Kubernetes Cluster

Adding Kubernetes Cluster

1. Log in to your Cloudaware account. Select Admin under your username in the upper right corner.

2. Locate Kubernetes in the list of Cloud Integrations. Click +Add.

3. Click Get New Certificate Request.

Insert the username that will be utilized in Kubernetes. Click Generate.

As a result, a certificate will be generated in .csr format (e.g. cloudaware_test.csr)

4. Sign a Cloudaware certificate request that will be used by Kubernetes control plane node - see example below:

openssl x509 -req -in cloudaware_test.csr -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key -CAcreateserial -out cloudaware_test.crt -days 3650

5. Set up authorization for the user on RBAC level. Create a custom ClusterRole for Cloudaware to be able to fetch the information about nodes:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: node-reader
rules:
- apiGroups: [""]
  resources: ["nodes"]
  verbs: ["get", "watch", "list"]

Use the section below to map the custom ClusterRole to the existing user granting them required permissions:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cloudaware_test-binding
subjects:
- kind: User
  name: cloudaware_test
  namespace: default
  apiGroup: ""
roleRef:
  kind: ClusterRole
  name: view
  apiGroup: ""
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cloudaware_test-binding2
subjects:
- kind: User
  name: cloudaware_test
  namespace: default
  apiGroup: ""
roleRef:
  kind: ClusterRole
  name: node-reader
  apiGroup: ""

5. Once the certificate is signed, go back to Cloudaware. Insert Cluster URL and click Upload Signed Certificate to upload the certificate. Click Save.

List of Kubernetes Cluster Objects

Cloudaware supports the following Kubernetes Cluster objects: