현재 조직으로 인증합니다. 조직을 전환한 후 gdcloud auth login 명령어를 실행합니다.
로그인 구성의 인증 기관 (CA) 인증서가 시스템의 신뢰할 수 있는 인증서 저장소에 설치되어 있어야 합니다. CA 인증서가 설치되지 않은 경우 --login-config-cert 플래그를 사용하여 CA 인증서를 찾을 경로를 지정합니다. 자세한 내용은 GDC 신뢰 번들 가져오기를 참고하세요.
기기에 브라우저가 있어야 합니다. --no-browser 플래그를 사용하여 두 번째 기기로 로그인합니다.
kubeconfig 파일 가져오기
ID 공급자로 인증한 후 사용자 ID가 포함된 kubeconfig 파일을 가져옵니다.
gdcloudclustersget-credentialsCLUSTER_NAME
이렇게 하면 인증된 사용자 및 클러스터와 함께 기본 경로 ${HOME}/.kube/config에 kubeconfig 파일이 생성되거나 업데이트됩니다.
kubeconfig 파일을 생성하거나 업데이트할 때 다음 사항을 고려하세요.
KUBECONFIG 환경 경로에 원하는 경로를 지정하여 다른 경로에 저장합니다.
kubeconfig는 수명이 긴 파일이지만 사용자를 인증하는 토큰은 수명이 짧습니다. kubeconfig 파일이 작동하지 않으면 gdcloud auth
login 명령어를 실행하여 다시 인증합니다.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eThis guide explains the process of authenticating with your identity provider and obtaining a kubeconfig file for cluster access.\u003c/p\u003e\n"],["\u003cp\u003eBefore starting, you must run \u003ccode\u003egdcloud init\u003c/code\u003e and install the \u003ccode\u003egdcloud-k8s-auth-plugin\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eUse the \u003ccode\u003egdcloud auth login\u003c/code\u003e command to sign in, considering the need for an installed CA certificate or a browser.\u003c/p\u003e\n"],["\u003cp\u003eAfter authenticating, run \u003ccode\u003egdcloud clusters get-credentials CLUSTER_NAME\u003c/code\u003e to generate or update your kubeconfig file.\u003c/p\u003e\n"],["\u003cp\u003eThe kubeconfig file contains a short-lived token, so you may need to re-run \u003ccode\u003egdcloud auth login\u003c/code\u003e if it expires.\u003c/p\u003e\n"]]],[],null,["# The gdcloud CLI authentication\n\nThis page details how to authenticate with your configured identity provider and\nget a kubeconfig file for your user identity and cluster.\n\nBefore you begin\n----------------\n\nBefore you can authenticate with your identity provider and generate a\nkubeconfig file, ensure you have completed the following:\n\n- Run the `gdcloud init` command. For more information, see the\n [Initialize gdcloud CLI default configuration](/distributed-cloud/hosted/docs/latest/gdch/resources/gdcloud-install#init-default-config)\n section.\n\n- Install the authentication plugin, which is required to use a generated\n kubeconfig file:\n\n gdcloud components install gdcloud-k8s-auth-plugin\n\nSign in with configured identity provider\n-----------------------------------------\n\nSign in with the configured identity provider: \n\n gdcloud auth login\n\nFollow the instructions to authenticate with your identity provider.\n\nConsider the following when using the `gdcloud auth login` command:\n\n- It authenticates with the current organization. Run the `gdcloud auth login` command after switching organizations.\n- It requires that the certificate authority (CA) certificate for the login config is installed in the system's trusted certificates store. If the CA certificate is not installed, use the `--login-config-cert` flag to specify the path to find the CA certificate. For more information, see [Fetch GDC trust bundles](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/pki/fetch-trust-bundles).\n- It requires a browser to exist on the device. Use the `--no-browser` flag to log in with a second device.\n\nGet a kubeconfig file\n---------------------\n\nAfter authenticating with the identity provider, get a `kubeconfig` file with\nyour user identity: \n\n gdcloud clusters get-credentials \u003cvar translate=\"no\"\u003eCLUSTER_NAME\u003c/var\u003e\n\nThis creates or updates the kubeconfig file in the default path\n`${HOME}/.kube/config` with the authenticated user and cluster.\n\nConsider the following when generating or updating your kubeconfig file:\n\n- Specify the desired path in the `KUBECONFIG` environment path to save it to a different path.\n- The kubeconfig is a long-lived file, however the token authenticating the user is short-lived. If a kubeconfig file stops working, run the `gdcloud auth\n login` command to authenticate again."]]