Zum Inhalt springen
Produkte
Plattform
Developer Tools
Portal

Access a cluster

Diese Seite ist noch nicht in deiner Sprache verfügbar. Englische Seite aufrufen

This tutorial guides you through the steps required to retrieve credentials of a Kubernetes cluster which are needed to actually access and work with it.

Download the kubeconfig

Section titled “Download the kubeconfig”

Once you created a cluster, you can connect to it by retrieving its credentials. In Kubernetes, cluster credentials are usually stored in a kubeconfig file. To download the kubeconfig file:

  1. Go to STACKIT Cloud Portal
  2. Select your project
  3. Click on Runtime > Kubernetes Engine
  4. Download the kubeconfig by clicking on the three dots on the right side in the cluster panel and click Download config

Provide cluster access to other users

Section titled “Provide cluster access to other users”

Currently, there is no IAM available for SKE clusters.

Therefore, if you want to provide access to the cluster to other users, you simply download the kubeconfig as described in the previous section and send that to the users that need access to the cluster.

Another way to provide access to the cluster is adding other users to your STACKIT project, so they can download the kubeconfig themselves.
This approach is described below.

Provide permissions for cluster operations to other users

Section titled “Provide permissions for cluster operations to other users”

By default, all users of a STACKIT project who have the project.resource.write permission are allowed to execute all available cluster operations from the context menu. This means every member of the project has the right to access the cluster with the kubeconfig (which provides admin access for the whole cluster) and also delete it. For information on how to add new users to your project please have a look at these instructions.

Rotate cluster credentials

Section titled “Rotate cluster credentials”

To revoke access to the cluster for all users you have the option to start a cluster credential rotation. This will invalidate all credentials (kubeconfig files) that are currently in use for your cluster and create new credentials.

For a successful rotation:

  1. Go to STACKIT Cloud Portal
  2. Select your project.
  3. Click on Runtime > Kubernetes Engine
  4. Trigger the rotation by opening the context menu of any cluster and click Rotate credentials. The cluster will now change its state to Reconciling.
  5. Wait until the cluster’s state is Healthy again.
  6. Download the new kubeconfig from the context menu.

We recommend that you rotate your credentials regularly to increase your cluster’s security.

Use kubectl to interact with you cluster

Section titled “Use kubectl to interact with you cluster”

To interact with you cluster

  1. Make sure to download and install kubectl.
  2. Place the previously downloaded kubeconfig in the path <Home>/.kube/config
    • for windows %USERPROFILE%/.kube/config (if you are using PowerShell, it also recognizes ~/.kube/config) .
    • for linux/mac ~/.kube/config.
  3. Now execute kubectl get nodes and you should be to see nodes running in your cluster.