英文:
Add RBAC to Azure Kubernetes ( AKS ) after the cluster has already been created
问题
我需要为我的AKS添加RBAC,但当我进入Azure门户时,它说这是一个创建操作,之后无法进行更新。
我需要拆除整个集群并创建一个启用RBAC的新集群来使用此功能吗?
这是一个正在生产中进行的项目,所以对我来说,并不像运行terraform destroy和terraform apply那么简单。
您建议如何操作,以确保最小程度影响可用性,并确保一切都设置与之前的集群相同?
英文:
I need to add RBAC to my AKS, but when I go to Azure portal it says that it's a creation operation and that it's not possible to update it afterwards.
Do I need to tear down the whole cluster and create a new one with RBAC enabled to make use of this feature?
It's an ongoing project in production, so for me it's not as simple as running terraform destroy and terraform apply unfortunately.
How would you suggest to do it, to make sure of minimum impact on availability and to have everything set up the same way as the previous cluster?
答案1
得分: 1
我尝试在我的环境中重现相同的结果,成功地获得了以下结果:
在创建Kubernetes集群之后,可以添加启用RBAC的功能:
在您的Kubernetes集群 -> 设置 -> 集群配置下,选择Azure身份验证和Azure RBAC,保存如下:
然后,使用以下命令将Azure RBAC添加到现有的AKS集群中:
az aks update -g myResourceGroup -n myAKSCluster --enable-azure-rbac
参考链接:
从Azure管理Kubernetes中的Azure RBAC - Azure Kubernetes Service | 微软学习
英文:
I tried to reproduce the same in my environment I got the results successfully like below:
It is possible to add RBAC enabled After creating a Kubernetes cluster:
In your Kubernetes cluster -> under setting, cluster configuration -> choose azure authentication with azure RBAC and save like below:
Then, make use of below cmd to add Azure RBAC for Kubernetes Authorization into an existing AKS cluster,
az aks update -g myResourceGroup -n myAKSCluster --enable-azure-rbac
Reference:
Manage Azure RBAC in Kubernetes From Azure - Azure Kubernetes Service | Microsoft Learn
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论