kubectl config commands¶
kubectl config commands are used to manage the kubeconfig file, which defines how kubectl communicates with Kubernetes clusters^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md].
Configuration Structure¶
The kubeconfig file organizes connection parameters into three main elements^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
- Clusters: Defines the cluster's server URL (for
kube-apiserver) and certificate authority data^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]. - Users: Defines authentication credentials, such as client certificates, bearer tokens, or auth-provider configurations^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md].
- Contexts: Groups a specific cluster, user, and namespace into an alias. When a context is active, all
kubectlcommands target that triplet^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md].
Viewing Configuration¶
To display the entire configuration file, use the view subcommand^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config view
To view only the configuration relevant to the currently active context, use the --minify flag^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config view --minify
To check which context is currently active, use the following command^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config current-context
Managing Contexts¶
A Context acts as a convenient alias (or shortcut) on the client side, directing kubectl to use a specific cluster, user, and namespace^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]. This is particularly useful for managing access across multiple environments (e.g., development vs. production) or namespaces (e.g., frontend vs. backend)^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md].
Creating or Modifying Contexts¶
Use the set-context command to create or update a context definition^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config set-context <CONTEXT_NAME> \
--cluster=<CLUSTER_NAME> \
--user=<USER_NAME> \
--namespace=<NAMESPACE_NAME>
Switching Contexts¶
To change the active context, use the use-context command^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config use-context <CONTEXT_NAME>
Deleting Contexts¶
To remove a context from the configuration, use the unset command^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config unset contexts.<CONTEXT_NAME>
Managing Clusters and Users¶
While cloud platforms often manage cluster and user entries automatically via their CLIs or SDKs, kubectl provides commands to manage them manually^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md].
Set Cluster¶
To define a cluster's server endpoint and certificate authority^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config set-cluster <CLUSTER_NAME> \
--server=<SERVER_ADDRESS> \
--certificate-authority=<CA_FILE_PATH>
Set Credentials¶
To define a user's authentication method (e.g., using client certificates)^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
[kubectl](<./kubectl.md>) config set-credentials <USER_NAME> \
--client-certificate=<CERT_FILE_PATH> \
--client-key=<KEY_FILE_PATH>
Deleting Users and Clusters¶
You can remove users and clusters using the unset command^[400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md]:
# Delete a user
[kubectl](<./kubectl.md>) config unset users.<USER_NAME>
# Delete a cluster
[kubectl](<./kubectl.md>) config unset clusters.<CLUSTER_NAME>
Related Concepts¶
- Kubernetes
- [[RBAC]]
- kube-apiserver
Sources¶
400-devops__06-Kubernetes__k8s-ithelp__Day28__README.md