To authenticate to your Kubernetes cluster, create a service account in the desired namespace, and assign the cluster admin role to it.
To create a custom ClusterRole and associate it with a service account, see Role-Based Access Control (RBAC) for Kubernetes.
Procedure
To create the service account, run the create command on the kubectl command line tool.
For example, run the following command:
kubectl create serviceaccountcvbackup -n namespacewhere:
cvbackup is the name of the service account
namespace is the name of the namespace where the service account is created
To ensure that the service account has sufficient privileges to perform data protection operations, run the following command to add the service account to the default-sa-crb cluster role binding.
kubectl create clusterrolebinding default-sa-crb --clusterrole=cluster-admin --serviceaccount=namespace:cvbackupRun the following command to extract the service account token.
You will enter the token in the Kubernetes guided setup.
kubectl describe secret -n namespace $(kubectl get secret -n namespace -o jsonpath="{.items[?(@.metadata.annotations['kubernetes\.io/service-account\.name']=='cvbackup')].metadata.name}")For OpenShift, run the following command:
oc sa get-token cvbackup -n namespace