How to Connect to a DigitalOcean Kubernetes Cluster with kubectl Limited Availability

Kubernetes is currently in limited availability. Learn more.

DigitalOcean Kubernetes clusters are typically managed from a local machine or sometimes from a remote management server. In either case, the management machine will need:

  1. kubectl, the official Kubernetes command-line tool, which you’ll use to connect to the cluster
  2. The cluster configuration file, which contains authentication certificates

The Kubernetes project provides detailed directions for installation on a variety of platforms. Use kubectl version to make sure that your install is working and within one minor version of your cluster.

Once you’ve installed kubectl, visit the cluster and download its config file. You can place the config file anywhere on the machine where you run kubectl and invoke it with the --kubeconfig option. By convention, Kubernetes config files are stored in hidden folder in your home directory named .kube

To test that the file authenticates successfully, you can use the following command from within the .kube directory:

kubectl --kubeconfig="cluster1-kubeconfig-dupe.yaml" get nodes

If you are using kubectl from elsewhere on the filesystem, supply the full path to the config file.

When the command is successful, it should return information similar to the following, although the details will vary depending on the specific cluster configuration:

NAME          STATUS    ROLES     AGE       VERSION
worker-9511   Ready     <none>    3d        v1.10.7
worker-9512   Ready     <none>    3d        v1.10.7
worker-9513   Ready     <none>    3d        v1.10.7

Once kubectl and the cluster configuration file are in place, you can create, manage, and deploy clusters. From here, you can add DigitalOcean Load Balancers and block storage volumes to your cluster.

The certificate authority, client certificate, and client key data in the kubeconfig.yaml file are rotated weekly. If you run into errors like the server doesn't have a resource type "<resource>", Unauthorized, or Unknown resource type: nodes, try downloading a new cluster configuration file. The certificates will be valid for one week from the time of the download.