# Install Minikube
brew install minikube
# Starting Minikube
minikube start
minikube start --vm-driver=xhyve
minikube start --vm-driver=hyperkit
minikube status
minikube stop
Any healthy running Kubernetes cluster can be accessed via any one of the following methods:
kubectl
is the Kubernetes Command Line Interface (CLI) client to manage cluster resources and applications. It can be used standalone, or part of scripts and automation tools. Once all required credentials and cluster access points have been configured for kubectl it can be used remotely from anywhere to access a cluster.
# Open Minikube Dashboard
minikube dashboard
# Serving on different Port
kubectl proxy
#Dashboard URL
http://127.0.0.1:8001/api/v1/namespaces/kube-system/services/kubernetes-dashboard:/proxy/#!/overview?namespace=default
When not using the kubectl proxy, we need to authenticate to the API server when sending API requests. We can authenticate by providing a Bearer Token when issuing a curl, or by providing a set of keys and certificates.
A Bearer Token is an access token which is generated by the authentication server (the API server on the master node) and given back to the client. Using that token, the client can connect back to the Kubernetes API server without providing further authentication details, and then, access resources.
Getting Token
TOKEN=$(kubectl describe secret -n kube-system $(kubectl get secrets -n kube-system | grep default | cut -f1 -d ' ') | grep -E '^token' | cut -f2 -d':' | tr -d '\t' | tr -d " ")
Getting API Server Endpoint
APISERVER=$(kubectl config view | grep https | cut -f 2- -d ":" | tr -d " ")
Confirm that the APISERVER stored the same IP as the Kubernetes master IP by issuing the following 2 commands and comparing their outputs:
$ echo $APISERVER
https://192.168.99.100:8443
$ kubectl cluster-info
Kubernetes master is running at https://192.168.99.100:8443 ...
Access the API server using the curl command, as shown below:
curl $APISERVER --header "Authorization: Bearer $TOKEN" --insecure
By using the kubectl proxy
we are bypassing the authentication for each and every request to the Kubernetes API.