Karbon and Prism Central Management for K8s Cluster | Nutanix Community
Skip to main content

Hi

I’m currently working on RBAC rights for Prism Central but also for entities (VM,Apps...)

In my understanding and in the documentation, i saw that you have to be User Admin on PC to get full rights on K8s cluster.

 

In that statement, how does Karbon acts on K8s cluster rights while it deploy a new cluster ? 

(For instance, if you are a Viewer on PC you can’t connect to K8s cluster, if you’re User Admin, you can do whatever you want. )

 

Best regards

 

Gael

Hello!

Please check my article: https://vmik.net/2022/09/05/nutanix-kabron-rbac/

It’s in Russian, but you can easily translate it with google.

 


Thanks a lot mikkisse, i just read it and seems awesome. i’ll give it a try this afternoon but at a first glance, it seems to answer all my needs :D


Thanks for your feedback.
Please don't forget, that you can create strickt RBAC manifests in k8s and they will work. It's not necessary to map users only to cluster-admin role. You can create any role with any permissions you need.
 


@mikkisse just spent 2 hours to make some tests and i have to say your article is perfect.

Honestly, you should ask/tell Nutanix support to publish it.

(for your information, i had the official nutanix support by phone this morning and except saying configure User Admin or nothing, they weren’t aware of those information)

 

Thanks again, a lot lot lot lot !!! :)

Gael


You are welcome :)