Kubernetes 101 - Kubectl 

KUBERNETES - Kubectl What’s kubectl Is a client for the Kubernetes API, which is an HTTP API and every Kubernetes operation is exposed as an API endpoint and can be executed by an HTTP request to this endpoint. 

KUBERNETES - Kubectl Developer Minikube API SERVER ... 192.168.99.100:8443 $ kubectl version Kubectl flow 

KUBERNETES - Kubectl $ kubectl version -o yaml clientVersion: buildDate: "2019-10-02T17:01:15Z" compiler: gc gitCommit: d647ddbd755faf07169599a625faf302ffc34458 gitTreeState: clean gitVersion: v1.16.1 goVersion: go1.12.10 major: "1" minor: "16" platform: linux/amd64 serverVersion: buildDate: "2019-09-18T14:27:17Z" compiler: gc gitCommit: 2bd9643cee5b3b3a5ecbd3af49d09018f0773c77 gitTreeState: clean gitVersion: v1.16.0 goVersion: go1.12.9 major: "1" minor: "16" platform: linux/amd64 Kubectl version 

KUBERNETES - Kubectl $ ifconfig vboxnet0: flags=4099 mtu 1500 inet 192.168.99.1 netmask 255.255.255.0 broadcast 192.168.99.255 inet6 fe80::800:27ff:fe00:0 prefixlen 64 scopeid 0x20 ether 0a:00:27:00:00:00 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 313 bytes 50712 (50.7 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 $ tcpdump -i vboxnet0 port 8443 -A listening on vboxnet0, link-type EN10MB (Ethernet), capture size 262144 bytes 15:41:46.248509 IP server.42342 > 192.168.99.103.8443: Flags [S], seq 2433516856, win 64240, options [mss 1460,sackOK,TS val 701827968 ecr 0,nop,wscale 7], length 0 E..<].@[email protected] ....8.........Y......... )........... Snife Minikube Network using tcpdump 

KUBERNETES - Kubectl API Server — The Gateway to Kubernetes Kubernetes is all about objects and an API that provides access to those objects. Nodes, labels, pods, deployments, services, secrets, configmaps, ingress, and many more resources are treated as objects. These objects are exposed via simple REST API through which basic CRUD operations are performed. One of the core building blocks of Kubernetes is the API Server which acts as the gateway to the platform. Internal components such as kubelet, scheduler, and controller access the API via the API Server for orchestration and coordination. The distributed key/value database, etcd, is accessible only through the API Server 

KUBERNETES - Kubectl UI User Interface API CLI Command Line Interface Kubernetes Master Node 1 Node 1 Node 1 Node 1 Image Registry 

KUBERNETES - Kubectl Kubectl, the Swiss Army knife to manage Kubernetes is just a nifty tool that talks to the API Server. 

KUBERNETES - Kubectl $ kubectl cluster-info Kubernetes master is running at https://192.168.99.103:8443 KubeDNS is running at https://192.168.99.103:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy Get k8s version using a native curl http request via ssl $ curl https://192.168.99.103:8443/api/ --cacert ~/.minikube/ca.crt --cert ~/.minikube/client.crt --key ~/.minikube/client.key { "versions": [ "v1" ], "serverAddressByClientCIDRs": [ { "clientCIDR": "0.0.0.0/0", "serverAddress": "10.0.1.149:443" } ] } 

KUBERNETES - Kubectl The configuration file is by default located in: $ $HOME/.kube/config Set the KUBECONFIG environment variable: $ export KUBECONFIG=$KUBECONFIG:$HOME/.kube/proxy_config 

KUBERNETES - Kubectl $ kubectl get secrets default-token-6kmrm -o yaml $ echo ‘ZXlKaGJHY2lPaUpTVXpJMU5pSXNJbXRwWkNJNkNB…’ | base64 -d $ eyJhbGciOiJSUzI1NiIsImtpZCI6Ii1tdkpTNGVybVdV... $ curl https://192.168.99.103:8443/api --header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Ii1tdkpTNGVybVdV..." --insecure Passing an authentication token directly to the API server { "versions": [ "v1" ], "serverAddressByClientCIDRs": [ { "clientCIDR": "0.0.0.0/0", "serverAddress": "10.0.1.149:443" } ] }