KubeConfig

KubeConfig file is used by kubectl command to access kubernetes clusters. This file is usually present at path $HOME/.kube/config, however we can specify custom config file using flag --kubeconfig as shown below.

kubectl --kubeconfig=config get pods

Contents of KubeConfig

It mainly has three sections:

apiVersion: v1
kind: Config
clusters:
 
users:
 
contexts:

clusters array lists all the clusters. users list all the users and contexts all the contexts.

Following shows a simple KubeConfig file,

custom-config.yaml

apiVersion: v1
kind: Config
clusters:
    - cluster:
          server: https://127.0.0.1:32801
          certificate-authority: /path/ca.crt
      name: kube
users:
    - name: kube-ser
      user:
          client-certificate: /path/client.crt
          client-key: /path/client.key
contexts:
    - name: kube
      context:
          cluster: kube
          user: kube-user
current-context: kube

This file can then be used by kubectl command.

We can view the config using command kubectl config view. There are some more useful subcommands in kubectl config.

While we can provide path to certificates and key as shown in above sample config file, the certificates data can be used instead by appending -data to the field such as certificate-authority-data, client-certificate-data etc.

Note

To access kubernetes using api, we also need to provide these certificates information as

curl https://127.0.0.1:32801/api/v1/serviceaccounts/ \
   --key /home/nitin/.minikube/profiles/kube/client.key \
   --cert /home/nitin/.minikube/profiles/kube/client.crt \
   --cacert /home/nitin/.minikube/ca.crt

References

1. https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/
2. https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/