Lucas Saintarbor
8c76072fd2
* Update docusaurus.config.js/Remove v2.5 redirects and update v2.5 label and path * Update version-2.5-sidebars.json with notice * Remove v2.5 files/Add v2.5 files to archived_docs folder * Fix broken link * Fix broken link/typo * Fix broken links
1.9 KiB
title
| title |
|---|
| kubectl Utility |
kubectl
Interact with Rancher using kubectl.
kubectl Utility
Install the kubectl utility. See install kubectl.
Configure kubectl by visiting your cluster in the Rancher Web UI, clicking on Kubeconfig, copying contents, and putting them into your ~/.kube/config file.
Run kubectl cluster-info or kubectl get pods successfully.
Authentication with kubectl and kubeconfig Tokens with TTL
Requirements
If admins have enforced TTL on kubeconfig tokens, the kubeconfig file requires the Rancher CLI to be present in your PATH when you run kubectl. Otherwise, you’ll see an error like:
Unable to connect to the server: getting credentials: exec: exec: "rancher": executable file not found in $PATH.
This feature enables kubectl to authenticate with the Rancher server and get a new kubeconfig token when required. The following auth providers are currently supported:
- Local
- Active Directory (LDAP only)
- FreeIPA
- OpenLDAP
- SAML providers: Ping, Okta, ADFS, Keycloak, Shibboleth
When you first run kubectl, for example, kubectl get pods, it will ask you to pick an auth provider and log in with the Rancher server. The kubeconfig token is cached in the path where you run kubectl under ./.cache/token. This token is valid until it expires, or gets deleted from the Rancher server. Upon expiration, the next kubectl get pods will ask you to log in with the Rancher server again.