cockpit-doc 164-1 / usr / share / doc / cockpit / guide / feature-kubernetes.html

This file is indexed.

/usr/share/doc/cockpit/guide/feature-kubernetes.html is in cockpit-doc 164-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Kubernetes</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="index.html" title="Cockpit Guide">
<link rel="up" href="features.html" title="Part II. Feature Internals">
<link rel="prev" href="feature-subscription.html" title="Subscription Manager">
<link rel="next" href="feature-machines.html" title="Multiple Machines">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
<td><a accesskey="p" href="feature-subscription.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
<td><a accesskey="u" href="features.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
<th width="100%" align="center">Cockpit Guide</th>
<td><a accesskey="n" href="feature-machines.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
</tr></table>
<div class="chapter">
<div class="titlepage"><div><div><h2 class="title">
<a name="feature-kubernetes"></a>Kubernetes</h2></div></div></div>
<div class="toc"><dl class="toc">
<dt><span class="section"><a href="feature-kubernetes.html#feature-kubernetes-package">Used in a standard Cockpit session</a></span></dt>
<dt><span class="section"><a href="feature-kubernetes.html#feature-kubernetes-pod">Used as a Kubernetes Pod</a></span></dt>
<dt><span class="section"><a href="feature-kubernetes.html#feature-openshift-pod">Used as an Openshift Pod</a></span></dt>
</dl></div>
<p>Cockpit has a dashboard that interacts with a
    <a class="ulink" href="http://kubernetes.io/" target="_top">Kubernetes cluster</a> or an
    <a class="ulink" href="https://enterprise.openshift.com/" target="_top">Openshift v3 cluster</a>. This
    functionality is in the Cockpit <span class="emphasis"><em>kubernetes</em></span> package.</p>
<p>The dashboard can either be deployed on kubernetes as a
    <a class="ulink" href="http://kubernetes.io/docs/user-guide/pods/" target="_top">container in a pod</a> or used
    via a normal authenticated Cockpit session. Cockpit communicates with Kubernetes via its
    REST API.</p>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="feature-kubernetes-package"></a>Used in a standard Cockpit session</h2></div></div></div>
<p>When the Kubernetes dashboard is used in a standard Cockpit login session, usually some
      form of authentication is necessary to access the Kubernetes REST API.
      Like the <code class="filename">kubectl</code> and <code class="filename">oc</code> commands, Cockpit uses
      the authentication and server information in the <code class="code">~/.kube/config</code> file for
      the logged in user.</p>
<p>If a user is able to use <code class="code">kubectl</code> successfully when at their shell terminal,
      then that same user will able to use Kubernetes dashboard when logged into Cockpit:</p>
<pre class="programlisting">
$ <span class="command"><strong>kubectl get pods</strong></span>
NAME                      READY     STATUS    RESTARTS   AGE
docker-registry-1-l4pyh   1/1       Running   10         23d
...
</pre>
<p>When running Openshift one can use the <code class="code">oc login</code> command to configure the
      <code class="code">~/.kube/config</code> file correctly. This in turn allows Cockpit to use that
      login information.</p>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="feature-kubernetes-pod"></a>Used as a Kubernetes Pod</h2></div></div></div>
<p>The Kubernetes dashboard can be deployed as a pod on Kubernetes requiring users
      to log in using the standard standard authentication configured for access to its API.</p>
<pre class="programlisting">
$ <span class="command"><strong>wget https://raw.githubusercontent.com/cockpit-project/cockpit/master/containers/kubernetes-cockpit.json</strong></span>
$ <span class="command"><strong>kubectl create -f kubernetes-cockpit.json</strong></span>
</pre>
<p>This pod can be used on kubernetes that is configured with basic authentication. By
      default the pod tries to access the kubernetes API securely and expects that the kubernetes
      API server has been deployed with a CA, certificate files and service account key. In order
      to change this behavior, edit the <code class="filename">kubernetes-cockpit.json</code> and change the
      <code class="literal">KUBE_INSECURE</code> environment variable to <code class="literal">true</code>.</p>
<p>You can retrieve the address where you can access the dashboard via:</p>
<pre class="programlisting">
$ <span class="command"><strong>kubectl get service kubernetes-cockpit</strong></span>
</pre>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="feature-openshift-pod"></a>Used as an Openshift Pod</h2></div></div></div>
<p>The Kubernetes dashboard can be deployed as a pod on Openshift, and use Openshift
      OAuth authentication. Running software on Openshift requires forethought, planning and
      configuration. In particular, in order to run the admin interface as a pod you need
      to first decide the host name that it will be accessible at. This is the host name part
      of its URL.</p>
<p>Next use the following commands to deploy the registry pod and service. You'll need
      to have admin access to the Openshift cluster, as an OAuth client needs to be created.
      Replace the <code class="literal">XXX</code> with the host name you want to make the registry
      accessible at. In addition replace <code class="literal">YYY</code> with the host name of the
      Openshift API server.</p>
<pre class="programlisting">
$ <span class="command"><strong>wget https://raw.githubusercontent.com/cockpit-project/cockpit/master/containers/openshift-cockpit.template</strong></span>
$ <span class="command"><strong>oc process -f openshift-cockpit.template -v COCKPIT_KUBE_URL=https://XXX -v OPENSHIFT_OAUTH_PROVIDER_URL=https://YYY:8443 | oc create -f -</strong></span>
</pre>
<p>You can retrieve the address where you can access the dashboard via:</p>
<pre class="programlisting">
$ <span class="command"><strong>oc get service openshift-cockpit</strong></span>
</pre>
</div>
</div>
<div class="footer"><hr></div>
</body>
</html>

APT Browse - Built by Thomas Orozco.