/
cluster-credentials.html.md.erb
65 lines (46 loc) · 2.84 KB
/
cluster-credentials.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
---
title: Retrieving Cluster Credentials and Configuration
owner: PKS
---
<strong><%= modified_date %></strong>
This topic describes how to use the `pks get-credentials` command in <%= vars.product_full %> using the PKS Command Line Interface (PKS CLI).
The `pks get-credentials` command performs the following actions:
- Fetch the cluster's kubeconfig
- Add the cluster's kubeconfig to the existing kubeconfig
- Create a new kubeconfig, if none exists
- Switch the context to the `CLUSTER-NAME` provided
When you run `pks get-credentials CLUSTER-NAME`, PKS sets the context to the cluster you provide as the `CLUSTER-NAME`.
PKS binds your username to the cluster and populates the kubeconfig file on your local workstation with cluster credentials and configuration.
The default path for your kubeconfig is `$HOME/.kube/config`.
If you access multiple clusters, you can choose to use a custom kubeconfig file for each cluster.
To save cluster credentials to a custom kubeconfig, use the `KUBECONFIG` environment variable when you run `pks get-credentials`.
For example:
<pre class="terminal">$ KUBECONFIG=/path/to/my-cluster.config pks get-credentials my-cluster</pre>
##<a id='get-credentials'></a> Retrieve Cluster Credentials
Perform the following steps to populate your local kubeconfig with cluster credentials and configuration:
1. <%= partial 'login-pks-api' %>
1. Run the following command:
<pre>
pks get-credentials CLUSTER-NAME
</pre>
Where `CLUSTER-NAME` is the unique name for your cluster.
</br>
</br>
For example:
<pre class="terminal">$ pks get-credentials pks-example-cluster
Fetching credentials for cluster pks-example-cluster.
Context set for cluster pks-example-cluster.
You can now switch between clusters by using:
$kubectl config use-context <cluster-name>
</pre>
<p class="note"><strong>Note</strong>: If you enable OpenID Connect (OIDC) in the <%= vars.product_tile %> tile,
PKS requires your password to run the <code>pks get-credentials CLUSTER-NAME</code> command.
This allows PKS to retrieve valid tokens for the kubeconfig file. You can provide your password at the prompt
or as the <code>PKS_USER_PASSWORD</code> environment variable. For more information, see the
<em>Configure OpenID Connect</em> section of <a href="installing.html">Installing <%= vars.product_short %></a>
for your IaaS.</p>
<%= partial "saml-sso-login" %>
##<a id='kubectl'></a> Run kubectl Commands
After PKS populates your kubeconfig, you can use the Kubernetes Command Line Interface (kubectl) to run commands against your Kubernetes clusters.
See [Installing the Kubernetes CLI](installing-kubectl-cli.html) for information about installing kubectl.
For information about using kubectl, refer to the [Kubernetes documentation](https://kubernetes.io/docs/user-guide/kubectl-overview/).