<p class="wp-block-paragraph">Video: <a href="https://youtu.be/oBF-dUXZwrA">https://youtu.be/oBF-dUXZwrA</a></p>
<figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper">
<iframe title="Kubernetes: dealing with .kube/config merge" width="1110" height="624" src="https://www.youtube.com/embed/oBF-dUXZwrA?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>
</div></figure>
<p class="wp-block-paragraph">Once you get a new config from a remote kubernetes installation you need to integrate it to existing local <code>.kube/config</code> file.</p>
<p class="wp-block-paragraph">Sometime, you or others, are doing experiments with kubernetes, so repeat the .kube/config integration steps over and over again, dealing with <code>-data</code> blobs</p>
<h2 class="wp-block-heading">List of ingredients</h2>
<ul class="wp-block-list">
<li>existing .kube/config</li>
<li>config file to be added, with: new cluster infos, user infos, context (binding user to cluster)</li>
<li>utility bash scripts:
<ul class="wp-block-list">
<li>extract_kconfig.sh for extrac infos and add cluster, context and user</li>
<li>kuco_import.sh for extracting BLOB into .crt and .key files</li>
</ul>
</li>
</ul>
<h2 class="wp-block-heading">Getting the scripts</h2>
<p class="wp-block-paragraph">Retrieve the scripts by:</p>
<pre class="wp-block-preformatted">curl https://raw.githubusercontent.com/danielecr/selfhosted/refs/heads/main/kubernetes/kuco_import.sh kuco_import.sh<br>curl https://raw.githubusercontent.com/danielecr/selfhosted/refs/heads/main/kubernetes/extract_kconfig.sh extract_kconfig.sh</pre>
<p class="wp-block-paragraph">Make those executable:</p>
<pre class="wp-block-preformatted">chmod +x extract_kconfig.sh<br>chmod +x kuco_import.sh</pre>
<h2 class="wp-block-heading">First import</h2>
<p class="wp-block-paragraph">First, copy locally the remote config for kubectl:</p>
<pre class="wp-block-preformatted">scp remote.host:/home/user/.kube/config newremotekube</pre>
<p class="wp-block-paragraph">then run the extract_kconfig.sh by:</p>
<pre class="wp-block-preformatted">extract_kconfig newkubeconfig</pre>
<p class="wp-block-paragraph">it is an interactive script. First output is some like:</p>
<pre class="wp-block-preformatted"><br>contexts:<br>- context:<br> cluster: kubernetes<br> user: kubernetes-admin<br> name: kubernetes-admin@kubernetes<br>current-context: kubernetes-admin@kubernetes<br>users:<br>- name: kubernetes-admin<br> user:<br><br>creating:<br> - a cluster named kubernetes<br> - a user named kubernetes-admin<br> - a context named kubernetes-admin@kubernetes<br><br>Please, check for conflicts in .kube/config before going on!<br><br>Enter host URL: </pre>
<p class="wp-block-paragraph">Hit <return> without input. Check for conflict in current .kube/config file. If there are no conflict, run it again and insert the right host URL, i.e. http://remote.host:6443</p>
<p class="wp-block-paragraph">At the end the suggested command is:</p>
<pre class="wp-block-preformatted">Now run:<br>kuco_import.sh newkubeconfig newkubeconfig</pre>
<p class="wp-block-paragraph">Run it. Extracted files are stored in the folder $HOME/.kube/</p>
<p class="wp-block-paragraph">Edit the .kube/config and remove the path from added certs and key filenames, i.e.:</p>
<pre class="wp-block-preformatted"> certificate-authority: /current/path/to/newkubeconfig-cluster-cert.crt<br>#becomes<br> certificate-authority: newkubeconfig-cluster-cert.crt</pre>
<p class="wp-block-paragraph">now change current context by:</p>
<pre class="wp-block-preformatted">kubectl use-context kubernetes-admin@kubernetes</pre>
<p class="wp-block-paragraph">And check</p>
<pre class="wp-block-preformatted">kubectl get nodes</pre>
<h2 class="wp-block-heading">Same server new keys</h2>
<p class="wp-block-paragraph">This is the quick part, every time the server changes certificate and user key, the commands to execute are:</p>
<pre class="wp-block-preformatted">scp remote.host:/home/user/.kube/config newremotekube<br>kuco_import.sh newkubeconfig newkubeconfig</pre>
<p class="wp-block-paragraph">The <code>.kube/config</code> is untouched</p>
<h2 class="wp-block-heading">Bonus</h2>
<p class="wp-block-paragraph">Now, kuco_import.sh is good for extracting also blob from existing .kube/config file by:</p>
<pre class="wp-block-preformatted">cp .kube/config kindserv<br>kuco_import kindserv</pre>
<p class="wp-block-paragraph">Then edit the <code>.kube/config</code> relevant part by replacing -data with filename references</p>
Once you get a new config from a remote kubernetes installation you need to integrate it to existing local .kube/config file.
Sometime, you or others, are doing experiments with kubernetes, so repeat the .kube/config integration steps over and over again, dealing with -data blobs
List of ingredients
existing .kube/config
config file to be added, with: new cluster infos, user infos, context (binding user to cluster)
utility bash scripts:
extract_kconfig.sh for extrac infos and add cluster, context and user
kuco_import.sh for extracting BLOB into .crt and .key files
creating: - a cluster named kubernetes - a user named kubernetes-admin - a context named kubernetes-admin@kubernetes
Please, check for conflicts in .kube/config before going on!
Enter host URL:
Hit <return> without input. Check for conflict in current .kube/config file. If there are no conflict, run it again and insert the right host URL, i.e. http://remote.host:6443
At the end the suggested command is:
Now run: kuco_import.sh newkubeconfig newkubeconfig
Run it. Extracted files are stored in the folder $HOME/.kube/
Edit the .kube/config and remove the path from added certs and key filenames, i.e.:
