diff --git a/docs/getting-started.md b/docs/getting-started.md index 95f9c222a..67b6132af 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -93,7 +93,8 @@ the Kubernetes [documentation](https://kubernetes.io/docs/tasks/access-applicati Accessing Kubernetes Dashboard ------------------------------ -If the variable `dashboard_enabled` is set (default is true), then you can +If the variable `dashboard_enabled` is set (default is true) as well as +kube_basic_auth (default is false), then you can access the Kubernetes Dashboard at the following URL: https://kube:_kube-password_@_host_:6443/ui/ @@ -102,6 +103,9 @@ To see the password, refer to the section above, titled *Connecting to Kubernetes*. The host can be any kube-master or kube-node or loadbalancer (when enabled). +To access the Dashboard with basic auth disabled, follow the instructions here: +https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#command-line-proxy + Accessing Kubernetes API ------------------------ diff --git a/inventory/group_vars/k8s-cluster.yml b/inventory/group_vars/k8s-cluster.yml index dd6142bd3..6aac433b9 100644 --- a/inventory/group_vars/k8s-cluster.yml +++ b/inventory/group_vars/k8s-cluster.yml @@ -50,8 +50,8 @@ kube_users: ## It is possible to activate / deactivate selected authentication methods (basic auth, static token auth) #kube_oidc_auth: false -#kube_basic_auth: true -#kube_token_auth: true +#kube_basic_auth: false +#kube_token_auth: false ## Variables for OpenID Connect Configuration https://kubernetes.io/docs/admin/authentication/ diff --git a/roles/kubernetes/master/defaults/main.yml b/roles/kubernetes/master/defaults/main.yml index 076b8477c..5ae968232 100644 --- a/roles/kubernetes/master/defaults/main.yml +++ b/roles/kubernetes/master/defaults/main.yml @@ -46,8 +46,8 @@ kube_apiserver_admission_control: - ResourceQuota ## Enable/Disable Kube API Server Authentication Methods -kube_basic_auth: true -kube_token_auth: true +kube_basic_auth: false +kube_token_auth: false kube_oidc_auth: false ## Variables for OpenID Connect Configuration https://kubernetes.io/docs/admin/authentication/