Oracle Cloud Infrastructure Documentation

Accessing a Cluster Using Kubectl

You can use the Kubernetes command line tool kubectl to perform operations on a cluster you've created with Container Engine for Kubernetes. Before you can use kubectl to access a cluster, you need to specify the cluster on which to perform operations by downloading the cluster's kubeconfig file.

Note that an Oracle Cloud Infrastructure CLI command in the kubeconfig file generates authentication tokens that are short-lived, cluster-scoped, and specific to individual users. As a result, you cannot share kubeconfig files between users to access Kubernetes clusters. The generated authentication tokens are also unsuitable if you want other processes and tools to access the cluster, such as continuous integration and continuous delivery (CI/CD) tools. In this case, consider creating a Kubernetes service account and adding its associated authentication token to the kubeconfig file. For more information, see Adding a Service Account Authentication Token to a Kubeconfig File.

Note also that the version of kubectl you use must be compatible with the version of Kubernetes running on clusters created by Container Engine for Kubernetes. For more information about compatibility between different versions of kubernetes and kubectl, see the Kubernetes documentation.

To access a cluster using kubectl:

  1. If you haven't already done so, install kubectl (see the kubectl documentation).
  2. If you haven't already done so, follow the steps to download the cluster's kubeconfig configuration file and set the KUBECONFIG environment variable to point to the file. Note that you must download your own kubeconfig file. You cannot access a cluster using a kubeconfig file that a different user downloaded. See Downloading a Kubeconfig File to Enable Cluster Access.
  3. In a terminal window, enter kubectl followed by the command for the operation you want to perform on the cluster. For a list of available commands and options, see the kubectl documentation.

    Note that you must have the appropriate permissions to run the command you enter. See About Access Control and Container Engine for Kubernetes.