/
How to Connect to Kubernetes (K8s) Resources

This document outlines various ways to connect to and interact with Kubernetes (K8s) resources. Kubernetes resources include pods, services, deployments, config maps, secrets, and more. Accessing these resources depends on the context, such as whether you are interacting from within the cluster, from an internal network, or externally.

Prerequisites

  • kubectl installed and configured.

  • Access to the Kubernetes cluster via kubeconfig.

  • Permissions to interact with the required resources.

  • Optional: Helm installed for managing applications.

Ways to Access Kubernetes Resources

There are multiple methods to access Kubernetes resources, each suited for different use cases:

1. Using kubectl

kubectl is the primary CLI tool for interacting with Kubernetes resources.

a) View Resources

  • List all pods:

    1kubectl get pods -n <namespace>

  • Describe a specific pod:

    1kubectl describe pod <pod-name> -n <namespace>

  • Get logs from a pod:

    1kubectl logs <pod-name> -n <namespace>

  • Execute commands inside a running pod:

    1kubectl exec -it <pod-name> -n <namespace> -- /bin/sh

b) Managing Resources

  • Apply a configuration file:

    1kubectl apply -f <file.yaml>

  • Delete a resource:

    1kubectl delete pod <pod-name> -n <namespace>

2. Using a LoadBalancer or Ingress Controller

For accessing services externally, you may need a LoadBalancer or an Ingress resource.

  • Get the external IP of a LoadBalancer service:

    1kubectl get svc <service-name> -n <namespace>

  • Deploy an Ingress resource to route traffic:

    1apiVersion: networking.k8s.io/v1 2kind: Ingress 3metadata: 4 name: example-ingress 5 namespace: default 6spec: 7 rules: 8 - host: example.com 9 http: 10 paths: 11 - path: / 12 pathType: Prefix 13 backend: 14 service: 15 name: example-service 16 port: 17 number: 80

  • Apply the ingress configuration:

    1kubectl apply -f ingress.yaml

3. Port Forwarding

Port forwarding allows direct access to Kubernetes services running inside the cluster.

1kubectl port-forward svc/<service-name> 8080:80 -n <namespace>

Then, access it locally via:

1http://localhost:8080

4. Accessing Kubernetes API Directly

The Kubernetes API allows programmatic access to resources.

  • Retrieve cluster API endpoint:

    1kubectl cluster-info

  • Use curl to interact with the API:

    1curl -k -H "Authorization: Bearer $(kubectl get secret <secret-name> -o jsonpath='{.data.token}' | base64 --decode)" <api-endpoint>

5. Using a Bastion Host

For private clusters, a bastion/jump host may be required:

1ssh -L 6443:<api-server-ip>:6443 user@<bastion-host>

Then, set kubectl to use https://localhost:6443.

Common Kubernetes Resources

  • Pods: The smallest deployable units.

  • Services: Expose applications running on pods.

  • Deployments: Manage replica sets and rollouts.

  • ConfigMaps & Secrets: Store configuration and sensitive information.

  • PersistentVolumes & PersistentVolumeClaims: Manage storage.

  • Namespaces: Isolate resources within a cluster.

  • Ingress: Route external traffic into the cluster.

Troubleshooting

  • kubectl command fails: Ensure kubectl is authenticated and has access to the cluster.

  • Service not accessible: Check service type (ClusterIP, NodePort, LoadBalancer) and firewall rules.

  • Permission denied errors: Verify your role-based access control (RBAC) settings.