blob: d7c28087a929c15e01784e4e7c27ae29f10f8c85 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
apiVersion: v1
clusters:
- cluster:
server: https://localhost:6443
insecure-skip-tls-verify: true
name: local
contexts:
- context:
cluster: local
namespace: default
user: user
name: Default
current-context: Default
kind: Config
preferences: {}
users:
- name: user
user:
# Providing ANY credentials in `insecure-skip-tls-verify` mode is unwise due to MITM risk.
# At least client certs are not as catastrophic as bearer tokens.
#
# This combination of insecure + client certs was once broken in kubernetes but
# is meaningful since 2015 (https://github.com/kubernetes/kubernetes/pull/15430).
client-certificate: external-cert.pem
client-key: external-key.rsa
|