Difference between revisions of "~/.kube/config"

From wikieduonline
Jump to navigation Jump to search
Line 81: Line 81:
 
* [[Config]] files
 
* [[Config]] files
 
* <code>[[aws eks get-token]]</code>
 
* <code>[[aws eks get-token]]</code>
 +
* [[Connect to K8s cluster]]
  
 
== See also ==
 
== See also ==

Revision as of 07:44, 31 October 2022

~/.kube/config
apiVersion: v1
clusters: null
contexts: null
current-context: ""
kind: Config
preferences: {}
users: null


Configure

Examples

apiVersion: v1 
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiDATAREMOVEDCg==
    server: https://00AXXXXXXXXXX1B.gr7.us-east-2.eks.amazonaws.com
  name: arn:aws:eks:us-east-2:123455:cluster/education-eks-Ry318DCv 
contexts:
- context:
    cluster: arn:aws:eks:us-east-2:123456:cluster/education-eks-Ry318DCv
    user: arn:aws:eks:us-east-2:123455:cluster/education-eks-Ry318DCv
  name: arn:aws:eks:us-east-2:123456:cluster/education-eks-Ry318DCv 
current-context: arn:aws:eks:us-east-2:123456:cluster/education-eks-Ry318DCv 
kind: Config
preferences: {}
 users:
 - name: arn:aws:eks:us-east-2:123456:cluster/education-eks-Ry318DCv
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1alpha1
      args:
      - --region
      - us-east-2
      - eks
      - get-token
      - --cluster-name
      - education-eks-Ry318DCv
      command: aws
      env:
      - name: AWS_PROFILE
        value: your_aws_profile


Example

- name: your-cluster-name
  user:
    auth-provider:
      config:
        access-token: ya29.a0AVA9y1sXXXXC-z107gauQ0174
        cmd-args: config config-helper --format=json
        cmd-path: /Users/my-user/brew/Caskroom/google-cloud-sdk/latest/google-cloud-sdk/bin/gcloud
        expiry: "2022-08-25T15:03:28Z"
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: your-name

Errors

Error: unable to describe cluster control plane: AccessDeniedException: User: arn:aws:iam::0987654321:user/YOUR_USER is not authorized to perform: eks:DescribeCluster on resource: arn:aws:eks:xx-east-2:0987654321:cluster/my-eks-cluster-name with an explicit deny


kubectl get pods
error: exec plugin: invalid apiVersion "client.authentication.k8s.io/v1alpha1"
aws --version
aws-cli/1.18.147 .../...

Related

See also

Advertising: