kubernetes-the-hard-way/docs/kubectl.md

# Configuring the Kubernetes Client - Remote Access

## Download and Install kubectl

```
wget https://github.com/kubernetes/kubernetes/releases/download/v1.3.0/kubernetes.tar.gz
```

```
tar -xvf kubernetes.tar.gz
```

### OS X

```
sudo cp kubernetes/platforms/darwin/amd64/kubectl /usr/local/bin
```

### Linux

```
sudo cp kubernetes/platforms/linux/amd64/kubectl /usr/local/bin
```

## Configure Kubectl

In this section you will configure the kubectl client to point to the [Kubernetes API Server Frontend Load Balancer](docs/kubernetes-controller.md#setup-kubernetes-api-server-frontend-load-balancer).

Recall the Public IP address we allocated for the frontend load balancer:

```
gcloud compute addresses list
```
```
NAME        REGION       ADDRESS          STATUS
kubernetes  us-central1  104.197.132.159  IN_USE
```

Recall the token we setup for the admin user:

```
# /var/run/kubernetes/token.csv on the controller nodes
chAng3m3,admin,admin
```

Also be sure to locate the CA certificate [created earlier](docs/certificate-authority.md). Since we are using self-signed TLS certs we need to trust the CA certificate so we can verify the remote API Servers.

### Build up the kubeconfig entry

The following commands will build up the default kubeconfig file used by kubectl.

```
kubectl config set-cluster kubernetes-the-hard-way \
  --embed-certs=true \
  --certificate-authority=ca.pem \
  --server=https://146.148.34.151:6443
```

```
kubectl config set-credentials admin --token chAng3m3
```

```
kubectl config set-context default-context \
  --cluster=kubernetes-the-hard-way \
  --user=admin
```

```
kubectl config use-context default-context
```

At this point you should be able to connect securly to the remote API server:

```
kubectl get componentstatuses
```
```
NAME                 STATUS    MESSAGE              ERROR
controller-manager   Healthy   ok                   
scheduler            Healthy   ok                   
etcd-2               Healthy   {"health": "true"}   
etcd-0               Healthy   {"health": "true"}   
etcd-1               Healthy   {"health": "true"}  
```


```
kubectl get nodes
```
```
NAME      STATUS    AGE
worker0   Ready     10m
worker1   Ready     12m
worker2   Ready     14m
```
update docs 2016-07-07 23:28:46 +03:00			`# Configuring the Kubernetes Client - Remote Access`
update docs 2016-07-07 23:02:28 +03:00
update docs 2016-07-07 23:26:27 +03:00			`## Download and Install kubectl`
update docs 2016-07-07 23:02:28 +03:00
			```
update docs 2016-07-07 23:26:27 +03:00			`wget https://github.com/kubernetes/kubernetes/releases/download/v1.3.0/kubernetes.tar.gz`
update docs 2016-07-07 23:02:28 +03:00			```

update docs 2016-07-07 23:26:27 +03:00			```
			`tar -xvf kubernetes.tar.gz`
			```

			`### OS X`

			```
			`sudo cp kubernetes/platforms/darwin/amd64/kubectl /usr/local/bin`
			```

			`### Linux`

			```
			`sudo cp kubernetes/platforms/linux/amd64/kubectl /usr/local/bin`
			```

			`## Configure Kubectl`
update docs 2016-07-07 23:02:28 +03:00
update docs 2016-07-07 23:39:33 +03:00			`In this section you will configure the kubectl client to point to the [Kubernetes API Server Frontend Load Balancer](docs/kubernetes-controller.md#setup-kubernetes-api-server-frontend-load-balancer).`

			`Recall the Public IP address we allocated for the frontend load balancer:`

update docs 2016-07-07 23:02:28 +03:00			```
update docs 2016-07-07 23:39:33 +03:00			`gcloud compute addresses list`
update docs 2016-07-07 23:26:27 +03:00			```
update docs 2016-07-07 23:39:33 +03:00			```
update docs 2016-07-08 01:10:24 +03:00			`NAME REGION ADDRESS STATUS`
			`kubernetes us-central1 104.197.132.159 IN_USE`
update docs 2016-07-07 23:39:33 +03:00			```

			`Recall the token we setup for the admin user:`

			```
			`# /var/run/kubernetes/token.csv on the controller nodes`
			`chAng3m3,admin,admin`
			```

			`Also be sure to locate the CA certificate [created earlier](docs/certificate-authority.md). Since we are using self-signed TLS certs we need to trust the CA certificate so we can verify the remote API Servers.`

			`### Build up the kubeconfig entry`

			`The following commands will build up the default kubeconfig file used by kubectl.`

update docs 2016-07-07 23:26:27 +03:00			```
			`kubectl config set-cluster kubernetes-the-hard-way \`
			`--embed-certs=true \`
			`--certificate-authority=ca.pem \`
			`--server=https://146.148.34.151:6443`
update docs 2016-07-07 23:02:28 +03:00			```

update docs 2016-07-07 23:39:33 +03:00			```
			`kubectl config set-credentials admin --token chAng3m3`
			```

update docs 2016-07-07 23:02:28 +03:00			```
update docs 2016-07-07 23:26:27 +03:00			`kubectl config set-context default-context \`
			`--cluster=kubernetes-the-hard-way \`
			`--user=admin`
update docs 2016-07-07 23:02:28 +03:00			```

			```
update docs 2016-07-07 23:26:27 +03:00			`kubectl config use-context default-context`
update docs 2016-07-07 23:02:28 +03:00			```

update docs 2016-07-07 23:26:27 +03:00			`At this point you should be able to connect securly to the remote API server:`

			```
			`kubectl get componentstatuses`
			```
			```
			`NAME STATUS MESSAGE ERROR`
			`controller-manager Healthy ok`
			`scheduler Healthy ok`
			`etcd-2 Healthy {"health": "true"}`
			`etcd-0 Healthy {"health": "true"}`
			`etcd-1 Healthy {"health": "true"}`
			```


			```
			`kubectl get nodes`
			```
update docs 2016-07-07 23:02:28 +03:00			```
update docs 2016-07-07 23:26:27 +03:00			`NAME STATUS AGE`
			`worker0 Ready 10m`
			`worker1 Ready 12m`
			`worker2 Ready 14m`
update docs 2016-07-07 23:02:28 +03:00			```