Kubernetes
Import your existing kubernetes cluster to argonaut.
Prereqs
This you need -
- Public Kubernetes Cluster
- Should be accessible using a service account token created by the kubernetes cluster
- Setup
kubectl - Import should happen into an argonaut account with an existing environment.
Connecting to your kube cluster
Connect to your kubernetes cluster using kubectl.
Azure
Prereqs
- Cluster must have
Authentication and Authorizationto beLocal accounts with Kubernetes RBAC
Setup
Run the following command to get access to your azure cluster
az account set --subscription {subscription-id}
az aks get-credentials --resource-group {resource-group} --name {cluster-name}
Creating the kubeconfig
Getting the service account token
# This creates a role binding which gives argonaut's service account access to
# the cluster role we created above.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argonaut
subjects:
- kind: ServiceAccount
name: argonaut-sa
namespace: kube-system
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
---
# The following creates a service account for argonaut in your cluster to access
# the cluster role.
apiVersion: v1
kind: ServiceAccount
metadata:
name: argonaut-sa
namespace: kube-system
secrets:
- name: argonaut-secret
---
# We need to create token using the secrets API resource file which will be used
# in the kubeconfig.
apiVersion: v1
kind: Secret
metadata:
name: argonaut-secret
namespace: kube-system
annotations:
kubernetes.io/service-account.name: argonaut-sa
type: kubernetes.io/service-account-token
Copy the above file to a file, say argonaut.importkc.yaml and run kubectl apply -f argonaut.importkc.yaml.
Getting the service account token
Run the following command to get the service account token for the argonaut-sa service account.
$ echo $(kubectl get secrets/argonaut-secret -n kube-system -o json | jq -r .data.token | base64 -D)
Creating the kubeconfig
Below is the sample kubeconfig that our end file will be similar to. Copy this file to your local machine say, argonaut.kc.yaml
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: { cluster-ca }
server: { server-dns }
name: { cluster-name }
contexts:
- context:
cluster: { cluster-name }
user: { user-name }
name: { context-name }
current-context: { context-name }
kind: Config
users:
- name: { user-name }
user:
token: { secret-token }
Run the following to get your current kubeconfig
$ kubectl config view --flatten --minify
Populate the values from the output of this command to your file argonaut.kc.yaml except the user field.
Paste the token value from the Getting the service account token step to users[0].user.token.
Your kubeconfig file will look something like the following
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: REDACTED+TOKEN
server: https://importaks-dns-d5e76537.hcp.eastus.azmk8s.io:443
name: importaks
contexts:
- context:
cluster: importaks
user: clusterUser_importk8s_importaks
name: importaks
current-context: importaks
kind: Config
users:
- name: clusterUser_importk8s_importaks
user:
token: REDACTED+TOKEN
Importing k8s
Drop or paste the kubeconfig to argonaut and click Import.