How To Access Kubernetes Cluster Post Deployment Using Kubectl On Creodias OpenStack Magnum
This article assumes that you have access to CloudFerro WAW3-1 infrastructure, which has Kubernetes support built-in (OpenStack Magnum module).
If your CREODIAS account has access only to CF2 infrastructure, please contact support to get access to WAW3-1.
In this tutorial, you start with a freshly installed Kubernetes cluster on Cloudferro OpenStack server and connect the main Kubernetes tool, kubectl, to the cloud.
What We Are Going To Cover
How to connect kubectl to the OpenStack Magnum server
How to access clusters with kubectl
No. 1 Hosting
To follow this article, use your Creodias hosting account with WAW3-1 server and Horizon interface.
No. 2 Installation of kubectl
Standard types of kubectl installation are described on Install Tools page of the official Kubernetes site.
No. 3 A cluster already installed on Magnum site
- With Horizon interface: How to Create a Kubernetes Cluster Using Creodias OpenStack Magnum.
- With command line interface: How To Use Command Line Interface for Kubernetes Clusters On Creodias OpenStack Magnum.
- Or, you may want to create a new cluster called k8s-cluster, just for this occasion – by using the following CLI command:
openstack coe cluster create --cluster-template k8s-stable-1.21.5 --labels eodata_access_enabled=false,floating-ip-enabled=true,master-lb-enabled=true --merge-labels --keypair sshkey --master-count 3 --node-count 2 --master-flavor eo1.large --flavor eo1.large k8s-cluster
It takes some 10-20 minutes for the new cluster to form.
In the rest of this text we shall use cluster name k8s-cluster – be sure to use the name of the existing cluster instead.
No. 4 Connect openstack client to the cloud
Prepare openstack and magnum clients by executing Step 2 Connect OpenStack and Magnum Clients to Horizon Cloud from article How To Install OpenStack and Magnum Clients for Command Line Interface to Creodias Horizon.
Follow up the steps listed in Prerequisite No. 2 and install kubectl on the platform of your choice.
Use the existing Kubernetes cluster on Cloudferro or install a new one using the methods outlined in Prerequisites Nos. 3.
Use Step 2 in Prerequisite No. 4 to enable connection of openstack and magnum clients to the cloud.
You are then going to connect kubectl to the Cloud.
Step 1 Download Certificates From the Server
The openstack command to download the corresponding configuration file from Magnum has these input parameters:
openstack coe cluster config --help usage: openstack coe cluster config [-h] [--dir <dir>] [--force] [--output-certs] [--use-certificate] [--use-keystone] <cluster> Get Configuration for a Cluster positional arguments: <cluster> The name or UUID of cluster to update optional arguments: -h, --help show this help message and exit --dir <dir> Directory to save the certificate and config files. --force Overwrite files if existing. --output-certs Output certificates in separate files. --use-certificate Use certificate in config files. --use-keystone Use Keystone token in config files.
You will use command
openstack coe cluster config
to download the files that kubectl needs for authentication with the server. Create a new directory called k8sdir into which the files will be downloaded:
Then download the certificates into that folder:
openstack coe cluster config --dir k8sdir --force --output-certs k8s-cluster
There will be four files:
ls k8sdir ca.pem cert.pem config key.pem
Parameter –output-certs produces .pem files, which are X.509 certificates, originally created so that they can be sent via email. File config combines the .pem files and contains all the information needed for kubectl to access the cloud. Using –force overwrites the existing files (if any), so you are guaranteed to work with only the latest versions of the files from server.
The result of this command is shown in the row below:
Copy this command and paste it into the command line of terminal, then press the Enter key on the keyboard to execute it. System variable KUBECONFIG will be thus initialized and the kubectl command will have access to the config file at all times.
Step 2 Verify That kubectl Has Access to the Cloud
See basic data about the cluster with the following command:
kubectl get nodes -o wide
The result is:
That verifies kubectl has proper access to the cloud.
To see available commands kubectl has, use:
The listing is too long to reproduce here, but here is how it starts:
kubectl also has a long list of options, which are parameters that can be applied to any command. See them with
What To Do Next
With kubectl operational, you can
deploy apps on the cluster,
access multiple clusters,
create load balancers,
access applications in the cluster using port forwarding,
use Service to access application in a cluster,
list container images in the cluster
use Services, Deployments and all other resources in a Kubernetes cluster.
Kubernetes dashboard is a visual alternative to kubectl. To install it, see Using Dashboard To Access Kubernetes Cluster Post Deployment On Creodias OpenStack Magnum.