Kubernetes API plugin for Kaholo.
To be able to use the kubernetes CLI methods, you need to make sure you have kubectl installed on your agent, and configured correctly to connect to the wanted kubernetes cluster. You can see more on downloading and configuring kubectl here.
- Please make sure kubectl is in your copputer's path and that it is reachable from CMD/Bash.
To connect to your Kubernetes cluster from this plugin you need to create a service account with sufficent permmisions to Kaholo. You need to do the following steps in order to make this plugin work:
- Create a new service account for kaholo on your cluster. You can see more information on creating service accounts here.
To do so with kubectl you can write the following command:
kubectl create serviceaccount kaholo-sa
- Bind roles with sufficent permmision for the methods you want to use in the plugin. Each method in the plugin specifies what permmisions it needs.
- Get you service account authentication token. In order to so with kubectl you can enter the following commands:
# this will print the service account details. Save token name for later(kaholo-sa-token-XXXXX for example) kubectl describe sa kaholo-sa # This will print your token secret in base64 encoding kubectl describe secret kaholo-sa-token-XXXXX
- Decode token secret with base64 decoder. You can do so here.
- Save decoded secret in the kaholo vault.
- Define the token setting in the plugin as the decoded secret from the vault.
- Endpoint URL (String) Required for api methods if not in action - The default kubernetes endpoint URL to connect to. Learn More
- Certificate Authority (Vault) Required for api methods if not in action - The default Certificate Authority to use for authentication. Learn More
- Service Account Token (Vault) Required for api methods if not in action - The token to use for authentication to the service account on default. Learn More
- Service Account Name (String) Required for api methods if not in action - The name of the default service account to use for authentication. Learn More
- Sudo CLI commands (Boolean) Optional - If true, run all CLI commands with the Sudo command. The sudo command allows you to run programs with the security privileges of another user (by default, as the superuser). It prompts you for your personal password and confirms your request to execute a command by checking a file, called sudoers , which the system administrator configures. Learn More
Create or update resources in Kubernetes. Update means that if resources with the same name as the ones specified, exist, they will be deleted, and re-created with the settings described in the YML File. Mimics the kubectl apply method.
This method might need different permmisions for different apply actions, based on what resources it tries to apply, and in what namespace.
You can bind the role cluster-admin in the namespace you are working to give the service account full access to this namespace.
- Endpoint URL (String) Required if not in settings - An endpoint is a resource that gets IP addresses of one or more pods dynamically assigned to it, along with a port. An endpoint can be viewed using kubectl get endpoints. Learn More
- Certificate Authority (Vault) Required if not in settings - Kubernetes provides a certificates.k8s.io API, which lets you provision TLS certificates signed by a Certificate Authority (CA) that you control. These CA and certificates can be used by your workloads to establish trust. certificates.k8s.io API uses a protocol that is similar to the ACME draft. Learn More
- Service Account Token (Vault) Required if not in settings - A service account has an associated service account authentication token, which is stored as a Kubernetes secret. Learn More
- Service Account Name (String) Required if not in settings - Kubernetes service accounts are Kubernetes resources, created and managed using the Kubernetes API, meant to be used by in-cluster Kubernetes-created entities, such as Pods, to authenticate to the Kubernetes API server or external services. Learn More
- Yaml File Path (String) Required - Yaml File full Path to create the update. Learn More
- Namespace (String) Optional - Namespaces are a way to organize clusters into virtual sub-clusters — they can be helpful when different teams or projects share a Kubernetes cluster. Any number of namespaces are supported within a cluster, each logically separated from others but with the ability to communicate with each other. Default namespace to deploy into is 'default'. Learn More
Create or update resources in Kubernetes, using the kubectl method Apply.
- File Path (String) Required - The path to the yml file to apply. Learn More
- Force (Boolean) Optional - If true, immediately remove resources from API and bypass graceful deletion. Default value is false. Learn More
- Don't Overwrite (Boolean) Optional - Do not automatically resolve conflicts between the modified and live configuration by using values from the modified configuration. Learn More
- Dry-run (Options) Optional - Dry run is not a concept exclusive to Kubernetes. It's an expression used to indicate a rehearsal of a performance or procedure before the real one. Dry run mode gives you the possibility of issuing a command without side effects for testing an actual command that you intend to run. Possible values: none | server | client Learn More
- Sudo (Boolean) Optional - The sudo command allows you to run programs with the security privileges of another user (by default, as the superuser). It prompts you for your personal password and confirms your request to execute a command by checking a file, called sudoers , which the system administrator configures. Learn More
Delete any kubernetes object by it's name, type and namespace.
For this method to work the service account needs permmisions to delete the resource in the system.
- Endpoint URL (String) Required if not in settings - An endpoint is a resource that gets IP addresses of one or more pods dynamically assigned to it, along with a port. An endpoint can be viewed using kubectl get endpoints. Learn More
- Certificate Authority (Vault) Required if not in settings - Kubernetes provides a certificates.k8s.io API, which lets you provision TLS certificates signed by a Certificate Authority (CA) that you control. These CA and certificates can be used by your workloads to establish trust. certificates.k8s.io API uses a protocol that is similar to the ACME draft. Learn More
- Service Account Token (Vault) Required if not in settings - A service account has an associated service account authentication token, which is stored as a Kubernetes secret. Learn More
- Service Account Name (String) Required if not in settings - Kubernetes service accounts are Kubernetes resources, created and managed using the Kubernetes API, meant to be used by in-cluster Kubernetes-created entities, such as Pods, to authenticate to the Kubernetes API server or external services. Learn More
- Name (String) Required - A Kubernetes service is a logical abstraction for a deployed group of pods in a cluster (which all perform the same function). Since pods are ephemeral, a service enables a group of pods, which provide specific functions (web services, image processing, etc.) to be assigned a name and unique IP address (clusterIP). Learn More
- Namespace (String) Optional - Specify the namespace name. Default namespace is 'default'. Learn More
Get informattion on all services whuch match the specified criteria, using kubectl.
- Sudo (Boolean) Optional - The sudo command allows you to run programs with the security privileges of another user (by default, as the superuser). It prompts you for your personal password and confirms your request to execute a command by checking a file, called sudoers , which the system administrator configures. Learn More
- Namespace (String) Optional - If true only return services from the specified namespace. Learn More
Createas a service object that exposes the specified deployment, using the kubectl "kubectl expose" method.
- Deployment (String) Required - A Deployment runs multiple replicas of your application and automatically replaces any instances that fail or become unresponsive. In this way, Deployments help ensure that one or more instances of your application are available to serve user requests. Deployments are managed by the Kubernetes Deployment controller. Learn More
- Type (String) Required - Kubernetes objects are entities that are used to represent the state of the cluster. An object is a “record of intent” – once created, the cluster does its best to ensure it exists as defined. This is known as the cluster's “desired state.”. Learn More
- Name (String) Required - A Kubernetes service is a logical abstraction for a deployed group of pods in a cluster (which all perform the same function). Since pods are ephemeral, a service enables a group of pods, which provide specific functions (web services, image processing, etc.) to be assigned a name and unique IP address (clusterIP). Learn More
- Sudo (Boolean) Optional - The sudo command allows you to run programs with the security privileges of another user (by default, as the superuser). It prompts you for your personal password and confirms your request to execute a command by checking a file, called sudoers , which the system administrator configures. Learn More
Return information on all pods in the kubernetes cluster, using kubectl.
- Sudo (Boolean) Optional - The sudo command allows you to run programs with the security privileges of another user (by default, as the superuser). It prompts you for your personal password and confirms your request to execute a command by checking a file, called sudoers , which the system administrator configures. Learn More