railiance-cluster/docs/kubeconfig.md

45 lines
1.1 KiB
Markdown
Raw Normal View History

# Kubeconfig — HostEurope cluster
## Where it lives
After running `make k3s-install`, the bootstrap playbook fetches the kubeconfig
from the HostEurope node to:
```
~/.kube/config-hosteurope
```
This file is gitignored (contains the cluster CA and client certificate) and
must never be committed.
## Using it directly
```bash
export KUBECONFIG=~/.kube/config-hosteurope
kubectl get nodes
```
## Merging into ~/.kube/config
```bash
KUBECONFIG=~/.kube/config:~/.kube/config-hosteurope \
kubectl config view --flatten > /tmp/merged-config
mv /tmp/merged-config ~/.kube/config
chmod 600 ~/.kube/config
```
## Switching context
```bash
kubectl config get-contexts
kubectl config use-context default # or the context name shown above
```
## Security note
The kubeconfig grants full cluster-admin access. Keep it on the control node
only. Do not share or commit it. The server address inside the file is
`127.0.0.1` (k3s default) — if you need to reach the cluster remotely you
will need to either replace the address with the node's actual IP, or use an
SSH tunnel.