Connecting to the cluster

Using Kubectl

Personal Kubeconfig

One way to interact with your cluster is by downloading the kubeconfig file and using kubectl. This allows you to manage and interact with your cluster directly from the command line.

To download the Kubeconfig, go to the Clusters page in the KKP interface and select the appropriate cluster. On the top-right corner of the page, you will find a Get Kubeconfig button to download the Kubeconfig file.

Note: In order to interact with your cluster from outside EWC, you need to make sure HTTPS access to destination port 6443 is allowed on your organization's firewall.




Note: Ensure that kubectl is installed on your system before using the kubeconfig file to interact with the cluster. If kubectl is not installed, you will not be able to execute commands.

Once you have downloaded the kubeconfig file, export it to your environment to start interacting with your cluster.

$ export KUBECONFIG=/tmp/kubeconfig-xf76qxjzk9
$ $ kubectl get nodes
NAME                                        STATUS   ROLES    AGE    VERSION
xf76qxjzk9-worker-74555n-668bb77cc6-wtsmv   Ready    <none>   3m8s   v1.30.12 

The kubeconfig file uses OIDC tokens to authenticate with the cluster. The token contained in the downloaded file has a 1-day expiration time, after that it has to be refreshed using the refresh token stored in the file or a new kubeconfig file has to be downloaded.

Service Account Kubeconfig

For use-cases where non-expiring tokens are required, a service account with a role binding shall be created on the cluster.

  1. Create a new service account
  2. Add a cluster or namespace-level role binding to the new account
  3. Download the kubeconfig of the service account

Using the Web Terminal

The Web Terminal allows direct kubectl access to a cluster from the KKP dashboard. This enables you to manage your cluster using kubectl commands directly through the web interface.

To access it, click the Web Terminal button located on the top-right side of the user cluster page.



Note: On your first usage of the Web Terminal, a new tab is opened to establish an authentication session. You can safely close this tab and return to the previous tab to access the terminal.

Once the web terminal is open, it will appear at the bottom of the page, and you can begin using kubectl to interact with your cluster.

  • No labels