k8s学习(33):kubeconfig-配置文件上下文

发表于 更新于 分类于

kubeconfig配置文件包含连接k8s集群的相关认证信息,通过这个配置文件可以快速的与k8s集群进行相关创建查询等操作

示例

查看默认config

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
root@node01:~# cat ~/.kube/config 
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01EVXdNekEzTXpNeU1Gb1hEVE13TURVd01UQTNNek15TUZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTDI1CmtGY1AyeEtxc0crQ2NWZ3Zpa2lWOVJVcDBqNlFiYTN0akFoanhxeXFleWpuQmQvNkh3WldjWlpXVXFJU1ZuTEwKTHdMRlJqQXpCSy90b2d1WDgweWUySjdkeEEzTVQvTG4wWEM0NUdmdFFRS3hIT3Z0TVRNRjBkakFDenZNN1hTOQp2OWMyc0tPTU1BY1AxcXEyeE9iRk1EdTJkcVY4SE1SQXladnZ2MXZWNGJZeXRSaDB3YTNrQmJIM29aclU4SWh4Clp3L0ZwbWVVaWtPcW5lMldSZnRoUU0vYkRZWjlDT0hrRnQvTG9wOEhyRjhvcWJneVVXRWNGNlhVbGlMbUFIRTEKK2ZxWnBsa3dOMFZYUWZVbExMcmt1aHAzUWVseHcrQVVwelk3UnkvYS9sZmlrVURZQVVhbnpnMk9mdk95aXM4eQpObW40T1IrVUk3eXlXMDg4TDlzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFJb3o4Vk1MVlYxQ25uQjF2UXUwNDNKSnk0eWMKTUNuQTRodDJJS1BiMFN6ZGRNY0hqTThEVHdsNEUxWnVHdEI0N2U2akpsNUpEMk81NTFZQS9ScE5CaDJaY0lGMAozTVJMZUlyZnQyWjl5T2V0Y01hZFAwUmxHcFZxUktXRC84TS9DLy9tVVJyYzViUnY2SVA5ZWYxeEFuSGRPZmRMCmF5ZVc1QTk1aU9JQUg1MzJzSTdTcGYzcjVBb1dCRXNCcWdweXdzN1orRW1sOUpBeDlsd2tlOTFPOFVHcEM2KzcKZ2cxKzlpMDhEV0VmRFFGNmJ4ZG1nQjl3L1RaNkJNbXZDVDhXaXZxcEJXeFpBdU9XdE5XTlhPeXdsOXFidkt2eApJVHgyM0ljcitJemszYWFCYmJoL0o4TU03Tm5XcFNGWlRkL1JIcEpwbFpySnRLb1BBNEpWV0RpdVB2VT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
    server: https://172.31.25.174:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJRU1rRlV1VjdLR0F3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TURBMU1ETXdOek16TWpCYUZ3MHlNVEExTURNd056TXpNakphTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXhsV29CQVBrT1pQTlk1WnQKZ3YveHdWN0xHdnNJS05pd0E1Z0YvLy93RjVHVEZITnkzT1NQdGg2VlEra1lyRnFuWGxvZlVaTzVjaFIvVnVQcQptbGlIS0RvMXRBaTZYR0VGeWhjdlZBeUZLTnBySSt5eFBoRmdFRDVPUXcySmVMakZOQTdYRUJYQitrQTQxbElPCm5yZGwwTGFuK1lZcTQ5YVI5ZnJDQURjaTdBclJ3M0liWUZNOTZjRmQ4bC8rZzh0QTROYXpDRlFoWmlKWXZiOUsKTDRVeFZ3YXN3a0E0bXMxeG9EL25TZXJPUm1TQkM3TVNpd1QvNi9YWVpwMlBKSHBLaU9FSHIyQnpKWGN1R1NjdQpIaVFIZWFzTFl2MzBiK0hNMWhwK1RiM1NVUGJTT3pJUEtITHNlcGo3VCtPcC9rZjJCeXdQSm5rbEUvbTYxeS9PCnN1V3lCUUlEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFKSDFYQUNxMG8rTnFFeU03MGdPMU96MVk2cHJmUzJ4MHZvWgpoSDNoWkJvVUhsZVoxVFc3ejBtYnpoYnExVGdJSXpISnI4eitvK0tmdmN1OC9VMmMzV2k1b0FNdzdldm5FUnhKClVmMTVqaGhGOEFrSnVRWUxhdE1ENjlkUERDV3V3ZnJYei9QQzk2WEROZXQxWWppV1dQRU1XNGU0azF6U3l5eE0KRTBSb0Z6Qzk3dzVzUXVSNUYvcEw0VDQ3SFR6WEJkQlczcjNQbFhGVVRvM2hOaWtDaXpBOEpNTk0zaG9CZlBaOApYaytQVTRNSWVPUXFhOWMxY2J1dTMxR2FEcFpCOFJzTldMVGhhaW5yZmY4MkVRRG9FMk5IcGdpU0RTWEU5UGpCCklydVJzRFNiK3RGTk1sL0dYU0w3VnFkUGdnY0FtbHBWYnVsNHFjdjFlQXVUVlg2NDVJcz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBeGxXb0JBUGtPWlBOWTVadGd2L3h3VjdMR3ZzSUtOaXdBNWdGLy8vd0Y1R1RGSE55CjNPU1B0aDZWUStrWXJGcW5YbG9mVVpPNWNoUi9WdVBxbWxpSEtEbzF0QWk2WEdFRnloY3ZWQXlGS05wckkreXgKUGhGZ0VENU9RdzJKZUxqRk5BN1hFQlhCK2tBNDFsSU9ucmRsMExhbitZWXE0OWFSOWZyQ0FEY2k3QXJSdzNJYgpZRk05NmNGZDhsLytnOHRBNE5hekNGUWhaaUpZdmI5S0w0VXhWd2Fzd2tBNG1zMXhvRC9uU2VyT1JtU0JDN01TCml3VC82L1hZWnAyUEpIcEtpT0VIcjJCekpYY3VHU2N1SGlRSGVhc0xZdjMwYitITTFocCtUYjNTVVBiU096SVAKS0hMc2VwajdUK09wL2tmMkJ5d1BKbmtsRS9tNjF5L09zdVd5QlFJREFRQUJBb0lCQVFDZ3dFQkRzTnZFQnhYTApoOXNPK0Y5NytWYnBjVm0xc1p0SDdtbStpalNSQmI2T0x0eUVTUVJwK2ZQRmJTSkFYK0dUeWJ2a3BMVUR6N1UrCk9kQ21kT1puSm5ic2lyNXhyWG5CeUhUbHpKZ0krcThvR09tM2d1RzNpS2hxRklpOXZoU29FdmNnNUdHcWNXOGYKMXJaZTBnckYxYVhqeW1qczdiYTBCaUJEaUd6WG5xZDJYdDhCTWx4V2wybVVKc3pCT0V0NDV1MXd6dnZJbEUzYwpURnF5VFlhZVYzR3N1TGJLTXVGZ3hxYjVhbGo4d2F3QnR2RSs5aWpHSU9jQ3VBdGR0aHpOcHFSRWd6QzFZU0NXCmxqRTlieUFXWmpMNGtHT3NCWjFUVXluTUlvOXhqQS9peU0zcG1qSkhEbkF3eG1tVVFvZlMwVjh4L0w5bVFJVVUKelJWMkx3d0JBb0dCQU81K3J3VFdIdm4xd3MrMkFSdE1OMFRJNGJNMFRma0Z6THFBcWJicFBXSThvd0pSQW4rdApMbmVFZURXZ2tpcWwwbGk5Zno5MmdIRHNPZ2JhVW1lWkV5TEIwVm9LQmhSNzh5M1VFS0x0eVpyOThDZ3VxRGkrCnJNQzN3eUNHaUNvQnM3K1dPeUVXL2FOTDdCUGlOaUhYTWFJNnBlSEFTeHhEaGp0R2lqRDhSKzZCQW9HQkFOVGsKWEpUSHlrNmI4YTFjcXpreU5ybVIxRjYwa2ZvY2tvc3BDTWVYWm9zR0tDeWY4SldnUjZqNnVtSkQ4cmNmRnBLOQp5YURCZmJUalhpNDgyRE5KTWh3bEFUcmVxTE1KMjM1Z2tKb21lTGlmbUZYRTJEbEVHNVdmYnRUb3J3L0lhbnE5Cm1TczVwR3UyYUQxd3RoSDU4Q0MrcGVFeWEwcnVzczlYQ01va2hFbUZBb0dBRE5UWUNjU1RhaE5rNWRQKy96NzgKZ2tEa2s4V3VwRVZCbkk4cmttRytJYmp0ZEVSemcvY0hWdnJUbE44TXZpcXB4SWg5ZmlhY0JuZFBMK3N6SDh2RwprY29udjFabXVWZHAzLzlXM2MwNVdaTnNCbDFzUTVGT3JoZTA4ZDBMR21kNUNrZkU2cVRZQko4akZuYkhQczdiCkpzVk5BM1piRkN3MTNwNk85TSs5OXdFQ2dZRUFnV2FvNjNvZyt2VUl5a0pJaFFTRGhQb2g1c3JFN0F6UCtpd2YKL1FtR3Q3d3ZVU2lLV0xoS3RtaG9QL0JqS0hHS0MvbTJBN040a0NtZmhtVlBXS1VHQTF0dXl2U3AvK0ZlL0FyLworZUttZ0RucG8wQjUyUjBQMHp0TVo3ZGpLU205cHd0MWZYT1ZBQytvWHFnUzB3eGpxOU9XQ2pMV1NuNmFTekx3CjBjV3VidTBDZ1lCZEdGN0p5Qko2NDlOeWxmRnhLTks3R29ZMTB1NDcwdWZSQmJBc29EdEI0UzZIRnpSL0I3YncKMkt0L2x6MFFTWE5rMHFPeEQ0aTY5aXhqRkF6djlZNFlyU0NaQ3d6UUZqbC80cVhzRkk5UTVJQ29UKzdDOU1GMwpMZjlYdnA4Nm9ZRlNKTXEwNFFtdGFQWWdJWlFHdS9STytNR3lsNUFwSkdOby9EdE5nWlVFTUE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=

