In the article Kubernetes 1.6.1 Authentication via Google I explained how to create Google Application and generate kubernetes token. I found that people have problem and to help them to test OpenID token authorization I want to present Minikube solution. I assume this solution should remove problems with different host environments and networking issues.

I replaced Step 2 part in the article with minikube command, before you start please finish first Step 1 and Step 3.

Here is replacement of Step 2 and short version of Step 4:

$ minikube start \

--extra-config=apiserver.Authorization.Mode=RBAC \

--extra-config=apiserver.Authentication.OIDC.IssuerURL=https://accounts.google.com \

--extra-config=apiserver.Authentication.OIDC.UsernameClaim=email \

--extra-config=apiserver.Authentication.OIDC.ClientID="123123123.apps.googleusercontent.com" $ kubectl get no

NAME STATUS AGE VERSION

minikube Ready 8m v1.7.0 $ kubectl create clusterrolebinding cluster-admin-minikube --clusterrole=cluster-admin --user="user@exmaple.com" $ kubectl get no --user="user@exmaple.com"

I found this approach easy to implement and good for testing applications on local environment with more close to production configurations and permissions.