Blog / 2022 / May / 29

k0s remote access

May 29, 2022

So now that we have a k0s cluster up and running, we have two choices on how to administer it. We can ssh into the k0s master node and start using the k0s command there, or we can set up external access.

Each of my k8s nodes is on linux, but my main machine is a mac, so these are the instructions that worked for me on getting kubectl on my mac to send commands through to my cluster.

Installing kubectl

To install the kubectl command, we can use:

% brew install kubectl

Copy Config File

The configuration we need is on the controller node in /var/lib/k0s/pki/admin.conf and it's owned by root so we can't access it as a normal user.

On the master node, run the following:

$ sudo cp /var/lib/k0s/pki/admin.conf ~/k0s.conf

This file should be protected in a normal install, but as I'm just playing I'm happy for anyone to access it.

$ sudo chmod a+r ~/k0s.conf

I can now copy this file onto my mac from the controller node:

% sftp tjs@192.168.1.82
Connected to 192.168.1.82.
sftp> get k0s.conf
Fetching /home/tjs/k0s.conf to k0s.conf
/home/tjs/k0s.conf                                                          100% 5683     3.2MB/s   00:00    
sftp> exit

We need to modify this file so point to the controller node. In my case I need to change from localhost to the ip of the controller node.

So find the line that says:

 server: https://localhost:6443

and change it to match the controller node ip:

server: https://192.168.1.82:6443

Now we need to set the correct environment variable to point at this file. On the mac:

$ export KUBECONFIG=/Users/timsawyer/web/k0s.conf

To get this to persist between shell windows on MacOS Catalina, I needed to add this line also to ~/.zshrc.

We can now run kubectl and it should talk to the cluster:

$ kubectl get nodes
NAME    STATUS   ROLES    AGE   VERSION
node1   Ready    <none>   16d   v1.22.4+k0s. 
node3   Ready    <none>   16d   v1.22.4+k0s 
node4   Ready    <none>   16d   v1.22.4+k0s

node2 is missing from this list as that's my controller node.

If we now run the same command we ran a couple of posts ago, we should get the same list:

% kubectl get pods --all-namespaces 
NAMESPACE     NAME                              READY   STATUS    RESTARTS      AGE
kube-system   coredns-77b4ff5f78-69nlz          1/1     Running   3 (28m ago)   16d
kube-system   coredns-77b4ff5f78-hd648          1/1     Running   2 (28m ago)   16d
kube-system   konnectivity-agent-c2qx7          1/1     Running   1 (29m ago)   16d
kube-system   konnectivity-agent-gkcnp          1/1     Running   2 (28m ago)   16d
kube-system   konnectivity-agent-xq2kv          1/1     Running   3 (29m ago)   16d
kube-system   kube-proxy-4qvwt                  1/1     Running   3 (29m ago)   16d
kube-system   kube-proxy-99tn8                  1/1     Running   2 (29m ago)   16d
kube-system   kube-proxy-zk5mt                  1/1     Running   3 (28m ago)   16d
kube-system   kube-router-86phq                 1/1     Running   2 (29m ago)   16d
kube-system   kube-router-sqqgw                 1/1     Running   2 (28m ago)   16d
kube-system   kube-router-txt94                 1/1     Running   3 (29m ago)   16d
kube-system   metrics-server-5b898fd875-kb9zc   1/1     Running   4 (27m ago)   16d

Tags: k0s k8s kubernetes helm remote kubectl