What's the meaning of the sections of a kubeconfig file?

2 min read | by Jordi Prats

The configuration file kubeconfig (~/.kube/config) is used to get access to a Kubernetes cluster. It looks like a Kubernetes object that defines the cluster, the user and the context to use:

apiVersion: v1 kind: Config preferences: {} clusters: (...) users: (...) contexts: (...)

Let's take a minikube kubeconfig as an example

On the clusters section we are defining how to connect to the cluster:

apiVersion: v1 clusters: - cluster:  certificate-authority: /home/pet2cattle/.minikube/ca.crt  extensions:  - extension:  last-update: Wed, 23 Jun 2021 08:27:49 CEST  provider: minikube.sigs.k8s.io  version: v1.20.0  name: cluster_info  server: https://192.168.49.2:8443  name: minikube (...)

On the users section we are telling kubectl how to identify itself using SSL certificates:

apiVersion: v1 kind: Config users: - name: minikube  user:  client-certificate: /home/pet2cattle/.minikube/profiles/minikube/client.crt  client-key: /home/pet2cattle/.minikube/profiles/minikube/client.key (...)

Finally, the contexts section is the glue between the other sections telling which user to use to connect to which cluster. We can also fins which is the default namespace to use:

apiVersion: v1 kind: Config contexts: - context:  cluster: minikube  extensions:  - extension:  last-update: Wed, 23 Jun 2021 08:27:49 CEST  provider: minikube.sigs.k8s.io  version: v1.20.0  name: context_info  namespace: default  user: minikube  name: minikube (...)

There's also the current-context which tell us which is context is currently in use. A complete example would be:

apiVersion: v1 current-context: minikube kind: Config preferences: {} clusters: - cluster:  certificate-authority: /home/pet2cattle/.minikube/ca.crt  extensions:  - extension:  last-update: Wed, 23 Jun 2021 08:27:49 CEST  provider: minikube.sigs.k8s.io  version: v1.20.0  name: cluster_info  server: https://192.168.49.2:8443  name: minikube contexts: - context:  cluster: minikube  extensions:  - extension:  last-update: Wed, 23 Jun 2021 08:27:49 CEST  provider: minikube.sigs.k8s.io  version: v1.20.0  name: context_info  namespace: default  user: minikube  name: minikube users: - name: minikube  user:  client-certificate: /home/pet2cattle/.minikube/profiles/minikube/client.crt  client-key: /home/pet2cattle/.minikube/profiles/minikube/client.key

So, if we have two cluster with two different kubeconfig files we can create a new one with both clusters copying the three sections (users, clusters and contexts) and making sure it's names don't collide between them

Posted on 29/06/2021

Categories