How to Connect to a DigitalOcean Kubernetes Cluster

DigitalOcean Kubernetes clusters are typically managed from a local machine or sometimes from a remote management server. In either case, the management machine needs two things:

  1. kubectl, the official Kubernetes command-line tool, which you’ll use to connect to and interact with the cluster.

    The Kubernetes project provides installation instructions for kubectl on a variety of platforms. Use kubectl version to make sure that your installation is working and within one minor version of your cluster.

  2. doctl, the offical DigitalOcean command-line tool, which you’ll use to manage your config file and set your context.

    The doctl GitHub repo has instructions for installing doctl.

Download the Configuration File

doctl is the most convenient way to manage your Kubernetes configuration file. When doctl is available on the PATH of your administration machine and configured with API keys to access your account, it uses an exec-credential plugin to dynamically grab the client-certificate and client-key data at runtime every time kubectl is called.

After you have both kubectl and doctl, download your Kubernetes cluster config file. Use the name of your cluster instead of example-cluster-01 in the following command.

  
    
doctl kubernetes cluster kubeconfig save example-cluster-01

  

This downloads the kubeconfig for the cluster and automatically merges it with any existing configuration from ~/.kube/config.

Manual Certificate Management

There is also a cluster configuration file, kubeconfig.yaml, available for download from the control panel. To use it, download it to your ~/.kube directory and pass it to kubectl with the --kubeconfig flag.

The authentication certificate in kubeconfig.yaml expires seven days after download, after which you’ll receive an error if you try to use it. It’s best if you’re just testing or experimenting with a single cluster. In the long term, you can either re-download it every week or use doctl for automated certificate management.

Connect to the Cluster

Once the cluster configuration file is in place, you can create, manage, and deploy clusters using kubectl. You can read the official kubectl documentation to learn more about its commands and options.

From here, you can also add DigitalOcean Load Balancers and add block storage volumes to your cluster.

Contexts

In Kubernetes, a context is used to group access parameters under a convenient name. The configuration for every cluster will contain a stanza for contexts with cluster-specific values which look like this:

  
    
contexts:
- context:
    cluster: do-sfo2-example-cluster-01
    user: do-sfo2-example-cluster-01-admin
  name: do-sfo2-example-cluster-01
current-context: do-sfo2-example-cluster-01

  

When you use kubectl, the commands you run affect the default context unless you specify a different one with the --context flag (for example, kubectl get nodes --context=do-nyc1-stage).

To check the current default context, use:

  
    
kubectl config current-context

  

If you get a current-context is not set error, you need to set a default context.

To list all available contexts, use:

  
    
kubectl config get-contexts

  
  
    
CURRENT   NAME                         CLUSTER                      AUTHINFO                         NAMESPACE
*         do-sfo2-example-cluster-01   do-sfo2-example-cluster-01   do-sfo2-example-cluster-01-admin

  

The default context is specified with an asterisk under “CURRENT”. To set the default context to a different one, use:

  
    
kubectl config use-context do-sfo2-example-cluster-01

  

Namespaces

In Kubernetes, namespaces are a way to divide cluster resources between multiple users. They’re useful when you have many users working on the same cluster. You can create multiple namespaces in a cluster, and resources in one namespace are hidden from other namespaces.

Learn more in the Kubernetes namespaces walkthrough.