Saturday morning after the holidays so brain is on turbo slow down. This results is fun errors that can be laughed at by all 🤣. On must always remember to add the parameter snap to a Longhorn volumesnapshotclass and also to turn on your camera!
We chose token authentication so we need to get a token but we also need to create a service account and give it rbac permissions:
k create sa kastenroot -n kasten-io
kubectl create rolebinding kastenrootnsbinding --role=k10-ns-admin --namespace=kasten-io --serviceaccount=kasten-io:kastenroot
kubectl create clusterrolebinding kastenroot-k10clusterbinding --clusterrole=k10-admin --serviceaccount=kasten-io:kastenroot
kubectl create clusterrolebinding manage-vms-clusterwide \
--clusterrole k10-virtualmachines-admin \
--serviceaccount=kasten-io:kastenroot
Next create the secret:
desired_token_secret_name=kastenroot-token
kubectl apply --namespace=kasten-io --filename=- <<EOF
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: ${desired_token_secret_name}
annotations:
kubernetes.io/service-account.name: "kastenroot"
EOF
kubectl get secret ${desired_token_secret_name} --namespace kasten-io -ojsonpath="{.data.token}" | base64 --decode
You can also create a temporary token if you wish:
kubectl --namespace kasten-io create token kastenroot --duration=48h
