Skip to main content
Skip table of contents

Create Local Users after Installing Kommander

Create local users after you install the Kommander component of DKP. If you have not installed Kommander yet, and want to create additional users during the installation, see Create Local Users during the Kommander Installation.

D2iQ does not recommend creating local users for production clusters. See Identity Providers for instructions on how to configure an external identity provider to manage your users.

Customize the Dex AppDeployment, and add a configOverrides section. 

  1. Create a configMap resource with the credentials of the new local user:
    (info) Replace <example_email> with the user's email address or a username.
    (info) Replace <password_bcrypt_hash> with the bcrypt hash of the password you want to assign. You can use the htpasswd CLI to create the hash of a specific password. For example, by running htpasswd -bnBC 10 "" password | tr -d ':\n' && echo you can generate the hash for the password “password”.

    CODE
    cat <<EOF | kubectl apply -f -
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: dex-overrides
      namespace: kommander
    data:
      values.yaml: |
        config:
          staticPasswords:
          - email: <example_email> 
            hash: <password_bcrypt_hash>
    EOF
  2. Open the Dex AppDeployment to edit it:

    CODE
    kubectl edit -n kommander appdeployment dex

    The editor displays the AppDeployment.

  3. Copy the following values and paste them in a location in the file where they are nested in the spec field:

    CODE
      configOverrides:
        name: dex-overrides

    Example:

    CODE
    apiVersion: apps.kommander.d2iq.io/v1alpha3
    kind: AppDeployment
    metadata:
    ...
    spec:
      appRef:
        kind: ClusterApp
        name: dex-2.11.1
      clusterConfigOverrides:
      - clusterSelector:
          matchExpressions:
          - key: kommander.d2iq.io/cluster-name
            operator: In
            values:
            - host-cluster
        configMapName: dex-kommander-overrides
      configOverrides: # Copy and paste this section.
        name: dex-overrides
    status:
    ...

    Editing the AppDeployment restarts the HelmRelease for Dex. The new users will be created after the reconciliation. However, the user creation is not completed until you assign it permissions.

You have created a user that does not have any permissions to see or manage your DKP cluster yet. Add RBAC Roles to Local Users to complete the configuration.

Next Step:

Add RBAC Roles to Local Users

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.