.kube config: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 86: Line 86:
preferences: {}
preferences: {}
</syntaxhighlight>
</syntaxhighlight>
The cluster certificate-authority-data is obtained <font color=darkgray>as follows.</font>
The user client-certificate-data is obtained <font color=darkgray>as follows.</font>
The user client-key-data is obtained <font color=darkgray>as follows.</font>

Revision as of 06:02, 29 November 2019

Internal

Overview

$HOME/.kube/config is kubectl configuration file. It contains definitions for clusters, users and contexts. The content of the file can be displayed with:

kubectl config view

Clusters

The section contains the definition of one or more clusters. Each cluster definition has a name, certificate info and the API server's endpoint.

clusters:
- cluster:
    certificate-authority-data: LS0tLS1...tLQo=
    server: https://kubernetes.docker.internal:6443
  name: docker-desktop

Users

This section contain definitions of users that might have different levels of permissions for each cluster. Each user definition has a friendly name, a username and a set of credentials.

users:
- name: docker-desktop
  user:
    client-certificate-data: LS0tL...LS0K
    client-key-data: LS0tL...tLQo=

Contexts

Contexts bring together clusters and users under a friendly name.

current-context: docker-desktop
contexts:
- context:
    cluster: docker-desktop
    user: docker-desktop
  name: docker-desktop

Current Context

The current context can be viewed with:

kubectl config current-context

and can be changed with:

kubectl config use-context new-context-name

Creating a Client Configuration from Scratch

This procedure is useful if we install kubectl only on a remote client machine and we need it to configure it to connect to a Kubernetes cluster.

  • Download kubectl and install it as described here: [[Kubectl#Installation|kubectl Installation].
  • Create a ~/.kube directory.
  • Create a ~/.kube/config file with the following content:
apiVersion: v1
kind: Config
clusters:
- name: kubernetes-kubespray
  cluster:
    certificate-authority-data: LS0tL...LQo=
    server: https://10.10.2.146:6443
users:
- name: kubernetes-kubespray-admin
  user:
    client-certificate-data: LS0t...tLQo=
    client-key-data: LS0tLS...S0tLQo=
contexts:
- name: kubernetes-kubespray
  context:
    cluster: kubernetes-kubespray
    user: kubernetes-kubespray-admin
current-context: kubernetes-kubespray
preferences: {}

The cluster certificate-authority-data is obtained as follows.

The user client-certificate-data is obtained as follows.

The user client-key-data is obtained as follows.