Obtaining kubeconfig with qbert API for Token-Based Authentication
You can obtain the kubeconfig file with the Keystone token inserted into kubeconfig, with the help of a script available on Github that uses qbert API.
Follow the steps given below to obtain Keystone token for a user, and insert the Keystone token into kubeconfig programmatically.
- Run the export command on the command line to export the following environment variables to point to the appropriate URL, region, tenant, user name, and password for which the Keystone token is to be generated.
export OS_AUTH_URL=<get url from Clarity UI API-Access Section> export OS_IDENTITY_API_VERSION=3 export OS_REGION_NAME="<region-name>" export OS_USERNAME="<your username>" export OS_PASSWORD="<password>" export OS_PROJECT_NAME="<tenant-name>" export OS_PROJECT_DOMAIN_ID="default"
- Use the Github project to download kubeconfig from a DU given the above-mentioned OpenStack credentials to authenticate with Keystone, and the cluster UUID for which the kubeconfig is required. Once the kubeconfig is downloaded, the script writes the token to the downloaded kubeconfig.
The kubeconfig file containing the token is now available to you for further use.
If you wish to download the kubeconfig from the Platform9 Clarity UI, refer to the support article on token-based authentication.