add setup non-root kubeconfig

2025-05-18 06:20:07 -04:00 · 2025-05-18 06:20:07 -04:00 · 45336082e2
commit 45336082e2
parent 8ceb8fa23a
2 changed files with 38 additions and 3 deletions
--- a/curl_execute.yaml
+++ b/curl_execute.yaml
@ -51,9 +51,6 @@
        msg: "{{ item.stdout_lines }}"
      loop: "{{ script_output.results }}"

-    - name: Add Kubeconfig to User
-      shell: "rm -rf /home/ubuntu/.kube/config && mkdir -p /home/ubuntu/.kube/ && cp /etc/kubernetes/adminf.conf /home/ubuntu/.kube/config"
-
    - name: Clean up temporary directory
      file:
        path: /tmp/downloaded_scripts
--- a/test-scripts/install_k8s.sh
+++ b/test-scripts/install_k8s.sh
@ -57,6 +57,40 @@ echo "Provision Kubernetes With IP $VM_IP"
 KUBEVERSION="1.32.3-1.1"
 HELMVERSION="3.14.2"

+setup_kube_config() {
+  # Source admin.conf location
+  local admin_conf=${1:-"/etc/kubernetes/admin.conf"}
+
+  # Check if admin.conf exists
+  if [ ! -f "$admin_conf" ]; then
+    echo "Error: Admin config file not found at $admin_conf" >&2
+    return 1
+  fi
+
+  # Ensure running as root
+  if [ "$(id -u)" -ne 0 ]; then
+    echo "Error: This function must be run as root" >&2
+    return 1
+  fi
+
+  # Process regular users (UID >= 1000)
+  while IFS=: read -r username _ uid _ _ home_dir _; do
+    if [ "$uid" -ge 1000 ] && [ -d "$home_dir" ] && [ "$home_dir" != "/nonexistent" ]; then
+      # Create .kube directory if needed
+      local kube_dir="$home_dir/.kube"
+      local kube_config="$kube_dir/config"
+
+      echo "Setting up Kubernetes config for user: $username"
+      mkdir -p "$kube_dir" || true
+      cp -f "$admin_conf" "$kube_config"
+      chown -R "$username":"$username" "$kube_dir"
+      chmod 600 "$kube_config"
+    fi
+  done </etc/passwd
+
+  echo "Kubernetes config setup completed for all regular users."
+}
+
 command_exists() {
  command -v "$1" >/dev/null 2>&1
 }
@ -290,6 +324,7 @@ kubeadm init --apiserver-advertise-address=${VM_IP} --pod-network-cidr=10.244.0.
 mkdir -p $HOME/.kube
 cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
 chown $(id -u):$(id -g) $HOME/.kube/config
+
 export KUBECONFIG=/etc/kubernetes/admin.conf

 kubectl taint nodes --all node-role.kubernetes.io/control-plane-
@ -306,3 +341,6 @@ echo "**************************************************************************
 kubectl get pods -A

 echo "***************************************************************************************************************"
+
+# Distribute kubeconfig among non-root users
+setup_kube_config