Shulou(Shulou.com)06/01 Report--

In this issue, the editor will bring you about how to configure multi-cluster access in kubectl. The article is rich in content and analyzed and described from a professional point of view. I hope you can get something after reading this article.

Define clusters, users, and context

Suppose the user has two clusters, one for formal development work (development) and one for other temporary purposes (scratch). In a development cluster, front-end developers work under a namespace called frontend, and storage developers work under a namespace called storage. In a scratch cluster, developers may work under the default namespace, or they may create additional namespaces as appropriate. Access to the development cluster needs to be authenticated by certificate. Access to other temporary clusters needs to be authenticated by username and password.

Create a directory named config-exercise. In the config-exercise directory, create a file named config-demo with the following contents:

ApiVersion: v1kind: Configpreferences: {} clusters:- cluster: name: development- cluster: name: scratchusers:- name: developer- name: experimentercontexts:- context: name: dev-frontend- context: name: dev-storage- context: name: exp-scratch

The configuration file describes the cluster, user name, and context. The config-demo file contains a framework that describes two clusters, two users, and three contexts.

Enter the config-exercise directory. Add the cluster details to the configuration file by entering the following command:

Kubectl config--kubeconfig=config-demo set-cluster development-server= https://1.2.3.4-certificate-authority=fake-ca-filekubectl config--kubeconfig=config-demo set-cluster scratch-server= https://5.6.7.8-insecure-skip-tls-verify

Add user details to the profile:

Kubectl config--kubeconfig=config-demo set-credentials developer-client-certificate=fake-cert-file-client-key=fake-key-seefilekubectl config--kubeconfig=config-demo set-credentials experimenter-username=exp-password=some-password

Add context details to the configuration file:

Kubectl config--kubeconfig=config-demo set-context dev-frontend-- cluster=development-- namespace=frontend-- user=developerkubectl config--kubeconfig=config-demo set-context dev-storage-- cluster=development-- namespace=storage-user=developerkubectl config--kubeconfig=config-demo set-context exp-scratch-- cluster=scratch-- namespace=default-- user=experimenter

Open the config-demo file to view the added details. You can also use the config view command to view:

Kubectl config--kubeconfig=config-demo view

The output shows two clusters, two users, and three contexts:

ApiVersion: v1clusterscluster: certificate-authority: fake-ca-file server: https://1.2.3.4 name: development- cluster: insecure-skip-tls-verify: true server: https://5.6.7.8 name: scratchcontexts:- context: cluster: development namespace: frontend user: developer name: dev-frontend- context: cluster: development namespace: storage user: developer name: dev-storage- context: cluster: scratch namespace: Default user: experimenter name: exp-scratchcurrent-context: "" kind: Configpreferences: {} users:- name: developer user: client-certificate: fake-cert-file client-key: fake-key-file- name: experimenter user: password: some-password username: exp

Each context consists of three parts (cluster, user, and namespace). For example, the dev-frontend context indicates that the developer cluster's frontend namespace is accessed using the credentials of the development user.

Set the current context:

Kubectl config--kubeconfig=config-demo use-context dev-frontend

Now when you enter the kubectl command, the corresponding actions are applied to the clusters and namespaces listed in the dev-frontend context, and the command uses the credentials of the users listed in the dev-frontend context.

Use the-- minify parameter to view the configuration information associated with the current context.

Kubectl config--kubeconfig=config-demo view-- minify

The output shows the dev-frontend context-sensitive configuration information:

ApiVersion: v1clusterscluster: certificate-authority: fake-ca-file server: https://1.2.3.4 name: developmentcontexts:- context: cluster: development namespace: frontend user: developer name: dev-frontendcurrent-context: dev-frontendkind: Configpreferences: {} users:- name: developer user: client-certificate: fake-cert-file client-key: fake-key-file

Now assume that the user wants to work in another temporary use cluster for a period of time.

Change the current context to exp-scratch:

Kubectl config--kubeconfig=config-demo use-context exp-scratch

Any commands now issued by the user kubectl will be applied to the default namespace of the scratch cluster. At the same time, the command uses the credentials of the user listed in the exp-scratch context.

View the updated exp-scratch-related configuration for the current context:

Kubectl config--kubeconfig=config-demo view-- minify

Finally, suppose the user wants to work under the storage namespace in the development cluster for a period of time.

Change the current context to dev-storage:

Kubectl config--kubeconfig=config-demo use-context dev-storage

View the updated dev-storage-related configuration for the current context:

Kubectl config--kubeconfig=config-demo view-- minify creates a second configuration file

In the config-exercise directory, create a file named config-demo-2 that contains the following:

ApiVersion: v1kind: Configpreferences: {} contexts:- context: cluster: development namespace: ramp user: developer name: dev-ramp-up

The configuration file above defines a new context called dev-ramp-up.

Set the KUBECONFIG environment variable

See if there is an environment variable named KUBECONFIG. If so, save the current value of the KUBECONFIG environment variable for later recovery. For example, in Linux:

Export KUBECONFIG_SAVED=$KUBECONFIG

The KUBECONFIG environment variable is a list of configuration file paths separated by colons in Linux and Mac and semicolons in Windows. If you have an KUBECONFIG environment variable, be familiar with the configuration files in the list.

Temporarily add two paths to the KUBECONFIG environment variable. For example, in Linux:

Export KUBECONFIG=$KUBECONFIG:config-demo:config-demo-2

Enter the following command in the config-exercise directory:

Kubectl config view

The output shows the merged information of all the files listed in the KUBECONFIG environment variable. In particular, notice that the merge information contains the dev-ramp-up context from the config-demo-2 file and three contexts from the config-demo file:

Contexts:- context: cluster: development namespace: frontend user: developer name: dev-frontend- context: cluster: development namespace: ramp user: developer name: dev-ramp-up- context: cluster: development namespace: storage user: developer name: dev-storage- context: cluster: scratch namespace: default user: experimenter name: exp-scratch

For more information about how kubeconfig files are merged, please refer to organizing cluster access using kubeconfig files

Explore the $HOME/.kube directory

If the user already has a cluster, they can use kubectl to interact with the cluster. Then there is probably a file called config in the $HOME/.kube directory.

Go to the $HOME/.kube directory and see what files are there. There is usually a file called config, and there may be other configuration files in the directory. Please simply familiarize yourself with the contents of these files.

Append $HOME/.kube/config to the KUBECONFIG environment variable

If you have a $HOME/.kube/config file that is not already listed in the KUBECONFIG environment variable, append it to the KUBECONFIG environment variable now. For example, in Linux:

Export KUBECONFIG=$KUBECONFIG:$HOME/.kube/config

Enter the following command in the configuration activity directory to view the merged configuration information for all the files listed in the current KUBECONFIG environment variable:

Kubectl config view cleanup

Restore the KUBECONFIG environment variable to the original value. For example, in Linux:

Export KUBECONFIG=$KUBECONFIG_SAVED above is how to configure multi-cluster access in the kubectl shared by the editor. If you happen to have similar doubts, please refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.