This message was deleted.
# k3sa
adamant-kite-43734
05/10/2023, 7:51 PMThis message was deleted.
l
late-needle-80860
05/12/2023, 5:46 PMYou’re not coming through cleanly on this question … can you please explain it in greater detail?
b
bored-cat-40546
05/12/2023, 6:06 PMI just want you specify the default user account that is created at install rather than being stucked with default
l
late-needle-80860
05/20/2023, 5:14 AMFrom a security perspective or because you want a name for the default user account that’s more to your liking? As the user account is unique per cluster. And the initial user should be considered break glass anyways. So you should use dedicated users for anyone interacting with the cluster …. or rather entities that get RBAC roles - as there’s really no user concept on Kubernetes and thereby K3s.
b
bored-cat-40546
05/20/2023, 9:17 AMThe requirement was born out of a desire to merge kubeconfigs for ease of use, to make it easier to differentiate between accounts and the clusters they belong with a side order of cognitive load
bored-cat-40546
05/20/2023, 9:18 AMI'm deploying the clusters using ansible so I've ended up renaming the user as part of a localisation of the cluster prior to downloading it's kubeconfig file
l
late-needle-80860
05/21/2023, 7:33 PMDon’t you use OIDC integration or something of that sort and then only have the initial kubeadmin token as a break glass one. As far as I know this is the recommended way.
2 Views