Cluster
Used to connect to a Kubernetes cluster using vanilla kubeconfig parameters.
| Property | Description |
|---|---|
| Resource Type | k8s-cluster |
| Account Type | None |
Inputs
Values
| Name | Type | Description |
|---|---|---|
cluster_data |
object | Contains the properties from the cluster object clusters: section of the kubeconfig |
load_balancer |
string | The IP address or hostname that ingress should be configured for in the cluster. |
Secrets
| Name | Type | Description |
|---|---|---|
credentials |
object | Contains the properties from the user object within the users: section of the kubeconfig |
Notes
The structure of the kubeconfig file is not well documented. In most systems it can be found in ~/kube/config. It is a YAML file.
At its top level, there are 4 properties:
| Property | Type | Description |
|---|---|---|
apiVersion |
string | Always v1 |
clusters |
array | An array of cluster objects. Each object has a name and cluster property containing the configuration. |
contexts |
array | Links a cluster to a user by names. Each object has its own name and context property that contains the mapping. |
users |
array | Defines the credentials for a user. Each object has its own name and user property that contains the credentials. |
The Driver requires the contents of a cluster object in the clusters array and a user object within the users array.
For example, for this basic kubeconfig:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: "LS0tlkjdfl...sadfLS0K"
server: https://my-cluster.dev.corp.example.com
name: my-cluster
context:
- context:
cluster: my-cluster
user: my-user
name: my-context
users:
- name: my-user
user:
client-certificate-data: "LS0t4edkjl...dsLS0tCg=="
client-key-data: "LS0tLS1CRU...gS0VZLS0tLS0K"
token: 75e2...2s84
The cluster_data property would be:
{
"certificate-authority-data": "LS0tlkjdfl...sadfLS0K",
"server": "https://my-cluster.dev.corp.example.com"
}
The credentials would be:
{
"client-certificate-data": "LS0t4edkjl...dsLS0tCg==",
"client-key-data": "LS0tLS1CRU...gS0VZLS0tLS0K",
"token": "75e2...2s84"
}
(JSON is used because the Humanitec API requires JSON)
Examples
yq tool. (https://mikefarah.gitbook.io/yq/)This Driver requires the contexts of one cluster and one user property. You can identify which cluster and user object you need by inspecting the contexts. This command will return the context object for the given context name:
# Command 1
# Output is the cluster and user name in the kubeconfig
yq e '.contexts[] | select(.name == "my-context") | .context' ~/.kube/config
The required cluster_data and credentials values can then be fetched with these commands:
# Command 2
# Fetch cluster_data.
# Output is the cluster data in JSON format.
yq e -o json '.clusters[] | select(.name == "my-cluster") | .cluster' ~/.kube/config
# Command 3
# Fetch credentials.
# Output is the user credentials in JSON format.
yq e -o json '.users[] | select(.name == "my-user") | .user' ~/.kube/config
The output of these two commands can then be combined into the payload to configure the Driver:
curl https://api.humanitec.io/orgs/${HUMANITEC_ORG}/resources/defs \
-X POST \
-H "Authorization: Bearer ${HUMANITEC_TOKEN}" \
-H "Content-Type: application/json" \
--data-binary '
{
"id": "my-cluster",
"name": "My Cluster",
"type": "k8s-cluster",
"criteria": [
{
"env_type": "development"
}
],
"driver_type": "humanitec/k8s-cluster",
"driver_inputs": {
"values": {
"cluster_data": <...json output of Command 2...>,
"loadbalancer": <...IP address of hostname for ingress...>
},
"secrets": {
"credentials": <..json output of Command 3...>
}
}
}'