25 lines
712 B
Text
25 lines
712 B
Text
apiVersion: v1
|
|
clusters:
|
|
- cluster:
|
|
server: https://localhost:6443
|
|
insecure-skip-tls-verify: true
|
|
name: local
|
|
contexts:
|
|
- context:
|
|
cluster: local
|
|
namespace: default
|
|
user: user
|
|
name: Default
|
|
current-context: Default
|
|
kind: Config
|
|
preferences: {}
|
|
users:
|
|
- name: user
|
|
user:
|
|
# Providing ANY credentials in `insecure-skip-tls-verify` mode is unwise due to MITM risk.
|
|
# At least client certs are not as catastrophic as bearer tokens.
|
|
#
|
|
# This combination of insecure + client certs was once broken in kubernetes but
|
|
# is meaningful since 2015 (https://github.com/kubernetes/kubernetes/pull/15430).
|
|
client-certificate: external-cert.pem
|
|
client-key: external-key.rsa
|