Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use "kubectl" command instead of "sudo kubectl"

Tags:

For every command with kubectl I need to use sudo kubectl.

I understand the security perspective but I am working on a test environment and I want to be able use it without sudo.

I tried to run sudo -i and use the root account to runkubectl get pods but I received:

The connection to the server localhost:8080 was refused - did you specify the right host or port? 

I noticed that when I was playing with https://labs.play-with-k8s.com, the user is root and I can run kubectl freely.

I wanted to have the same thing on my Ubuntu machine with my Minikube.

When I runkubectl get pods with my regular account I received the error:

error: unable to read client-key /home/myuser/.minikube/client.key for minikube due to open /home/myuser/.minikube/client.key: permission denied 

I supposed there are two ways:
1. Give everyone access to /home/myuser/.minikube/
2. Give my account permissions to run kubectl without sudo

EDIT:
Following @Konstantin Vustin request, here are the requested information:

myuser@ubuntu:/usr/local/bin$ ls -l  $(which kubectl) -rwxrwxr-x 1 myuser myuser 54308597 Jun 13 05:21 /usr/local/bin/kubectl  myuser@ubuntu:/usr/local/bin$ ls -la ~ | grep kube drwxr-xr-x  5 myuser myuser   4096 Jun 17 02:25 .kube drwxrwxr-x 10 myuser myuser   4096 Jun 13 05:18 .minikube  myuser@ubuntu:/usr/local/bin$ ls -l ~/.kube total 24 drwxr-xr-x  3 root  root  4096 Jun 13 05:26 cache -rw-------  1 myuser myuser 911 Jun 13 05:27 config drwxrwxr-x  3 myuser myuser 4096 Jul 11 01:37 http-cache 
like image 864
E235 Avatar asked Jul 11 '18 07:07

E235


People also ask

What is kubectl command?

The Kubernetes command-line tool, kubectl, allows you to run commands against Kubernetes clusters. You can use kubectl to deploy applications, inspect and manage cluster resources, and view logs. For more information including a complete list of kubectl operations, see the kubectl reference documentation.

How do I run kubectl as another user?

User impersonation with the --as=user flag This feature, called user impersonation, lets you invoke any command as a different user. To use this feature in kubectl , you need to specify the --as=user flag, where user is the name of the user you wish to impersonate.

How does kubectl command work?

Kubectl is a command line tool used to run commands against Kubernetes clusters. It does this by authenticating with the Master Node of your cluster and making API calls to do a variety of management actions. If you're just getting started with Kubernetes, prepare to be spending a lot of time with kubectl!


1 Answers

Fix file permissions

Most likely your kubectl files are not owned by your user.

You can set these permissions using below command.

sudo chown -R $USER $HOME/.kube 

Run kubectl with sudo

Alternatively you can run kubectl as sudo user using a persistent sudo shell.

sudo -s 

then run your kubectl commands

kubectl get pods  kubectl describe <resource_type> <resource_name> 

finally exit the sudo shell

exit 
like image 51
Webber Avatar answered Sep 17 '22 18:09

Webber