AVI: Difference between revisions

Content added Content deleted
Line 174: Line 174:
== OpenShift Service Account for Avi Authentication ==
== OpenShift Service Account for Avi Authentication ==


Create a Service Account for Avi:
1. Create a Service Account for Avi:

nano sa.json
nano sa.json


Line 187: Line 186:


oc create -f sa.json
oc create -f sa.json

2. Create a Cluster Role
nano clusterrolesepod.json

<pre>
{
"apiVersion": "v1",
"kind": "ClusterRole",
"metadata": {
"name": "avirole"
},
"rules": [
{
"apiGroups": [
""
],
"resources": [
"*"
],
"verbs": [
"get",
"list",
"watch"
]
},
{
"apiGroups": [
""
],
"resources": [
"routes/status"
],
"verbs": [
"patch",
"update"
]
},
{
"apiGroups": [
""
],
"resources": [
"pods",
"secrets",
"securitycontextconstraints",
"serviceaccounts"
],
"verbs": [
"create",
"delete",
"get",
"list",
"update",
"watch"
]
},
{
"apiGroups": [
"extensions"
],
"resources": [
"daemonsets",
"ingresses"
],
"verbs": [
"create",
"delete",
"get",
"list",
"update",
"watch"
]
},
{
"apiGroups": [
"apps"
],
"resources": [
"*"
],
"verbs": [
"create",
"delete",
"get",
"list",
"update",
"watch"
]
}
]
}
</pre>

3. Add Created Cluster Role to Service Account
oc adm policy add-cluster-role-to-user avirole system:serviceaccount:default:avi

4. Extract Token for Use in Avi Cloud Configuration
oc describe serviceaccount avi
oc describe secret avi-token-emof0


= Using Ansible =
= Using Ansible =
Retrieved from "https://aman.awiki.org/wiki/AVI"