From e257fdd5c7066f496142e3de76f1dab743598ee5 Mon Sep 17 00:00:00 2001 From: xguefer Date: Mon, 18 Aug 2025 20:04:33 +0200 Subject: [PATCH] =?UTF-8?q?corregido=20apolo=20y=20a=C3=B1adido=20generado?= =?UTF-8?q?r=20de=20kubeconfig?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apolo/ingress/ingress-kurento-api.yaml | 1 - argos/deployments/deploy-panel.yaml | 2 +- dashboard/dashboard-admin.yaml | 18 ++++++++++ dashboard/gen-dashboard-kubeconfig.sh | 47 ++++++++++++++++++++++++++ 4 files changed, 66 insertions(+), 2 deletions(-) create mode 100644 dashboard/dashboard-admin.yaml create mode 100755 dashboard/gen-dashboard-kubeconfig.sh diff --git a/apolo/ingress/ingress-kurento-api.yaml b/apolo/ingress/ingress-kurento-api.yaml index 9db269f..9f1cfad 100644 --- a/apolo/ingress/ingress-kurento-api.yaml +++ b/apolo/ingress/ingress-kurento-api.yaml @@ -4,7 +4,6 @@ metadata: name: apolo-meeting namespace: apolo annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.200.0/24,10.244.0.0/16,192.168.4.0/24" diff --git a/argos/deployments/deploy-panel.yaml b/argos/deployments/deploy-panel.yaml index 9da5194..900ccc8 100644 --- a/argos/deployments/deploy-panel.yaml +++ b/argos/deployments/deploy-panel.yaml @@ -11,7 +11,7 @@ spec: spec: containers: - name: panel - image: docker.io/library/python:3.13.7-slim-bookworm + image: harbor.c2et.net/library/python:3.13.7-slim-bookworm command: ["/bin/sh","-c"] args: - | diff --git a/dashboard/dashboard-admin.yaml b/dashboard/dashboard-admin.yaml new file mode 100644 index 0000000..5722165 --- /dev/null +++ b/dashboard/dashboard-admin.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: dashboard-admin + namespace: kubernetes-dashboard +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: dashboard-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: dashboard-admin + namespace: kubernetes-dashboard diff --git a/dashboard/gen-dashboard-kubeconfig.sh b/dashboard/gen-dashboard-kubeconfig.sh new file mode 100755 index 0000000..a379e3a --- /dev/null +++ b/dashboard/gen-dashboard-kubeconfig.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# Generar kubeconfig para Kubernetes Dashboard +# Archivo: gen-dashboard-kubeconfig.sh + +set -e + +NAMESPACE="kubernetes-dashboard" +SA_NAME="dashboard-admin" +KUBECONFIG_FILE="dashboard.kubeconfig" + +echo "[*] Obteniendo token del ServiceAccount..." +TOKEN=$(kubectl -n $NAMESPACE create token $SA_NAME) + +if [ -z "$TOKEN" ]; then + echo "[!] No se pudo obtener el token. Revisa que el SA exista: $SA_NAME en $NAMESPACE" + exit 1 +fi + +echo "[*] Obteniendo API Server..." +APISERVER=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}') + +if [ -z "$APISERVER" ]; then + echo "[!] No se pudo obtener el API server del kubeconfig actual." + exit 1 +fi + +echo "[*] Generando kubeconfig en $KUBECONFIG_FILE ..." +kubectl config set-cluster kubernetes \ + --server=$APISERVER \ + --insecure-skip-tls-verify=true \ + --kubeconfig=$KUBECONFIG_FILE >/dev/null + +kubectl config set-credentials $SA_NAME \ + --token=$TOKEN \ + --kubeconfig=$KUBECONFIG_FILE >/dev/null + +kubectl config set-context $SA_NAME@kubernetes \ + --cluster=kubernetes \ + --user=$SA_NAME \ + --kubeconfig=$KUBECONFIG_FILE >/dev/null + +kubectl config use-context $SA_NAME@kubernetes \ + --kubeconfig=$KUBECONFIG_FILE >/dev/null + +echo "[✔] Kubeconfig generado: $KUBECONFIG_FILE" +echo " Puedes probarlo con:" +echo " kubectl --kubeconfig=$KUBECONFIG_FILE get pods -n $NAMESPACE"