AVI
Create a Service Account
kubectl create serviceaccount avi -n default
Create a Cluster Role for deploying Avi Service Engines as a pod:
nano clusterrole.json
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRole",
"metadata": {
"name": "avirole"
},
"rules": [
{
"apiGroups": [
""
],
"resources": [
"*"
],
"verbs": [
"get",
"list",
"watch"
]
},
{
"apiGroups": [
""
],
"resources": [
"pods",
"replicationcontrollers"
],
"verbs": [
"get",
"list",
"watch",
"create",
"delete",
"update"
]
},
{
"apiGroups": [
""
],
"resources": [
"secrets"
],
"verbs": [
"get",
"list",
"watch",
"create",
"delete",
"update"
]
},
{
"apiGroups": [
"extensions"
],
"resources": [
"daemonsets",
"ingresses"
],
"verbs": [
"create",
"delete",
"get",
"list",
"update",
"watch"
]
}
]
}
kubectl create -f clusterrole.json
Create Cluster Role Binding nano clusterbinding.json
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRoleBinding",
"metadata": {
"name": "avirolebinding",
"namespace": "default"
},
"roleRef": {
"apiGroup": "rbac.authorization.k8s.io",
"kind": "ClusterRole",
"name": "avirole"
},
"subjects": [
{
"kind": "ServiceAccount",
"name": "avi",
"namespace": "default"
}
]
}
kubectl create -f clusterbinding.json
Extract the Token for Use in Avi Cloud Configuration
kubectl describe serviceaccount avi -n default kubectl describe secret avi-token-esdf0 -n default
Enter the Master IP address & Token in AVI Portal:
https://10.1.10.160:6443