Connect to Kubernetes

Last modified on August 17, 2022

This page provides instructions on how to connect to a Kubernetes cluster and use kubectl via strongDM.

Prerequisites

Before you begin, ensure that your strongDM administrator has granted you access to at least one Kubernetes cluster.

The Connection Process

  1. Open your strongDM Desktop App and log in.

  2. Update the kubectl configuration using either the desktop app or the CLI.

    1. If using the desktop app, go to the Account menu and select Update kubectl configuration.
    1. If using the CLI, run the following command:

      sdm k8s update-config
      
  3. Connect to the Kubernetes cluster by either clicking the cluster’s display name in the desktop app or running sdm connect <KUBERNETES_CLUSTER_NAME> in the CLI.

Once you have updated your kubectl configuration and are connected, you should be able to run kubectl commands directly on the strongDM-managed cluster.

Example:

$ kubectl get pods
NAME                                     READY     STATUS    RESTARTS   AGE
imprecise-bunny-mysql-6b65b5ff54-wflb9   1/1       Running   0          38d
imprecise-bunny-mysql-test               0/1       Pending   0          17d
redis-master-6b464554c8-9w7k8            1/1       Running   0          34d
shell-demo                               1/1       Running   0          39d

Manual Configuration Update

If the Update kubectl configuration option fails, it is likely because you are using a separate Kubernetes configuration manager. In this case, you can manually update your ~/.kube/config file as follows.

  1. For each Kubernetes cluster you wish to configure, record its port as reported in the Admin UI or the CLI after running sdm status.

  2. In your config file for each cluster:

    1. Add a cluster item:

      - cluster:
      server: http://localhost:port
      name: cluster-name
      
    2. Add a context item:

      - context:
      cluster: sdm-k8s-1
      user: sdm-user
      name: strongDM Kubernetes 1
      
    3. Add a single user item for the sdm-user name:

       - name: sdm-user
      user: {}
      
  3. Save and exit the editor.

Now you should be able to switch contexts to a strongDM-managed cluster and connect normally.

Example

The following is an example of a kubectl configuration file with two strongDM-managed clusters.

apiVersion: v1
clusters:
- cluster:
  server: http://localhost:<port1>
  name: sdm-k8s-1
- cluster:
  server: http://localhost:<port2>
  name: sdm-k8s-2
contexts:
- context:
  cluster: sdm-k8s-1
  user: sdm-user
  name: strongDM Kubernetes 1
- context:
  cluster: sdm-k8s-2
  user: sdm-user
  name: strongDM Kubernetes 2
current-context: strongDM Kubernetes 1
kind: Config
preferences: {}
users:
- name: sdm-user
  user: {}

If you have any questions or problems, please contact support@strongdm.com for assistance.

Top