Use pxctl with security enabled
Once a storage cluster with security enabled is running, a cluster admin must set up a pxctl context on each node in order to interact with the system.
The following steps will guide an operator-based storage admin to setup pxctl contexts on each node:
Retrieve the admin token from the namespace in which Portworx was installed and store it in a variable
ADMIN_TOKEN=$(kubectl -n kube-system get \ secret px-admin-token -o json \ | jq -r '.data."auth-token"' \ | base64 -d)
Find the portworx pod which is running on the node in which the admin wants to interact with:
kubectl -n kube-system get pods -l name=portworx -o wide
Copy the desired portworx pod for the next command.
Save the admin token in the
pxctlcontext for that pod:
kubectl -n kube-system exec -ti <portworx_pod> -- /opt/pwx/bin/pxctl context create admin --token=$ADMIN_TOKEN
Exec into the portworx container to perform any pxctl commands:
kubectl -n kube-system exec -ti <portworx_pod> /bin/bash