文章内容:
- Kubernetes集群服务端、客户端是如何通过kubeconfig文件完成认证以及用户信息识别的?
当搭建好Kubernetes集群后,可以通过kubectl get pod -A
获取集群内所有的POD信息:
为什么通过一份kubeconfig
文件,Kubernetes就能完成访问认证以及用户身份的识别?其中的原理是什么样的?
1、解密kubeconfig文件
以下是我昨天刚搭建好的Kubernetes测试集群kubeconfig
文件内容:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvakNDQWVhZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJek1ESXhNakUxTVRjME0xb1hEVE16TURJd09URTFNVGMwTTFvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS09qCk80YkxwUlpwU2hXdG5VaHhob3Z5Y2FvOXlWSDZKeUV1NmpyZTdza2VnMDgrQjRwNnVJdElaenpwbS9kWE5Hb1AKdnVIVEc0U0ZUZ1pVbk4ycHNvSEl6bi9NODZaY2hUdXVDWjM0ZTRqb3BNeUZ5UE9qNEJUdzdkZjNGZWN3Q2R5awpydERFUVlDeWJnYzNtL1IyRHlNNmhMYTJGY3VtVjFYLzBnTzN6RWN0VHB1QSs1djR6ZmJZNlNvQ1lIb01RL0djCmZjVDQzOVVKNTZ5NnNBUHA1anAyZHR5N0xvdThkS1dXaTZEY1FGNk04d3JvR2YvUnhITG1VL3hydFQwMVk4bEQKK0tYR1V0RFo3bk92YXdDQTJOdGhNNnljTS8zNHdDWisrME9DTk5pVnVoRFNaVEl6cGFuN0Rzcml1NW9KUUIyZgp6Y3l3THlSOUdCaWh4dzBTWHJVQ0F3RUFBYU5aTUZjd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZCQTE5azh5alVTelFzclJJMGhiSG9sREdQVlRNQlVHQTFVZEVRUU8KTUF5Q0NtdDFZbVZ5Ym1WMFpYTXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSVdwcWNraDJGY25SK0dXdlJ0TwpwSVR0ZGdwaXQ2MGIxeGxEQzVBNzdtVzNtYmNFVUo5dERoTEhFbUhQNmxRbzlZUzViL282clFwMUxObkhvR0kzCnViMFpNRGZQdU0wRExwYmgvWHF3bWc4SnQ0bzFlZXRMd1lIM1hzeHVObnFxNXdIOG1WcHFNNGFTbUhra1NVcGMKOTdDbmRUdmtNTjBKb3pvNldiTi9DZk1yL09uOTJqYmExOGxzdFpmdnRZL0FtQzNQRnhZT0VJc1ZPYkp3MHh4MQpWMlMwZnRJMHlyVXJ6NHpVcDhUWTZYS1dBSGtWNzR2QkxqYUpWYUMxWGhxZ3BsTkh2ejJod3FzbTM3OG4zbEszClJVR1FDeXQwdVVXRHgxR2E4RlhMZEc4M2VScE5TTlZmV0tzTFl6N2k2d1FXY1greHpIdFhabDd0RTBWenM0MUUKK1BNPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.56.10:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {
}
users:
- name: kubernetes-admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lJSkRhNkYyQ2JEVjR3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TXpBeU1USXhOVEUzTkROYUZ3MHlOREF5TVRJeE5URTNORGxhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXRkQjlUZjB3eWlvL0p3YmYKRWdKaldCNlEzc2hiNFNpR3JKQjgyRjhJOHNEMHhYbUdDZVZDbzZzYmw3bUVVUS80Z2lzaWZqWWdmZy9zSTF4Ugp5VDVZalI4bit4Q2huUy9oSHhEQW9IaUtFR2Z2bnNkK05kclJocmV6YXlMQkwvT1lEZ0NUVDZTMzR6TWV2NnJsCm16U2tOQUNHNnlrZjNpS1hEVGtCL0ZHa3M2c3QwQzlqV3NCWjZjdGtsRm9CMTVQaWtxVkFTTHhmUlI2S25rQUcKZlRqbDNUcFJoQ0ZZN0FyRkFXc24wbzNTb3p0aExvWUVEb1dsWTJKY1dibG9VbTgvbHNsbjk0MHBiTEliMnhUdQplQTdMR3hiUEwzdlM0QkVCd0k1SDl1b1UwaFZEZ1JjTStPSXFNazd6dzFLU2FWaFJGYytBekNVQlE5S3YwandJCkpHMStRd0lEQVFBQm8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JRUU5mWlBNbzFFczBMSzBTTklXeDZKUXhqMQpVekFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBRHVObjYrU0ZVQ1YzZE9wakpwSTVtSTRtamFReVZydlFaU0o0CjFwSXpXeXBGNTg0NUhoU1hqOXllTXhERE00UGRXNm9Zc05KUi9Kb0NxU1lTT0duVGl6VDBGZ1ZYaEF4d2xVMGMKZm5TM3d1aEordUNhYkRhSzVzTHd4RWJCQmhnVi9aWDBRN0RUZGFzK0ZyMC90czhySXFOM3hDeWFKK3B4cVp6NApSRzEwNUVKQVhZK0lHY1Y0VVNzejZOVFVUZGc2QlQ2aDlJUk9tb3d1Ni9LWTdGNHFYd3pUamJzR0NNWXcrbTZ6CjVOR0tiZWxCcDRVOVMvY3JyemYvV0VuVWxaL0ZuVEhoNjd5cEwzb1BxWllzVFJHQkE1cjlSaXNSSWVvcGc3aGoKZ3JKSkhzSUxlS3BnNUFESTFtTXQxZ3V6NmtKckxKdkd6cXExMkw1azNkOEp1bTljcGc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBdGRCOVRmMHd5aW8vSndiZkVnSmpXQjZRM3NoYjRTaUdySkI4MkY4SThzRDB4WG1HCkNlVkNvNnNibDdtRVVRLzRnaXNpZmpZZ2ZnL3NJMXhSeVQ1WWpSOG4reENoblMvaEh4REFvSGlLRUdmdm5zZCsKTmRyUmhyZXpheUxCTC9PWURnQ1RUNlMzNHpNZXY2cmxtelNrTkFDRzZ5a2YzaUtYRFRrQi9GR2tzNnN0MEM5agpXc0JaNmN0a2xGb0IxNVBpa3FWQVNMeGZSUjZLbmtBR2ZUamwzVHBSaENGWTdBckZBV3NuMG8zU296dGhMb1lFCkRvV2xZMkpjV2Jsb1VtOC9sc2xuOTQwcGJMSWIyeFR1ZUE3TEd4YlBMM3ZTNEJFQndJNUg5dW9VMGhWRGdSY00KK09JcU1rN3p3MUtTYVZoUkZjK0F6Q1VCUTlLdjBqd0lKRzErUXdJREFRQUJBb0lCQUhHUzhxT0VOVFVrbk55WgpPMEc1d2lzcXRONm1GRmNiaEwxSmFPT1V3amM2ZCt6ZjArNWNpM3RJQ08ySGt2TThZY1dXZ202TEMxTVVTVE54Cm1SbDRXOEtVSXRwLzhpVUo0cndRTC9ST09CaTFoSWNRSVhRczQ5UWU3dkpPL0pVaXV1cU1TM2xsOFFUNVN3ejYKQ1lJaHFTMWU0dWtGZ0lXMzM5bi9zWkRYdzJZRHlsWGVycWV0T1picExiM29Lb3pxRFlVY3U1VGNDNmFQNXVZRApSdmRWcEVLejZTdUs2MG9lWStzVGQyYVQ0MFZscWhuLzd2eUE2NjBVWnRZcXAwalR2OHY1WW5QbTlUOWM3U3BLCm9RSDYwOUhabnpCRFR6UDNkNTloOGVVQjRuUzU0SzEwTnBDTlpUcTVKYmdQTjlybndERmREOGtRWTdVVE1BWXAKdXRLaFY5a0NnWUVBd05IN250RmRwU2ZlQW5KbTQzZWRGL0hsV2ZPS1lkblZoSVN2Rkh1RmVBd0lXYk15QXVXVgplWlZuMDNET1Y1aDNKL285Q3Vacmd1VmxJbkFJbVNzRnBTVGVJMFVVYmk1VFFnQVlhU0dQMjVrVDIyMTVkRnRECkpKWS9nTkQvQ2Y0NmJ5NWJteTdqZU1DRENQaWxGb20rRFhuVUpFSC9xZDF6dVJnSnQzVFdCbjhDZ1lFQThXTlMKbkl1UCs5L1lGTEUvckgyd0lLaVR1UVpOQ0Nicjk0eVh3dTlZREJJM0J4VnB4L2J6eFpBWkRONnhCSlgybUo0bApOaFhNcm5CYlQvN2hOTWpJVkVlTmF1VnRLWHhUZ1I3OXhwK3d6bC9IV2tZTWdMUU1sNmZUSk9DeVQzQ3U0UnZoCk9GRTZHekVXQldrS1hwbjJqZmNvaFcyMklTdFBZVkxUaXF0dERqMENnWUJHMDVyeWpvTXdiRUYvY3BoYWk1QlgKd0ZIM3haNmFMTkxpVjM2Y0xuY3JUbmd1d3NUbkRYL25aanI2RHVDc2ltT1NlcmU3YmtJbGxhK2RnN3VVejVuRwpQSkdnTVBxOU1pVUJCRm56SEJIa253a05POXcySW1PNlo3b3h6aE13ajRMVlhoam1Hc1lSajkxU0NVdFN5UXZYCmxWMllaK25LY243VWlZRGdNM2wrYndLQmdESjRxUUpRY0JlakV5UW9kMzdTZk93bk0xUUJqRVBERjUyWUNQZGEKWWhlTUMzTnd0OEIyMHp1Z3lJd1hWLzMwZVM0cUN1L0hHUmYwS0RPT3dIbnY3V3NwMXRqZUJiZ2g1YmZleWdNbwp5cWdzQUp2UWY3YTlidENhNTV3VFcxVWU0NEh2K1dSMEgya21GMHVrVGVXLzNYeUxqQzV4NVI0RVYwR3JOczRNCnorMmxBb0dBYjE5OXNwVTB4TS82RndId2FsNTdwZ1RkZXdVUzBvTklITG4rZkFYUnJZQ3pIaVFvNlpxbEJkTWYKcjdhVm11ZEp2MWJoamVmTU5aOUI2d1oxb2k3M0ZZL3JTd3FPd0d3UG5WYWc3MFMzV3FZZDl0UFVQQVNodFlDago1OGJzdHdWU2RXZEJuNHRMUUticFpvUG45TUd5YlNwUDlQdk8wcjlpS0hLQmVIWHdKQUE9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg