45 lines
1.1 KiB
Markdown
45 lines
1.1 KiB
Markdown
|
|
# Kubeconfig — HostEurope cluster
|
||
|
|
|
||
|
|
## Where it lives
|
||
|
|
|
||
|
|
After running `make k3s-install`, the bootstrap playbook fetches the kubeconfig
|
||
|
|
from the HostEurope node to:
|
||
|
|
|
||
|
|
```
|
||
|
|
~/.kube/config-hosteurope
|
||
|
|
```
|
||
|
|
|
||
|
|
This file is gitignored (contains the cluster CA and client certificate) and
|
||
|
|
must never be committed.
|
||
|
|
|
||
|
|
## Using it directly
|
||
|
|
|
||
|
|
```bash
|
||
|
|
export KUBECONFIG=~/.kube/config-hosteurope
|
||
|
|
kubectl get nodes
|
||
|
|
```
|
||
|
|
|
||
|
|
## Merging into ~/.kube/config
|
||
|
|
|
||
|
|
```bash
|
||
|
|
KUBECONFIG=~/.kube/config:~/.kube/config-hosteurope \
|
||
|
|
kubectl config view --flatten > /tmp/merged-config
|
||
|
|
mv /tmp/merged-config ~/.kube/config
|
||
|
|
chmod 600 ~/.kube/config
|
||
|
|
```
|
||
|
|
|
||
|
|
## Switching context
|
||
|
|
|
||
|
|
```bash
|
||
|
|
kubectl config get-contexts
|
||
|
|
kubectl config use-context default # or the context name shown above
|
||
|
|
```
|
||
|
|
|
||
|
|
## Security note
|
||
|
|
|
||
|
|
The kubeconfig grants full cluster-admin access. Keep it on the control node
|
||
|
|
only. Do not share or commit it. The server address inside the file is
|
||
|
|
`127.0.0.1` (k3s default) — if you need to reach the cluster remotely you
|
||
|
|
will need to either replace the address with the node's actual IP, or use an
|
||
|
|
SSH tunnel.
|