Minikube: Enabling RBAC ?

In the same token, it does not seem that we can create ThirdPartyResource objects. Is that enabled in the API server ?

We don't currently set the Authorization mode in apiserver.go, but we would need to make this configurable via a flag to enable RBAC.

Looks like ThirdPartyResources need this to work: https://github.com/kubernetes/kubernetes/pull/28414

@dlorenc where would you like to keep track of feature requests like this ? and would you prefer I open a separate issue for supporting ThirdPartyResource ?

This is a fine place to track the feature requests. We have a 1.4 alpha build coming out soon that should have the upstream fix for ThirdPartyResources, no need to open another bug.

ref #512

This is now possible and documented in the README.md here: https://github.com/kubernetes/minikube#examples

Let me know if it works!

I tried it, and I could not bootstrap the RBAC. How can I use this from scratch?

I created a minikube cluster like this as described in the examples section:

$ minikube start --vm-driver=virtualbox --kubernetes-version=v1.5.2 --memory=4096 --extra-config=apiserver.GenericServerRunOptions.AuthorizationMode=RBAC --extra-config=apiserver.GenericServerRunOptions.AuthorizationRBAC,SuperUser=minikube

Then tried to create a bundle of resources and received the following:

$ kubectl create -f bundle.yaml 
Error from server (Forbidden): error when creating "bundle.yaml": the server does not allow access to the requested resource (post serviceaccounts)
error validating "bundle.yaml": error validating data: the server does not allow access to the requested resource; if you choose to ignore these errors, turn validation off with --validate=false

I'm also running into the same issue as @brancz

Currently the documentation is here: https://github.com/kubernetes/minikube/blob/master/docs/configuring_kubernetes.md#examples