多K8s集群切换:Kubectl客户端配置全记录
导读:Kubectl客户端使我们可以在多个K8s集群之间进行配置和轻松切换。
kubectl的配置文件位置
kubectl配置文件的主要位置是$ HOME / .kube,默认情况下,我们有一个名为config的配置文件:
[node1 ~]$ cd $HOME/.kube[node1 .kube]$ ls -lahtotal 4.0Kdrwxr-xr-x 1 root root 37 Mar 12 20:48 .dr-xr-x--- 1 root root 19 Nov 29 11:46 ..drwxr-x--- 3 root root 23 Mar 12 20:48 cachelrwxrwxrwx 1 root root 26 Nov 29 11:46 config -> /etc/kubernetes/admin.confdrwxr-x--- 3 root root 4.0K Mar 12 20:48 http-cache
多个配置文件和KUBECONFIG变量
通过设置适当的KUBECONFIG shell变量,我们可以拥有多个配置文件。
例如:
export KUBECONFIG=$KUBECONFIG:/root/.kube/additional_config
从kubectl检查配置
我们可以检查当前的配置(由于我的Additional_config文件中没有任何内容,因此将为空-我们稍后将添加一些内容-这只是我的KUBECONFIG变量中的文件):
[node1 ~]$ kubectl config viewapiVersion: v1clusters: []contexts: []current-context: ""kind: Configpreferences: {}users: []
或来自特定文件-让我们看看默认文件:
[node1 ~]$ kubectl config --kubeconfig=.kube/config viewapiVersion: v1clusters:- cluster:certificate-authority-data: DATA+OMITTEDserver: https://192.168.0.38:6443name: kubernetescontexts:- context:cluster: kubernetesuser: kubernetes-adminname: kubernetes-admin@kubernetescurrent-context: kubernetes-admin@kuberneteskind: Configpreferences: {}users:- name: kubernetes-adminuser:client-certificate-data: REDACTEDclient-key-data: REDACTED
如果您未设置KUBECONFIG变量,则所有配置都将从$ HOME / .kube / config中获取
kubectl配置中的对象
kubectl在其配置文件中具有以下对象类型
集群-有关K8s集群的信息-包含群集名称和连接参数
users-有关您要连接到K8s集群的用户的信息
上下文-集群/用户/命名空间的三倍
从kubectl修改配置
添加集群
[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config set-cluster dev --server=https://192.168.1.100 --certificate-authority=fake-caCluster "dev" set.[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config set-cluster prod --server=https://10.1.1.100 --certificate-authority=fake-caCluster "prod" set.
新增使用者
[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config set-credentials developer --client-certificate=fake-cert-file --client-key=fake-key-seefileUser "developer" set.[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config set-credentials prod_admin --client-certificate=fake-cert-file --client-key=fake-key-seefileUser "prod_admin" set.
添加上下文
[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config set-context simple_app_development --cluster=dev --namespace=simple_app_dev --user=developerContext "simple_app_development" created.[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config set-context simple_app_production --cluster=prod --namespace=simple_app_prod --user=prod_adminContext "simple_app_production" created.
从配置中删除集群/用户/上下文
kubectl --kubeconfig=.kube/additional_config config unset users.kubectl --kubeconfig=.kube/additional_config config unset clusters.kubectl --kubeconfig=.kube/additional_config config unset contexts.
样本配置
[node1 ~]$ kubectl config --kubeconfig=.kube/additional_config viewapiVersion: v1clusters:- cluster:certificate-authority: /root/fake-caserver: https://192.168.1.100name: dev- cluster:certificate-authority: /root/fake-caserver: https://10.1.1.100name: prodcontexts:- context:cluster: devnamespace: simple_app_devuser: developername: simple_app_development- context:cluster: prodnamespace: simple_app_produser: prod_adminname: simple_app_productioncurrent-context: ""kind: Configpreferences: {}users:- name: developeruser:client-certificate: /root/fake-cert-fileclient-key: /root/fake-key-seefile- name: prod_adminuser:client-certificate: /root/fake-cert-fileclient-key: /root/fake-key-seefile
改变环境
要获取上下文列表(不需要--kubeconfig,因为我们已将extra_config添加到KUBECONFIG变量中):
[node1 ~]$ kubectl config get-contextsCURRENT NAME CLUSTER AUTHINFO NAMESPACEsimple_app_development dev developer simple_app_devsimple_app_production prod prod_admin simple_app_prod
设置上下文:
[node1 ~]$ kubectl config use-context simple_app_developmentSwitched to context "simple_app_development".
获取当前上下文:
[node1 ~]$ kubectl config current-contextsimple_app_development
欢迎关注开源村公众号了解更多技术开源资讯和技术分享
