
113 lines
2.7 KiB

# Configuring the Kubernetes Client - Remote Access
## Download and Install kubectl
### OS X
wget https://storage.googleapis.com/kubernetes-release/release/v1.4.0/bin/darwin/amd64/kubectl
chmod +x kubectl
sudo mv kubectl /usr/local/bin
### Linux
wget https://storage.googleapis.com/kubernetes-release/release/v1.4.0/bin/linux/amd64/kubectl
chmod +x kubectl
sudo mv kubectl /usr/local/bin
## Configure Kubectl
In this section you will configure the kubectl client to point to the [Kubernetes API Server Frontend Load Balancer](04-kubernetes-controller.md#setup-kubernetes-api-server-frontend-load-balancer).
### GCE
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes \
--format 'value(address)')
### AWS
KUBERNETES_PUBLIC_ADDRESS=$(aws elb describe-load-balancers \
--load-balancer-name kubernetes | \
jq -r '.LoadBalancerDescriptions[].DNSName')
### Azure
# we are configuring kubectl on jumpbox
# The controllers are exposed via internal load balancer
# access is only allowed within the VNET
# (outside the vnet ssh -L ... port 6443 .. from jumpbox to internal lb)
KUBERNETES_PUBLIC_ADDRESS=$(azure network lb show \
--resource-group the-hard-way \
--name the-hard-way-clb \
--json | \
jq -r '.frontendIPConfigurations[0].privateIPAddress')
Recall the token we setup for the admin user:
# /var/lib/kubernetes/token.csv on the controller nodes
Also be sure to locate the CA certificate [created earlier](02-certificate-authority.md). Since we are using self-signed TLS certs we need to trust the CA certificate so we can verify the remote API Servers.
### Build up the kubeconfig entry
The following commands will build up the default kubeconfig file used by kubectl.
kubectl config set-cluster kubernetes-the-hard-way \
--certificate-authority=ca.pem \
--embed-certs=true \
kubectl config set-credentials admin --token chAng3m3
kubectl config set-context default-context \
--cluster=kubernetes-the-hard-way \
kubectl config use-context default-context
At this point you should be able to connect securly to the remote API server:
kubectl get componentstatuses
controller-manager Healthy ok
scheduler Healthy ok
etcd-2 Healthy {"health": "true"}
etcd-0 Healthy {"health": "true"}
etcd-1 Healthy {"health": "true"}
kubectl get nodes
worker0 Ready 7m
worker1 Ready 5m
worker2 Ready 2m