以获取Dashboard的登录Token为例:
#!/bin/bash #创建RBAC&Token kubectl apply -f - << EOF apiVersion: v1 kind: ServiceAccount metadata: name: dashboard-admin namespace: kube-system #创建角色绑定关系 --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: dashboard-admin namespace: kube-system --- #创建secret(重点是这个创建secret指定类型为token) apiVersion: v1 kind: Secret metadata: name: dashboard-admin-secret namespace: kube-system annotations: kubernetes.io/service-account.name: "dashboard-admin" type: kubernetes.io/service-account-token EOF #关联token证书 kubectl patch sa dashboard-admin -p '{"secrets": [{"name": "dashboard-admin-secret"}]}' -n kube-system #查看token kubectl get secret -n kube-system $(kubectl get serviceaccount dashboard-admin -n kube-system -o jsonpath='{.secrets[0].name}') -o go-template='{{ .data.token | base64decode }}'