← Tech

Kubectl config

You’ve come to the right place to start using kubectl! This tool will help you interact with your apps running in Kubernetes.

Kubernetes provides a command line tool for communicating with a Kubernetes cluster’s control plane, using the Kubernetes API. This tool is named kubectl.

Kubectl Setup

There are some differences depending on the cloud provider, but both of them follow these steps initially:

  1. Copy the config from this link: config to ~/.kube/config.
  2. Install kubectl itself. To do this with brew, use brew install kubectl, or you can visit the kubectl download page.

Azure

kubectl’ access requires membership in the Azure security group for Azure Banno Development

Once you have that, follow these directions to get kubectl working:

  1. Install kubelogin. To install kubelogin with brew, use brew install Azure/kubelogin/kubelogin.
  2. Use the kubelogin convert-kubeconfig command to seed your auth. After that, you can run kubectl commands.
    • When using a new configuration for k8s, a prompt will appear upon kubectl commands showing a code to enter and a login page where @jhacorp.com credentials (and passcode) will need to be provided. This populates an entry for the declared environment into the access-token: line item entry inside ~/.kube/config.
    • You can then use any kubectl command to create access tokens for each environment:
      • Production: production-centralus-aks
      • UAT: uat-centralus-aks
      • Staging: staging-centralus-aks
      • tools: tools-centralus-aks
      • example command: ‘kubectl --context $ENVIRONMENT-centralus-aks get namespaces

(See the k8s auth docs for further details.)

GCP

kubectl’ access uses the gcloud cli tool and a plugin to authenticate to GCP.

  1. Install the gcloud cli tool. Follow the steps to initialize the configuration.
  2. Install the plugin that kubectl uses via gcloud components install gke-gcloud-auth-plugin.

Contexts

Contexts are available for each region in each environment:

  • Development: gke_dev-digital-banno_us-central1_gke and gke_dev-digital-banno_us-east4_gke

Example commands

  • Edit an service’s config (environment variables, app version, number of replicas, etc)
    • tl;dr: use kubectl --context ENVIRONMENT_CONTEXT -n TEAM_NAMESPACE edit app APP_NAME. Example: kubectl --context gke_dev-digital-banno_us-central1_gke -n mirai edit app go-ach-for-cus.
    • Developers have access to make modifications on both Development/Staging, but not Production. This is useful when testing changes to your app and you don’t want to wait on the environments pipeline.
    • These changes are not persisted. To make any changes permanent they need to be added to the service’s config in the Environments repository.
  • Here are some useful functions to put in your terminal’s .bashrc or .zshrc file. You can change the defaults to your favorite namespace (e.g. discovery below) and environment (e.g. uat below).
# call with service name and optionally namespace and env to forward localhost:8080 to your service
# e.g. kforward my-service my-namespace uat
# $1 = service name
# $2 = namespace; discovery is the default on "" or null
# $3 = env; uat is the default on ""
function kforward() { kubectl --context ${3:uat}-centralus-aks -n ${2:-discovery} port-forward service/$1 8080:http }

# call with env and service name; this is permanent until the next deployment, while scale is only temporary
# $1 = service name
# $2 = namespace; discovery is the default on "" or null
# $3 = env; uat is the default on ""
function kedit() { kubectl --context ${3:uat}-centralus-aks -n ${2:-discovery} edit app $1 }