Open in app

Sign in

Write

Sign in

Kubernetes: Kubeconfig File

Claire Lee
5 min readMar 24, 2023

--

The kubeconfig file is used to access Kubernetes clusters and is primarily used by kubectl to authenticate and access the cluster. It contains three main sections: clusters, users, and contexts, which define cluster-specific details, authentication details, and the environment for interacting with the cluster. The default path for the kubeconfig file is $HOME/.kube/config, but it can be specified using the --kubeconfig flag. The file does not need to be created using kubectl create -f <kubeconfig_file> command; once created, it is read by kubectl when accessing the cluster.

Kubernetes: Kubeconfig File
Table of Contents

· Kubeconfig File
Kubeconfig file path
· Kubeconfig with YAML
· kubectl create -f <kubeconfig_file>?
· Config Commands

Are you tired of typing long command-line arguments like ca.crt, user.crt, and user.key every time you want to access a Kubernetes cluster using kubectl or curl commands? Fear not, kubeconfig is here to save the day! With kubeconfig, you can simply run your kubectl or curl commands and let them access the required values from the configuration file. This not only saves your time but also eliminates the risk of making errors when typing long and complicated arguments. So, say goodbye to tedious and repetitive typing and let kubeconfig do the heavy lifting for you!

Kubeconfig File

The name kubeconfig is a generic term used to refer to configuration files used to access Kubernetes clusters. Therefore, it is not necessary to name the file kubeconfig.

The kubeconfig file serving as a configuration file that defines how to connect to a Kubernetes cluster. It is primarily used by kubectl, the official Kubernetes command-line tool, to authenticate and access the cluster.

The file contains three main sections, clusters, users, and contexts, each with its own specific information:

Kubeconfig
  • clusters
    Define the Kubernetes cluster being accessed, including the API server URL, certificate authorities, and other cluster-specific details.
  • users
    Provide the authentication details for the existing user or application accessing the Kubernetes cluster. This can include a username and password, client certificates, or authentication tokens.
  • contexts
    Define the environment for the user or application interacting with the Kubernetes cluster. It specifies the cluster being accessed, the user credentials being used, and the namespace being targeted. Multiple contexts can be defined in the kubeconfig file, allowing for easy switching between different environments or clusters.

Kubeconfig file path

Kubeconfig default path

By default, kubectl looks for the kubeconfig file at the path $HOME/.kube/config. However, it is possible to specify a different kubeconfig file using the --kubeconfig flag when running Kubernetes commands.

For example, to use a kubeconfig file located at /path/to/kubeconfig, you would run a command like this:

kubectl --kubeconfig=path/to/kubeconfig get pods

Kubeconfig with YAML

config example

apiVersion: v1
kind: Config
clusters:
- name: production
  cluster:
    server: https://production.example.com
    certificate-authority: /path/to/production/ca.crt
- name: development
  cluster:
    server: https://development.example.com
    certificate-authority: /path/to/development/ca.crt
- name: test
  cluster:
    server: https://test.example.com
    certificate-authority: /path/to/test/ca.crt
contexts:
- name: production
  context:
    cluster: production
    user: prod-user
- name: development
  context:
    cluster: development
    user: dev-user
- name: test
  context:
    cluster: test
    user: test-user
current-context: production
users:
- name: prod-user
  user:
    client-certificate: /path/to/production/prod-user.crt
    client-key: /path/to/production/prod-user.key
- name: dev-user
  user:
    client-certificate: /path/to/development/dev-user.crt
    client-key: /path/to/development/dev-user.key
- name: test-user
  user:
    client-certificate: /path/to/test/test-user.crt
    client-key: /path/to/test/test-user.key

The current-context specifies which context should be used by default when kubectl is run.

You can also specify which namespace to be used for a particular context within context definition.

contexts:
- name: development
  context:
    cluster: development
    user: dev-user
    namespace: <desired_namespace>
specify namespace

kubectl create -f <kubeconfig_file>?

There is no need to use the kubectl create -f <kubeconfig_file> command to create the kubeconfig file. Once the file is created, it is left as-is, and the kubectl command reads the required values from it when accessing the Kubernetes cluster.

Config Commands

commands
  1. Display the current configuration in the kubeconfig file
$ kubectl config view

2. Display the configuration in the specified kubeconfig file

$ kubectl config view --kubeconfig=<path_to_kubeconfig>

3. Set the current context to the specified context

Allow you to easily switch between different environments or clusters

$ kubectl config use-context <context_name>

4. Retrieve the specified kubeconfig file and displays relevant cluster information

$ kubectl cluster-info --kubeconfig <path_to_kubeconfig>

These are my personal notes for CKA exam preparation on Kubernetes. Please feel free to correct me if you notice any errors. 😊

Reference:

Configure Access to Multiple Clusters

This page shows how to configure access to multiple clusters by using configuration files. After your clusters, users…

kubernetes.io

Organizing Cluster Access Using kubeconfig Files

Use kubeconfig files to organize information about clusters, users, namespaces, and authentication mechanisms. The…

kubernetes.io

Kubernetes
K8s
Kubeconfig
Cka
Cka Exam

--

--

Claire Lee
Claire Lee

Written by Claire Lee

1.3K Followers
14 Following

I learn. I code. And I share.

Responses (4)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams