Sample code and presentation for Kubernetes virtual meetup in Slovenia about kubectl alternative client libraries (available here) and how to work with them.
Solution has 3 projects:
Each of them connects to Kubernetes APIs (in a different way):
-
Kubectl.Console - example how to use different C# managed library API
-
Kubectl.Rest - example how to do a call from managed library using plain REST calls
-
Kubectl.Web - example how to integrate calls to API's into ASP.NET and taking advantage of managed libraries
In order to run the application, you will need to have .NET installed. I do recommend having fully pledged IDE (f.e. Visual Studio, JetBrains Rider) or Visual Studio Code with C# extension to check and navigate the source code.
You will need to have working Kubernetes cluster. Minikube is enough for playing, but to get the full experience (external load balancer), working cluster with external endpoint is preffered.
- Kubectl.Console needs kubeconfig file in order to run the application. On Linux check .kube hidden folder in home folder (on by default).
If you have kubectl installed, use kubectl config view
to see the file.
Solution will automatically load the default config file and authenticate against Kubernetes cluster.
- Kubectl.Rest needs bootstrap token to authenticate against API. You can use Postman or curl in order to issue the command. To successfully run this project, you will need to provide BearerToken and ClusterBaseAddress as environment variables.
The easiest way is to create service account and then do role binding on a cluster to define access levels. With that defined, you can then query the secret to get the token. Use this command kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep youraccountname | awk '{print $1}')
.
- Kubectl.Web uses Azure AD authentication via managed library (C#) to authenticate with AAD to access Azure Kubernetes Service. I am using Microsoft Identity Web authentication library. Flow is explained here.
To do it stepy by step,follow this tutorial. When you have the service principal, you will need to fill in the following details in configuration setting (or add environment variables):
You can find the data in service principal details (created earlier) and Azure AD portal details page. As part of the application, I am using Azure Storage to store different config files (in demo only one), you will need to fill in the details about Storage connection string and container name.
If you want to get remote access to populated container images from a remote docker host (setting DockerHostUrl), you can follow this tutorial here in order to allow TCP connectivity and provide URL (IP) to the application to show image list.
For logging purposes I use Application Insight. If you want to measure performance and see detailed logs (and many more), follow this tutorial. You will need to provide Instrumentation key for app to send data and logs to AI.
- Kubernetes Api Client Libraries and 3rd party community-maintained client libraries
- Kubernetes Api Overview and controlling access to cluster
- Kubeconfig view
- Setup kubectl
- Power tools for kubectl
- Portainer
- Azure Kubernetes Service
- Application Insight
In this demo, we used the following 3rd party libraries and solutions:
If you have any questions, comments, open an issue and happy to answer.