[cka] KubeConfig

1. Where is the default kubeconfig file located in the current environment?
Find the current home directory by looking at the HOME environment variable.

controlplane ~ ➜  ls -a
.              .bashrc  .config         .profile     .vim
..             .cache   .kube           sample.yaml  .vimrc
.bash_profile  CKA      my-kube-config  .ssh         .wget-hsts

controlplane ~ ➜  ls -a ./.kube/config 
./.kube/config

controlplane ~ ➜  ls -a ./.kube/
.  ..  cache  config

 

answer : /root/.kube/config

 

2. How many clusters are defined in the default kubeconfig file?

controlplane ~ ➜  cat ./.kube/config | grep cluster
clusters:
- cluster:
    cluster: kubernetes

 

answer : 1

 

3. How many Users are defined in the default kubeconfig file?

controlplane ~ ➜  cat ./.kube/config | grep user
    user: kubernetes-admin
users:
  user:

 

4. How many contexts are defined in the default kubeconfig file?

controlplane ~ ➜  cat ./.kube/config | grep context
contexts:
- context:
current-context: kubernetes-admin@kubernetes

 

answer : 1

 

5. What is the user configured in the current context?

 

answer : kubernetes-admin

 

6. What is the name of the cluster configured in the default kubeconfig file?

controlplane ~ ➜  cat ./.kube/config | grep cluster
clusters:
- cluster:
    cluster: kubernetes

 

answer : kubernetes

 

7. A new kubeconfig file named my-kube-config is created. It is placed in the /root directory. How many clusters are defined in that kubeconfig file?

controlplane ~ ➜  ls -a
.              .bashrc  .config         .profile     .vim      .wget-hsts
..             .cache   .kube           sample.yaml  .viminfo
.bash_profile  CKA      my-kube-config  .ssh         .vimrc

controlplane ~ ➜  cat my-kube-config | grep cluster
clusters:
  cluster:
  cluster:
  cluster:
- name: test-cluster-1
  cluster:
    cluster: development
    cluster: kubernetes-on-aws
    cluster: production
    cluster: test-cluster-1

 

answer : 4

 

8. How many contexts are configured in the my-kube-config file?

controlplane ~ ➜  cat my-kube-config | grep context
contexts:
  context:
  context:
  context:
  context:
current-context: test-user@development

answer : 4

 

9. What user is configured in the research context?

- name: research
  context:
    cluster: test-cluster-1
    user: dev-user

 

answer : dev-user

 

10. What is the name of the client-certificate file configured for the aws-user?

- name: aws-user@kubernetes-on-aws
  context:
    cluster: kubernetes-on-aws
    user: aws-user
 ....
 
 - name: aws-user
  user:
    client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
    client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key

answer : aws-user.crt

 

11. What is the current context set to in the my-kube-config file?

controlplane ~ ➜  kubectl config current-context --kubeconfig my-kube-config
test-user@development

 

answe : test-user@development

 

12. I would like to use the dev-user to access test-cluster-1. Set the current context to the right one so I can do that.
Once the right context is identified, use the kubectl config use-context command.

controlplane ~ ✖ kubectl config --kubeconfig=/root/my-kube-config current-context
test-user@development

controlplane ~ ➜  kubectl config --kubeconfig=/root/my-kube-config use-context research
Switched to context "research".

 

13. We don't want to have to specify the kubeconfig file option on each command.
Set the my-kube-config file as the default kubeconfig by overwriting the content of ~/.kube/config with the content of the my-kube-config file.

 

controlplane ~ ➜  cp my-kube-config ~/.kube/config

 

14. With the current-context set to research, we are trying to access the cluster. However something seems to be wrong. Identify and fix the issue.
Try running the kubectl get pods command and look for the error. All users certificates are stored at /etc/kubernetes/pki/users.

 

controlplane ~ ➜  k get pods
error: unable to read client-cert /etc/kubernetes/pki/users/dev-user/developer-user.crt for dev-user due to open /etc/kubernetes/pki/users/dev-user/developer-user.crt: no such file or directory

controlplane ~ ✖ cd /etc/kubernetes/pki/users/dev-user

controlplane pki/users/dev-user ➜  ls -al
total 20
drwxr-xr-x 2 root root 4096 Jul 19 12:43 .
drwxr-xr-x 5 root root 4096 Jul 19 12:43 ..
-rw-r--r-- 1 root root 1025 Jul 19 12:52 dev-user.crt
-rw-r--r-- 1 root root  924 Jul 19 12:52 dev-user.csr
-rw------- 1 root root 1704 Jul 19 12:52 dev-user.key

controlplane pki/users/dev-user ➜  vi ~/.kube/config
- name: dev-user
  user:
    client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt # 수정 -> dev-user.crt
    client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key

 

client-certificate 파일명이 잘못되어있다.