Kuberenetes 101 : OpenSSL - Creating users -
We start by creating a directory on the master node that will hold our keys and we "cd" into it.
We create a private key for Albert:
We then create a certificate sign request - CSR - using Albert's private key, we also provide the username - CN -.
We could also provide a group for Albert using the "/CO" paramater.
We then sign the CSR using the Kubernetes certificate authority
- CA - usually "/etc/kubernetes/pki/ca.crt" and "/etc/kubernetes/pki/
We sign the CSR that will be valid for 250 days:
We finally create the user in the kubeconfig for Albert using the below command: