Accessing your cluster from the kubectl CLI

To access your cluster by using the command line interface (CLI), you must install and configure kubectl, the Kubernetes command line tool.

  1. Synchronize the clocks in between the client computer and the nodes in the IBM® Cloud Private cluster . To synchronize your clocks, you can use network time protocol (NTP). For more information about setting up NTP, see the user documentation for your operating system.

  2. Install the Kubernetes command line interface kubectl version 1.11.0. Get the kubectl binary file from the IBM Cloud Private installer, or download a binary file from Kubernetes.

    • To get the binary file from the IBM Cloud Private installer, run the following command, substituting ARCH for amd64 or ppc64le according to your CPU architecture:

      • Standard edition:

        docker run -e LICENSE=accept --net=host -v /usr/local/bin:/data ibmcom/icp-inception-ARCH:3.1.0-ee cp /usr/local/bin/kubectl /data

      • Community edition:

        docker run -e LICENSE=accept --net=host -v /usr/local/bin:/data ibmcom/icp-inception-ARCH:3.1.0 cp /usr/local/bin/kubectl /data

    • To download the file from Kubernetes, see Install and Set Up kubectl Opens in a new tab.

  3. Obtain the cluster configuration details. You can obtain the cluster configuration details by using the IBM Cloud Private CLI or management console.

    • To obtain the configuration details from the management console:

      1. Log in to your cluster management console. See Accessing your IBM Cloud Private cluster by using the management console.

      2. Select the user icon user icon, then click Configure client. The cluster configuration details display and resemble the following code:

        kubectl config set-cluster {cluster_name} --server=https://master_ip:8001 --insecure-skip-tls-verify=true
kubectl config set-context {cluster_name}-context --cluster={cluster_name}
kubectl config set-credentials {cluster_name}-user --token={token}
kubectl config set-context {cluster_name}-context --user={cluster_name}-user --namespace=default
kubectl config use-context {cluster_name}-context

        In these details, master_ip is the IP address of the master node for your IBM Cloud Private cluster.

      3. Copy and paste the configuration information to your command line, and press Enter.

    • To obtain the configuration details from the IBM Cloud Private CLI:

      1. Install the IBM Cloud Private command line interface (CLI) and log in to your cluster. See Installing the IBM Cloud Private CLI.

      Important: This configuration expires in 8 hours. To continue to use the CLI, you must log in and reconfigure kubectl every 8 hours. To avoid this limitation, you can configure your CLI by using service accounts. See https://www.ibm.com/developerworks/community/blogs/fe25b4ef-ea6a-4d86-a629-6f87ccf4649e/entry/Configuring_the_Kubernetes_CLI_by_using_service_account_tokens1 Opens in a new tab.

      Note: The parameter, kube_apiserver_insecure_port (port 8888), for Kubernetes is disabled. To verify use of your IBM Cloud Private cluster pods, run the following command:

      kubectl --kubeconfig=/var/lib/kubelet/kubelet-config get pods -n kube-system -o wide