6.8 KiB
Azure Kubernetes Service (AKS) kubectl plugin
kubectl-aks
is a kubectl
plugin that provides a set of commands that enable
users to interact with an AKS cluster even when the control plane is not
functioning as expected. For example, users can still use the plugin to debug
their cluster if the API server is not working correctly. This plugin allows
users to perform various tasks, retrieve information, and execute commands
against the cluster nodes, regardless of the control plane's state.
It's important to note that this plugin does not replace the Azure CLI,
az.
Instead, it complements it by offering additional commands and providing users
with a kubectl-like experience. In practice, users will use az
to create and
delete their AKS cluster, and then use kubectl
and kubectl-aks
to interact
with and debug it.
Going through the following documentation will help you to understand each available command and which one is the most suitable for your case:
Take into account that kubectl-aks
expects the cluster to use virtual machine
scale sets, which is the case of an AKS cluster.
You can get the node information needed to execute the commands directly from
the Azure portal or you can let kubectl-aks
get
that information for you. If you already have such a information, you can pass
it using the flags or environment variables. If you don't have it, kubectl-aks
can retrieve it either from the Azure API or the Kubernetes API server. If you
expect to use the same node multiple times, it is recommended to import the node
information in the configuration file and set it as the default node, see the
config command for further details.
Install
There is multiple ways to install the kubectl-aks
.
Using krew
krew is the recommended way to install kubectl-aks
.
You can follow the krew's
quickstart to install it
and then install kubectl-aks
by executing the following command:
kubectl krew install aks
kubectl aks version
It can be uninstalled using the following command:
kubectl krew uninstall aks
Install a specific release
It is possible to download the asset for a given release and platform from the
releases page, uncompress and
move the kubectl-aks
executable to any folder in your $PATH
.
VERSION=$(curl -s https://api.github.com/repos/azure/kubectl-aks/releases/latest | jq -r .tag_name)
curl -sL https://github.com/azure/kubectl-aks/releases/latest/download/kubectl-aks-linux-amd64-${VERSION}.tar.gz | sudo tar -C ${HOME}/.local/bin -xzf - kubectl-aks
kubectl aks version
It can be uninstalled by using the following command:
rm ${HOME}/.local/bin/kubectl-aks
Compile from source
To build kubectl-aks
from source, you'll need to have a Golang version 1.17
or higher installed:
git clone https://github.com/Azure/kubectl-aks.git
cd kubectl-aks
# Build and copy the resulting binary in $HOME/.local/bin/
make install
kubectl aks version
It can be uninstalled by using the following command:
make uninstall
Usage
$ kubectl aks --help
Azure Kubernetes Service (AKS) kubectl plugin
Usage:
kubectl-aks [command]
Available Commands:
check-apiserver-connectivity Check connectivity between the nodes and the Kubernetes API Server
completion Generate the autocompletion script for the specified shell
config Manage configuration
help Help about any command
run-command Run a command in a node
version Show version
Flags:
-h, --help help for kubectl-aks
Use "kubectl-aks [command] --help" for more information about a command.
It is necessary to sign in to Azure to run any kubectl-aks
command. To do so,
you can use any authentication method provided by the Azure
CLI using the az login
command; see
further details
here.
However, if you do not have the Azure CLI or have not signed in yet,
kubectl-aks
will open the default browser and load the Azure sign-in page where
you need to authenticate.
Permissions
In order to run kubectl-aks
commands, the user/service principal must have the permissions to perform the
following operations:
- Run command on the instances:
Microsoft.Compute/virtualMachineScaleSets/virtualmachines/runCommand/action
- List Virtual Machine Scale Sets (VMSS):
Microsoft.Compute/virtualMachineScaleSets/virtualMachines/read
- List Virtual Machine Scale Set Instances (VMSS Instances):
Microsoft.Compute/virtualMachineScaleSets/read
Normally if you are using built-in roles e.g Contributor, you should have the above permissions. However, if you are using custom roles for a service principal, you need to make sure that the permissions are granted.
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Trademarks
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.