster. For some reason this isn’t working. Did you skip these or do these steps? I skipped them and didn’t have success with google auth working. Actually when I added your yaml to my kops config my cluster was never viable, I couldn’t get kubectl get nodes to respond or kops validate cluster.
$ sed -i "/- kube-apiserver/a\ - --oidc-issuer-url=https://accounts.google.com\n - --oidc-username-claim=email\n - --oidc-client-id=<Your Google Client ID>" /etc/kubernetes/manifests/kube-apiserver.yamlAdd any network CNI plugin and the cluster is ready. Copy /etc/kubernetes/admin.conf to local ~/.kube/config and change the cluster ip.
Thanks
Bob