LAB02d: Setting up Kubeconfig

How kubeconfig works

How to create new users

How to create new contexts

How to switch between users/contexts

How to merge multiple kubeconfig files

How to view certificates/server details

How to test RBAC access using kubeconfig

LAB: Mastering Kubeconfig (100% Commands, No YAML)

1. Identify your current kubeconfig location

echo $KUBECONFIG

If empty, default is:

View:

2. Copy kubeconfig to a fresh lab file (safe practice)

Verify using:

3. Create a new user from commands (password or token method)

Option A — Basic username+password user

(no certs needed)

Option B — Token-based user (common in OIDC)

Option C — Client certificate (recommended in kubeadm labs)

4. Create a new context for user ram

List contexts:

5. Switch to new context (this changes your “identity”)

Confirm:

6. Test access using new user

Try getting pods:

If you did not create RBAC earlier, you should get:

Check who Kubernetes thinks you are:

7. Add namespace to context (modify existing context)

Verify:

8. Create another kubeconfig and MERGE

Create a second kubeconfig:

Merge both kubeconfigs:

Test merged file:

9. Rename a context (command only)

10. Remove (delete) a user, cluster, or context

Delete user:

Delete context:

Delete cluster entry:

11. Show certificate + cluster server details

Check API server endpoint:

Check CA:

Check user's certificate:

12. Create a kubeconfig for a single user only

This is common for distributing access to team members:

Test: