Re: okd 3.11: recommended procedure to create admin account?

Unfortunately, there is no way to set cluster-admin cluster role to a specific user through ansible playbooks. You will need to do so manually.

Also, I'm wondering why you manually create a clusterrolebinding object instead of using "oc adm policy add-cluster-role-to-user" command. The easiest and safer way do add a cluster role to a specific user is using oc command, so I recommend you to always use oc to assign roles to your user instead of manually creating the clusterrolebinding objects.

On Thu, Mar 28, 2019 at 9:48 AM Harald Dunkel <harald dunkel aixigo de> wrote:

Hi folks,

I have added these lines to my inventory file to deploy okd 3.11:

# login credentials for admin accout
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_master_htpasswd_users={'admin': '$apr1$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'}

Obviously this is not enough: I have to manually run

oc create clusterrolebinding registry-controller --clusterrole=cluster-admin --user=admin

after deploying the cluster. Can this additional step be made
automatic somehow? Its easy to forget, and if you just run

# oc login -u admin

on the master instead, then it seems there is no way to assign
the cluster-admin role anymore.

???

Every helpful hint is highly appreciated
Harri

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Ricardo Martinelli de Oliveira
Senior Software Engineer
T: +55 11 3524-6125 | M: +55 11 9 7069-6531
Av. Brigadeiro Faria Lima 3900, 8° Andar. São Paulo, Brasil.

TRIED. TESTED. TRUSTED.

Red Hat é reconhecida entre as melhores empresas para trabalhar no Brasil pelo Great Place to Work.