Run Kubectl Commands Locally

Introduction

If you wish to run kubectl commands from your local system, you need to have access to your cluster. Traditionally, the kubeconfig file (./kube/config) helps you connect with the cluster from your local system.

Challenges in Kubeconfig

Kubeconfig becomes painstakingly difficult to maintain especially when it comes to:

Granting or revoking access to the cluster for multiple people
Changing the permissions and subsequently the access token
Adding/Updating/Deleting the entries of cluster URLs and tokens
Keeping a record of multiple kubeconfig files

Our Solution

Devtron helps in reducing the challenges and simplifying the maintenance of kubeconfig file through:

Devtron's Proxy URL for Cluster - A standardized URL that you can use in place of your Kubernetes cluster URL.
Devtron's Access Token - A kubectl-compatible token which can be generated and centrally maintained from Global Configurations → Authorization → API tokens.

Steps

Prerequisite: An API token with necessary permissions for the user(s) to access the cluster.

If you are not a super-admin and can't generate a token yourself, you can find the session token (argocd.token) using the Developer Tools available in your web browser as shown below.

There are 2 methods of getting kubeconfig in your system:

Quick Method

In Resource Browser, hover on the cluster name and click the Get kubeconfig icon.

Copy the commands and run them on your terminal.

Manual Method

Go to ~/.kube folder on your local machine and open the config file. Or you may create one with the following content:

kubeconfig

apiVersion: v1
kind: Config
clusters:
- cluster:
    insecure-skip-tls-verify: true
    server: https://<devtron_host_name>/orchestrator/k8s/proxy/cluster/<cluster_name>
  name: devtron-cluster
contexts:
- context:
    cluster: devtron-cluster
    user: admin
  name: devtron-cluster
current-context: devtron-cluster
users:
- name: admin
  user:
    token: <devtron_token>

Edit the following placeholders in the server field and the token field:

Placeholder

Description

Example

Where to Find

<devtron_host_name>

Hostname of the Devtron server

demo.devtron.ai

<cluster_name>

Name of the cluster (or cluster ID)

devtron-cluster

<devtron_token>

API token or session token

Test the connection to the cluster by running any kubectl command, e.g., kubectl get ns or kubectl get po -A

Additional References

Once the connection is successful, you may run any kubectl operations from your system.

Assume your applications are running in a Kubernetes cluster on cloud. Now, if you wish to test or debug them on your local machine, you can perform port forwarding. It creates a tunnel between a port on your machine and a port on a resource within your cluster. Therefore, you can access applications running inside the cluster as though they are running locally on your machine.

Once you have successfully connected to the cluster, you may run the port-forward command. Refer kubectl port-forward to see a few examples.