search

LAB04c: Setting up Cluster Connection

hashtag
LAB 19: Setting up cluster connect

hashtag
How to Create a New Kubernetes Context

hashtag
1. Check what you already have

kubectl config get-contexts
kubectl config view

hashtag
2. Create a new context

Use the kubectl config set-context command:

kubectl config set-context <context-name> \
    --cluster=<cluster-name> \
    --user=<user-name> \
    --namespace=<namespace-name>

Example:

kubectl config set-context prod-admin \
    --cluster=prod-cluster \
    --user=admin-user \
    --namespace=prod

This welds the triplet together:

  • cluster → prod-cluster

  • user → admin-user

  • namespace → prod

hashtag
3. Switch to your new context

kubectl will now speak to that cluster using that user and namespace.

hashtag
Manually Creating a Context

hashtag
STEP 1 — Get the Required Files From the Remote Server

To connect to a remote cluster, kubectl requires three pieces of information:

hashtag
✔️ 1. API Server endpoint

hashtag
✔️ 2. CA certificate (ca.crt)

To trust the server.

hashtag
✔️ 3. Client credentials (cert/key OR token)

Choose ONE of these:

  • client-certificate.crt + client-key.key (secure, best)

  • bearer token (service accounts)

  • OIDC token (enterprise setups)

  • kubeadm admin.conf (easiest)

hashtag
Copy admin.conf (easiest and most common)

On the Kubernetes master/control-plane node:

Copy it to your local machine as:

Or download it:

Done. You’re instantly connected.

hashtag
If You Want to Build kubeconfig Manually

If you don’t want to use admin.conf, follow this Lego route.

hashtag
STEP 2 — Add the Cluster Info

hashtag
STEP 3 — Add User Credentials

hashtag
Option A — With client certificate/key

hashtag
Option B — With bearer token

hashtag
STEP 4 — Create the Context

hashtag
STEP 5 — Use the Context

hashtag
Test the Connection

If you see the nodes → you’re in.

If you get:

→ your CA is wrong or missing.

If you get:

→ credentials mismatch (user cert/token issue).

hashtag
How to handle multiple config file

Here are the three safe strategies to add a new kubeconfig without harming your existing one.

hashtag
Option 1 — Safest: Merge Using KUBECONFIG Variable (Non-Destructive)

Keep your original kubeconfig safe and load the new config side-by-side.

hashtag
Step 1: Save your new config as a separate file

Example:

hashtag
Step 2: Temporarily merge them

hashtag
Step 3: Replace the main config with the merged one

Your old config stays intact (backup) Your new config is merged safely kubectl sees both clusters

hashtag
Option 2 — Use Multiple Kubeconfigs Without Merging

You can keep multiple kubeconfig files and switch between them.

hashtag
Use original config:

hashtag
Use remote cluster:

hashtag
Make it permanent per-shell:

Add to your .bashrc or .zshrc:

Now kubectl sees both configs.

hashtag
Option 3 — Create Named Contexts Inside One File (Recommended)

If your new config contains:

  • cluster

  • user

  • context

…you can import them into your main config.

hashtag
Add cluster:

hashtag
Add credentials:

hashtag
Add context:

hashtag
Switch:

Your old context stays untouched, your new one joins the family.

hashtag
Which option should you use?

Situation
Best Option

You want to avoid ANY risk to your current kubeconfig

Option 1 (manual merge)

You manage many clusters and prefer isolation

Option 2 (multiple files)

You want one convenient kubeconfig

Option 3 (named contexts)

PreviousBLOG04a: Node MaintenanceNextLAB05: Authorization in Kubernetes

Last updated