Also at Deasil Works · txn2 · Plexara
Profiles GitHub · X · LinkedIn
Theme Light · Auto · Dark
imti.co
Professional notes by Craig Johnston
long-form, short-form, working drafts · since 2008
VOL. XIX · MMXXVI
82 NOTES IN PRINT
FOLIO VI 24 MAR 2018 · 2 MIN · SHORT-FORM

Kubernetes Remote Control

Using kubectl to Control a Remote Kubernetes Cluster

Diagram · folio vi
stateDiagram-v2
    [*] --> Local: minikube start
    Local --> Production: kubectl config use-context prod
    Production --> Local: kubectl config use-context minikube
    Local --> Staging: use-context staging
    Staging --> Local: use-context minikube
    Production --> Staging: use-context staging
    Staging --> Production: use-context prod

    note right of Local
      developer machine
      single-node cluster
    end note
    note right of Production
      remote multi-node
      requires CA cert + token
    end note

I use Minikube to run a local Kubernetes single node cluster (cluster?). However, I also work with a custom production cluster for work. This cluster consists of development and production nodes. I often need to switch between working on my local Minikube and the online Kubernetes cluster.

TIP: Visit the kubectl Cheat Sheet often.

The default configuration kubectl is stored in ~/.kube/config and if you have Minikube installed, it added the context minikube to your config.

With kubectl you can specify a config to use with the command flag --kubeconfig.

Below I am just pointing to default config. However, you can replace that with a different config to test.

kubectl --kubeconfig=/Users/enochroot/.kube/config config view

In addition to specifying a configuration file to use, kubectl configs also contain contexts. Each configuration file can have multiple contexts.

§Current Context

A context is a combination of cluster, namespace and user.

View the current context:

kubectl config view

You should now see the output the default configuration file.

You can see we have only one context by default on a workstation that just installed Minikube. You can also see the key current-context: is set to minikube.

Check the current config context:

kubectl config current-context

Output:

minikube

§Add a Cluster

Get the public certificate from your cluster or use --insecure-skip-tls-verify:

kubectl config set-cluster example --server https://example.com:6443 --certificate-authority=example.ca

Output

Cluster "example" set.

§Add a User

Users in the configuration can use a path to a certificate --client-certificate or use the certificate data directly --client-certificate-data

kubectl config set-credentials example \
    --client-certificate=/some/path/example.crt \
    --client-key=/some/path/example.key

§Add a Context

Add a context to tie a user and cluster together.

kubectl config set-context deasil --cluster=example \
    --namespace=default --user=example-admin

§Change Current Context

At this point you can change your current context from minikube to example:

kubectl config use-context example

Output:

example

Of course, kubectl config use-context minikube will put you back to managing your local Minikube.

§Port Forwarding / Local Development

Check out kubefwd for a simple command line utility that bulk forwards services of one or more namespaces to your local workstation.

§Resources

· 24 March 2018 ← back to all notes