Kubernetes Cluster Context with Multiple Namespaces

2
votes

I've a huge pipeline with different developer groups with several permission levels.(For using Jenkins Kubernetes Plugin .)

For example QA teams and Developer teams has different service accounts at kubernetes cluster.

So I need create some connection with kubernetes clusters but every connection I change context of cluster with namespace name .

I want to use multiple namespaces at kubernetes context . That is my own kubernetes context file . 

- context:
cluster: minikube
namespace: user3
user: minikube

How I can handle this problem with kubernetes api call or in yaml files ? That is my example service account yaml file . 

 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: dev

 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: dev

 rules:
  - apiGroups: [""]
  resources: ["pods"]
 verbs: ["create","delete","get","list","patch","update","watch"]
 - apiGroups: [""]
 resources: ["pods/exec"]
   verbs: ["create","delete","get","list","patch","update","watch"]
 - apiGroups: [""]
  resources: ["pods/log"]
 verbs: ["get","list","watch"]
 - apiGroups: [""]
 resources: ["secrets"]
 verbs: ["get"]

 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
 metadata:
 name: dev

  roleRef:
  apiGroup: rbac.authorization.k8s.io
   kind: Role
  name: dev
subjects:
  - kind: ServiceAccount
    name: dev
1
jenkinskubernetespipelinedevops
I'm not sure what exactly you are trying to achieve. Can you please provide more details? I'm not sure what is the problem you are having with setting correct rbac - Crou
Last comment is explaining everything , thanks for your attention - ColossusMark1

1 Answers

2
votes

If you want one jenkins to talk to kubernetes API with different service accounts you need to create multiple Jenkins "clouds" in configuration, each with different credentials. Then in your pipeline you set the "cloud" option to choose the right one