K8s Cluster
Reference for the humanitec/k8s-cluster driver
Used to connect to a Kubernetes cluster using vanilla
kubeconfig parameters.If you are using AKS from Azure, EKS from AWS or GKE from GCP, please use the appropriate driver instead. See: Manage Kubernetes Clusters
Property | Description |
|---|---|
Resource Type | k8s-cluster |
Account Type | None |
Name | Type | Description |
|---|---|---|
cluster_data | object | Contains the properties from the cluster object clusters: section of the kubeconfig |
load_balancer | string | The IP address or hostname that ingress should be configured for in the cluster. |
Name | Type | Description |
|---|---|---|
credentials | object | Contains the properties from the user object within the users: section of the kubeconfig |
The structure of the
kubeconfig file is not well documented. In most systems it can be found in ~/kube/config. It is a YAML file.At its top level, there are 4 properties:
Property | Type | Description |
|---|---|---|
apiVersion | string | Always v1 |
clusters | array | An array of cluster objects. Each object has a name and cluster property containing the configuration. |
contexts | array | Links a cluster to a user by names. Each object has its own name and context property that contains the mapping. |
users | array | Defines the credentials for a user. Each object has its own name and user property that contains the credentials. |
The driver requires the contents of a
cluster object in the clusters array and a user object within the users array.For example, for this basic
kubeconfig:apiVersion: v1
clusters:
- cluster:
certificate-authority-data: "LS0tlkjdfl...sadfLS0K"
server: https://my-cluster.dev.corp.example.com
name: my-cluster
context:
- context:
cluster: my-cluster
user: my-user
name: my-context
users:
- name: my-user
user:
client-certificate-data: "LS0t4edkjl...dsLS0tCg=="
client-key-data: "LS0tLS1CRU...gS0VZLS0tLS0K"
token: 75e2...2s84
The
cluster_data property would be:{
"certificate-authority-data": "LS0tlkjdfl...sadfLS0K",
"server": "https://my-cluster.dev.corp.example.com"
}
The
credentials would be:{
"client-certificate-data": "LS0t4edkjl...dsLS0tCg==",
"client-key-data": "LS0tLS1CRU...gS0VZLS0tLS0K",
"token": "75e2...2s84"
}
(JSON is used because the Humanitec API requires JSON)
This driver requires the contexts of one
cluster and one user property. You can identify which cluster and user object you need by inspecting the contexts. This command will return the context object for the given context name:# Command 1
# Output is the cluster and user name in the kubeconfig
yq e '.contexts[] | select(.name == "my-context") | .context' ~/.kube/config
The required
cluster_data and credentials values can then be fetched with these commands:# Command 2
# Fetch cluster_data.
# Output is the cluster data in JSON format.
yq e -o json '.clusters[] | select(.name == "my-cluster") | .cluster' ~/.kube/config
# Command 3
# Fetch credentials.
# Output is the user credentials in JSON format.
yq e -o json '.users[] | select(.name == "my-user") | .user' ~/.kube/config
The output of these two commands can then be combined into the payload to configure the driver:
curl https://api.humanitec.io/orgs/${HUMANITEC_ORG}/resources/defs \
-X POST \
-H "Authorization: Bearer ${HUMANITEC_TOKEN}" \
-H "Content-Type: application/json" \
--data-binary '
{
"id": "my-cluster",
"name": "My Cluster",
"type": "k8s-cluster",
"criteria": [
{
"env_type": "development"
}
],
"driver_type": "humanitec/k8s-cluster",
"driver_inputs": {
"values": {
"cluster_data": <...json output of Command 2...>,
"loadbalancer": <...IP address of hostname for ingress...>
},
"secrets": {
"credentials": <..json output of Command 3...>
}
}
}'
Last modified 1yr ago