解读:

clusters:配置集群信息,例如集群apiserver地址,以及ca证书

users:配置用户

contexts:上下文,一个上下文对应一个cluster和user

demo-config

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
apiVersion: v1
kind: Config
preferences: {}

clusters:
- cluster:
  name: development
- cluster:
  name: scratch

users:
- name: developer
- name: experimenter

contexts:
- context:
  name: dev-frontend
- context:
  name: dev-storage
- context:
  name: exp-scratch

步骤

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# 设置集群参数
kubectl config set-cluster kubernetes \
--server=https://192.168.31.61:6443 \
--certificate-authority=/etc/kubernetes/pki/ca.crt \
--embed-certs=true \
--kubeconfig=config
# 设置上下文参数
kubectl config set-context test \
--cluster=kubernetes \
--user=cluster-admin \
--kubeconfig=config
# 设置默认上下文
kubectl config use-context test --kubeconfig=config
# 设置客户端认证参数
kubectl config set-credentials cluster-admin \
--certificate-authority=/etc/kubernetes/pki/ca.crt \
--embed-certs=true \
--client-key=/etc/kubernetes/pki/admin-key.pem \
--client-certificate=/etc/kubernetes/pki/admin.pem \
--kubeconfig=config

配置集群详细信息

1
2
kubectl config --kubeconfig=config-demo set-cluster development --server=https://1.2.3.4 --certificate-authority=fake-ca-file
kubectl config --kubeconfig=config-demo set-cluster scratch --server=https://5.6.7.8 --insecure-skip-tls-verify

配置用户详细信息

1
2
kubectl config --kubeconfig=config-demo set-credentials developer --client-certificate=fake-cert-file --client-key=fake-key-seefile
kubectl config --kubeconfig=config-demo set-credentials experimenter --username=exp --password=some-password

配置上下文详细信息

1
2
3
kubectl config --kubeconfig=config-demo set-context dev-frontend --cluster=development --namespace=frontend --user=developer
kubectl config --kubeconfig=config-demo set-context dev-storage --cluster=development --namespace=storage --user=developer
kubectl config --kubeconfig=config-demo set-context exp-scratch --cluster=scratch --namespace=default --user=experimenter

查看config

1
kubectl config --kubeconfig=config-demo view

设置当前上下文

1
kubectl config --kubeconfig=config-demo use-context dev-frontend

查看当前上下文的config

1
kubectl config --kubeconfig=config-demo view --minify