mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
kubernetes-the-hard-way/docs/10-configuring-kubectl.md

104 lines
2.7 KiB
Markdown
Raw Normal View History

update docs
2017-08-29 00:19:25 +03:00
# Configuring kubectl for Remote Access
In this lab you will generate a kubeconfig file for the `kubectl` command line utility based on the `admin` user credentials.
> Run the commands in this lab from the same directory used to generate the admin client certificates.
## The Admin Kubernetes Configuration File
Each kubeconfig requires a Kubernetes API Server to connect to. To support high availability the IP address assigned to the external load balancer fronting the Kubernetes API Servers will be used.
Generate a kubeconfig file suitable for authenticating as the `admin` user:
Added AWS code.
2018-07-25 14:18:38 +03:00
<details open>
<summary>GCP</summary>
update docs
2017-08-29 00:19:25 +03:00
```
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
{
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \
--region $(gcloud config get-value compute/region) \
--format 'value(address)')
update docs
2017-08-29 00:19:25 +03:00
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
kubectl config set-cluster kubernetes-the-hard-way \
--certificate-authority=ca.pem \
--embed-certs=true \
--server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443
update docs
2017-08-29 00:19:25 +03:00
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
kubectl config set-credentials admin \
--client-certificate=admin.pem \
--client-key=admin-key.pem
update docs
2017-08-29 00:19:25 +03:00
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
kubectl config set-context kubernetes-the-hard-way \
--cluster=kubernetes-the-hard-way \
--user=admin
kubectl config use-context kubernetes-the-hard-way
}
update docs
2017-08-29 00:19:25 +03:00
```
Added AWS code.
2018-07-25 14:18:38 +03:00
</details>
<details>
<summary>AWS</summary>
```
KUBERNETES_PUBLIC_ADDRESS="$(aws elb describe-load-balancers \
--load-balancer-name kubernetes-the-hard-way \
--profile kubernetes-the-hard-way \
--query 'LoadBalancerDescriptions[0].DNSName' \
--output text)"
kubectl config set-cluster kubernetes-the-hard-way \
--certificate-authority=ca.pem \
--embed-certs=true \
--server="https://$KUBERNETES_PUBLIC_ADDRESS:6443"
kubectl config set-credentials admin \
--client-certificate=admin.pem \
--client-key=admin-key.pem
kubectl config set-context kubernetes-the-hard-way \
--cluster=kubernetes-the-hard-way \
--user=admin
kubectl config use-context kubernetes-the-hard-way
```
</details>
update docs
2017-08-29 00:19:25 +03:00
## Verification
Check the health of the remote Kubernetes cluster:
```
kubectl get componentstatuses
```
> output
```
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
NAME STATUS MESSAGE ERROR
remove trailing-spaces and blank lines
2017-09-04 00:18:03 +03:00
controller-manager Healthy ok
scheduler Healthy ok
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
etcd-1 Healthy {"health":"true"}
etcd-2 Healthy {"health":"true"}
etcd-0 Healthy {"health":"true"}
update docs
2017-08-29 00:19:25 +03:00
```
List the nodes in the remote Kubernetes cluster:
```
kubectl get nodes
```
> output
```
update to kubernetes 1.8
2017-10-02 06:37:09 +03:00
NAME STATUS ROLES AGE VERSION
Update to Kubernetes 1.10.2 and add gVisor support
2018-05-12 19:54:18 +03:00
worker-0 Ready <none> 1m v1.10.2
worker-1 Ready <none> 1m v1.10.2
worker-2 Ready <none> 1m v1.10.2
update docs
2017-08-29 00:19:25 +03:00
```
Next: [Provisioning Pod Network Routes](11-pod-network-routes.md)