starlingx/docs
Code Issues Proposed changes
Files
0aadbc62130b8b457ad2bb9731ee60f745d720b5
docs/doc/source/usertasks/kubernetes/kubernetes-user-tutorials-installing-kubectl-and-helm-clients-directly-on-a-host.rst
Joao Victor Portal daa431e385 Updated OIDC app docs 
This commit does 2 changes in the OIDC app docs:

1) The docs were updated to be explicit about the OIDC app being
   compatible with LDAP servers and not only with the Windows Active
   Directory;
2) The page "Centralized OIDC Authentication Setup for Distributed
   Cloud" was renamed to "Centralized vs Distributed OIDC Authentication
   Setup" and was moved in the index of pages to be right below the
   first page "Overview of LDAP Servers". The idea is to use this page
   as a entry point for someone learning about the OIDC app, because
   every user must decide between a centralized and a distributed setup
   and because this page has links to all other pages except
   "Deprovision LDAP Server Authentication".

Story: 2010738
Task: 49455

Change-Id: I61c5b7f322ac8159b649c70eeaa0195d97ab12c7
Signed-off-by: Joao Victor Portal <Joao.VictorPortal@windriver.com>
2024-01-29 19:14:14 -03:00

4.9 KiB
Raw Blame History

Install Kubectl and Helm Clients Directly on a Host

As an alternative to using the container-backed Remote for kubectl and helm, you can install these commands directly on your remote host.

Kubectl and helm installed directly on the remote host provide the best CLI behaviour, especially for CLI commands that reference local files or require a shell.

The following procedure shows you how to configure the kubectl and kubectl clients directly on a remote host, for an admin user with cluster-admin clusterrole. If using a non-admin user with only role privileges within a private namespace, additional configuration is required in order to use helm.

You will need the following information from your administrator:

  • the floating IP address of the
  • login credential information; in this example, it is the "TOKEN" for a local Kubernetes ServiceAccount.
  • your kubernetes namespace

  1. On the workstation, install the kubectl client on an Ubuntu host by performing the following actions on the remote Ubuntu system.

    1. Install the kubectl client CLI.

      % sudo apt-get update
% sudo apt-get install -y apt-transport-https
% curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add
% echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
% sudo apt-get update
% sudo apt-get install -y kubectl

    1. Set up the local configuration and context.

      Note

      In order for your remote host to trust the certificate used by the K8s API, you must ensure that the k8s_root_ca_cert provided by your administrator is a trusted CA certificate by your host. Follow the instructions for adding a trusted CA certificate for the operating system distribution of your particular host.

      If your administrator does not provide a k8s_root_ca_cert at the time of installation, then specify insecure-skip-tls-verify, as shown below.

      % kubectl config set-cluster mycluster --server=https://<$CLUSTEROAMIP>:6443 --insecure-skip-tls-verify
% kubectl config set-credentials dave-user@mycluster --token=$MYTOKEN
% kubectl config set-context dave-user@mycluster --cluster=mycluster --user admin-user admin-user@mycluster --namespace=$MYNAMESPACE
% kubectl config use-context dave-user@mycluster

    2. Test remote kubectl access.

      % kubectl get pods -o wide
NAME            READY STATUS RE-    AGE IP           NODE      NOMINA- READINESS
                             STARTS                           TED NODE GATES
nodeinfo-648f.. 1/1  Running   0    62d 172.16.38.83  worker-4 <none> <none>
nodeinfo-648f.. 1/1  Running   0    62d 172.16.97.207 worker-3 <none> <none>
nodeinfo-648f.. 1/1  Running   0    62d 172.16.203.14 worker-5 <none> <none>
tiller-deploy.. 1/1  Running   0    27d 172.16.97.219 worker-3 <none> <none>

  2. On the workstation, install the helm client on an Ubuntu host by performing the following actions on the remote Ubuntu system.

    1. Install helm client.

      % wget https://get.helm.sh/helm-v2.13.1-linux-amd64.tar.gz
% tar xvf helm-v2.13.1-linux-amd64.tar.gz
% sudo cp linux-amd64/helm /usr/local/bin

      In order to use helm, additional configuration is required. For more information, see Configuring Remote Helm Client <configuring-remote-helm-client>.

Related information

Configuring Container-backed Remote CLIs and Clients <kubernetes-user-tutorials-configuring-container-backed-remote-clis-and-clients>

Using Container-backed Remote CLIs and Clients <using-container-based-remote-clis-and-clients>

Configuring Remote Helm Client <configuring-remote-helm-client>