Skip to content

Instantly share code, notes, and snippets.

@kadel

kadel/k8s_remote_connect.md

Last active August 13, 2018 08:37
Show Gist options
  • Save kadel/9d9d4949a8035cd0c5fb to your computer and use it in GitHub Desktop.
Save kadel/9d9d4949a8035cd0c5fb to your computer and use it in GitHub Desktop.
Download ZIP
Connect to Kubernetes from outside the Vagrant box
Raw
k8s_remote_connect.md

Connect to Kubernetes from outside the Vagrant box

inside vagrant box

get secret name for default service account

SECRET_NAME=$(kubectl get serviceaccounts default -o template --template="{{ (index .secrets 0).name }}")

get service token

kubectl  get secret $SECRET_NAME -o template --template="{{.data.token}}" | base64 -d

copy result

outside vagrant box (host machine)

create file ~/.kube/config:

apiVersion: v1
clusters:
- cluster:
    insecure-skip-tls-verify: true
    server: https://<vagrant_box_ip>:6443
  name: k8s
contexts:
- context:
    cluster: k8s
    user: "serviceaccount"
  name: k8s
current-context: k8s
kind: Config
preferences: {}
users:
- name: serviceaccount
  user:
    token: <paste_token_from_previous_step_here>

TODO and imporovements:

  • copy out and use k8s CA certificate from Vagrant box instead of insecure-skip-tls-verify: true
@navidshaikh
Copy link

copy out and use k8s CA certificate from Vagrant box instead of insecure-skip-tls-verify: true

The copy part needs needs to be automated and in the scope of vagrant-service-manager plugin. In addition to copy the cert, the required environment variable KUBECONFIG should be set with config path on host machine. https://cloud.google.com/container-engine/docs/kubectl/config

@praveenkumar
Copy link

http://kubernetes.io/docs/admin/authentication/ => way how we can create ca certs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment