Generic Cluster
Used to connect to a Kubernetes cluster using vanilla kubeconfig parameters.
| Property | Description |
|---|---|
| Resource type | k8s-cluster |
| Account type | None |
Inputs
Values
| Name | Type | Description |
|---|---|---|
cluster_data |
object | Contains the properties from the cluster object clusters: section of the kubeconfig |
loadbalancer |
string | The IP address or hostname that ingress should be configured for in the cluster. |
Secrets
| Name | Type | Description |
|---|---|---|
credentials |
object | Contains the properties from the user object within the users: section of the kubeconfig |
Notes
The structure of the kubeconfig file is not well documented. In most systems it can be found in ~/kube/config. It is a YAML file.
At its top level, there are 4 properties:
| Property | Type | Description |
|---|---|---|
apiVersion |
string | Always v1 |
clusters |
array | An array of cluster objects. Each object has a name and cluster property containing the configuration. |
contexts |
array | Links a cluster to a user by names. Each object has its own name and context property that contains the mapping. |
users |
array | Defines the credentials for a user. Each object has its own name and user property that contains the credentials. |
The Driver requires the contents of a cluster object in the clusters array and a user object within the users array.
For example, for this basic kubeconfig:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: "LS0tlkjdfl...sadfLS0K"
server: https://my-cluster.dev.corp.example.com
name: my-cluster
context:
- context:
cluster: my-cluster
user: my-user
name: my-context
users:
- name: my-user
user:
client-certificate-data: "LS0t4edkjl...dsLS0tCg=="
client-key-data: "LS0tLS1CRU...gS0VZLS0tLS0K"
token: 75e2...2s84
The cluster_data property would be:
{
"certificate-authority-data": "LS0tlkjdfl...sadfLS0K",
"server": "https://my-cluster.dev.corp.example.com"
}
The credentials would be:
{
"client-certificate-data": "LS0t4edkjl...dsLS0tCg==",
"client-key-data": "LS0tLS1CRU...gS0VZLS0tLS0K",
"token": "75e2...2s84"
}
(JSON is used because the Humanitec API requires JSON)
Examples
yq tool. (
https://mikefarah.gitbook.io/yq/
)This Driver requires the contexts of one cluster and one user property as maintained in a
kubeconfig
file. You can identify which cluster and user object you need by inspecting the contexts. This command will return the context object for the given context name:
# Output is the cluster and user name in the kubeconfig
yq e '.contexts[] | select(.name == "my-context") | .context' ~/.kube/config
Set the following environment variables for the CLI and API commands:
| Variable | Example | Description |
|---|---|---|
HUMANITEC_TOKEN |
my-token |
The authentication token for accessing the Humanitec API. |
HUMANITEC_ORG |
my-org-id |
The unique identifier for the organization in Humanitec. |
Use the command below for the interface of your choice.
The required cluster_data and credentials values can then be fetched with these commands:
# Output the cluster data to a file in YAML format and add the required indentation.
yq '.clusters[] | select(.name == "my-cluster") | .cluster' ~/.kube/config \
| sed 's/^/ /' \
> cluster_data.yaml
# Output the user credentials to a file in YAML format and add the required indentation.
yq e '.users[] | select(.name == "my-user") | .user' ~/.kube/config \
| sed 's/^/ /' \
> user_credentials.yaml
The output of these two commands can then be combined into the payload to configure the Driver.
- Create a file defining the Resource Definition you want to create. Adjust or remove the
loadbalanceritem as needed.
cat << EOF > k8s-cluster.yaml
apiVersion: entity.humanitec.io/v1b1
kind: Definition
metadata:
id: my-cluster
entity:
driver_type: humanitec/k8s-cluster
name: My Cluster
type: k8s-cluster
driver_inputs:
secrets:
credentials:
$(cat user_credentials.yaml)
values:
cluster_data:
$(cat cluster_data.yaml)
loadbalancer: 10.10.10.10
criteria:
- env_type: development
EOF
- Use the
humctl createcommand to create the Resource Definition in the Organization defined by your configured context:
humctl create -f k8s-cluster.yaml
rm k8s-cluster.yaml
rm cluster_data.yaml
rm user_credentials.yaml
The required cluster_data and credentials values can then be fetched with these commands:
# Output is the cluster data in JSON format.
export CLUSTER_DATA=$(yq e -o json '.clusters[] | select(.name == "my-cluster") | .cluster' ~/.kube/config)
# Output is the user credentials in JSON format.
export USER_CREDENTIALS=$(yq e -o json '.users[] | select(.name == "my-user") | .user' ~/.kube/config)
The output of these two commands can then be combined into the payload to configure the Driver. Adjust or remove the loadbalancer item as needed.
curl https://api.humanitec.io/orgs/${HUMANITEC_ORG}/resources/defs \
-X POST \
-H "Authorization: Bearer ${HUMANITEC_TOKEN}" \
-H "Content-Type: application/json" \
-d '
{
"id": "my-cluster",
"name": "My Cluster",
"type": "k8s-cluster",
"criteria": [
{
"env_type": "development"
}
],
"driver_type": "humanitec/k8s-cluster",
"driver_inputs": {
"values": {
"cluster_data": '"$(echo ${CLUSTER_DATA})"',
"loadbalancer": "10.10.10.10"
},
"secrets": {
"credentials": '"$(echo ${USER_CREDENTIALS})"'
}
}
}'