Skip to main content
Skip table of contents

Create Local Users after Installing Kommander

Create local users after you install the Kommander component of DKP. If you have not installed Kommander yet, and want to create additional users during the installation, see Create Local Users during the Kommander Installation.

D2iQ does not recommend creating local users for production clusters. See Identity Providers for instructions on how to configure an external identity provider to manage your users.

Customize the Dex AppDeployment, and add a configOverrides section. 

  1. Create a configMap resource with the credentials of the new local user:
    (info) Replace <example_email> with the user's email address or a username.
    (info) Replace <password_bcrypt_hash> with the bcrypt hash of the password you want to assign. You can use the htpasswd CLI to create the hash of a specific password. For example, by running htpasswd -bnBC 10 "" password | tr -d ':\n' && echo you can generate the hash for the password “password”.

    CODE 
    cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: dex-overrides
  namespace: kommander
data:
  values.yaml: |
    config:
      staticPasswords:
      - email: <example_email> 
        hash: <password_bcrypt_hash>
EOF

  2. Open the Dex AppDeployment to edit it:

    CODE 
    kubectl edit -n kommander appdeployment dex

    The editor displays the AppDeployment.

  3. Copy the following values and paste them in a location in the file where they are nested in the spec field:

    CODE 
      configOverrides:
    name: dex-overrides

    Example:

    CODE 
    apiVersion: apps.kommander.d2iq.io/v1alpha3
kind: AppDeployment
metadata:
...
spec:
  appRef:
    kind: ClusterApp
    name: dex-2.11.1
  clusterConfigOverrides:
  - clusterSelector:
      matchExpressions:
      - key: kommander.d2iq.io/cluster-name
        operator: In
        values:
        - host-cluster
    configMapName: dex-kommander-overrides
  configOverrides: # Copy and paste this section.
    name: dex-overrides
status:
...

    Editing the AppDeployment restarts the HelmRelease for Dex. The new users will be created after the reconciliation. However, the user creation is not completed until you assign it permissions.

You have created a user that does not have any permissions to see or manage your DKP cluster yet. Add RBAC Roles to Local Users to complete the configuration.

Next Step:

Add RBAC Roles to Local Users

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close