Accessing a Kubernetes cluster

From MyWiki
Revision as of 14:43, 22 September 2019 by George2 (Talk | contribs)

Jump to: navigation, search

We access a Kubernetes cluster by three methods:

  • kubectl, the CLI tool
  • Kubernetes Dashboard
  • curl with the right credentials to access the cluster via APIs

$ kubectl config view
$ kubectl cluster-info
$ kubectl cluster-info dump


$ minikube dashboard
$ kubectl proxy

When kubectl proxy is running, we can send requests to the API over the localhost on the proxy port 8001 (from another terminal, since the proxy locks the first terminal):

$ curl http://localhost:8001/

We can explore every single path combination with curl or in a browser, such as:
http://localhost:8001/api/v1
http://localhost:8001/apis/apps/v1
http://localhost:8001/healthz
http://localhost:8001/metrics

APIs - without 'kubectl proxy
When not using the proxy we need to authenticate to the API server with either a Bearer Token or by providing a set of keys and certificates
A Bearer Token is an access token which is generated by the authentication server (the API server on the master node) and given back to the client.
Get the token: 

$ TOKEN=$(kubectl describe secret -n kube-system $(kubectl get secrets -n kube-system | grep default | cut -f1 -d ' ') | grep -E '^token' | cut -f2 -d':' | tr -d '\t' | tr -d " ")
Retrieved from "https://wiki.twig.es/index.php?title=Accessing_a_Kubernetes_cluster&oldid=4556"