Add Kubernetes Cluster
On your Account settings, go to the Integration tab and choose Kubernetes.
In the Kubernetes integration window, you will be able to add a cluster from known providers such as GKE or by manually adding your cluster settings.
Adding GKE Cluster
Adding a cluster in GKE can be done by clicking the Add cluster button under Google Cloud Provider and selecting the desired project and cluster.
If this is your first time you’ll be prompted to authenticate using your google cradentails, make sure you’re doing so with a user that have access to your GKE projects.
Adding any other cluster type (not dependent on any provider)
In order to add any other type of cluster, outside of GKE, use Custom Providers
The integration between Codefresh and your Kubernetes cluster is API based and relies on a Kubernetes service account of your choosing that will be used to manage the integration.
The configurations you’ll be required to add are:
- Name - Any name of your choosing, that will represent your cluster context in Codefresh.
- Host - The endpoint for your Kubernetes API
- Certificate - The Kubernetes service account certificate used for the integration with Codefresh
- Token - The Kubernetes service account token used for the integration with Codefresh
In the section below we’ll provide you with easy instructions how to get all your cluster configurations in order to add it to Codefresh.
Get cluster configurations
Copy and paste the below commands into your local shell, then save the outputs and paste them into Codefresh. The commands rely on kubectl so make sure it is configured against your cluster.
More than one cluster in kubeconfig?
Before starting, make sure that you local context is the one you’de like to add to Codefresh.
Switch to the desired context before continue
In the instructions above, we’re reffering for a service account named ‘default’ in regards to the certificate and token. You can provide any service account configurations you may have on any namespace, the minimal permissions requirement is that it’ll be able to get all namespaces in your cluster. The cluster actions you’ll be limited to in Codefresh are based on the Kubernetes service account permissions you set in Kubernetes RBAC.
Once the cluster been added successfully you can go to the
Kubernetes tab to start working with the services of your cluster.
So, what’s next?
- Manage your Kubernetes cluster in Codefresh
- Deployment to Kubernetes - Quick start guide
- Example - Deploy demochat to Kubernetes cluster
Debugging issues with adding cluster
After adding your cluster configurations and in case the test fails, click “Save” to get the error message back.
Namespaces is forbidden
Add Cluster Error
The service account used for the integration doesn’t have the minimal permissions required (get all cluster namespaces). To fix this add a service account that have the required permissions.’ + The following command gives an example on how to create a cluster binding role between the default service account and cluster-admin role:
Create cluster binding with admin permissions
Kubernetes cluster - using an external reverse proxy (edge case)
In case you’re using an external reverse proxy to manage inbound traffic to your Kubernetes API, please read this article to make sure your certificate setup are managed correctly in order to add your cluster successfully to Codefresh.