Kubernetes CLI
Kubernetes CLI¶
Docker Enterprise 2.0 and higher deploys Kubernetes as part of a UCP installation. Deploy, manage, and monitor Kubernetes workloads from the UCP dashboard. Users can also interact with the Kubernetes deployment through the Kubernetes command-line tool named kubectl.
To access the UCP cluster with kubectl, install the UCP client bundle.
Important
Kubernetes on Docker Desktop for Mac and Docker Desktop for Windows
Docker Desktop for Mac and Docker Desktop for Windows provide a standalone Kubernetes server that runs on your development machine, with kubectl installed by default. This installation is separate from the Kubernetes deployment on a UCP cluster.
Install the kubectl binary¶
To use kubectl, install the binary on a workstation which has access to your UCP endpoint.
Important
Must install compatible version
Kubernetes only guarantees compatibility with kubectl versions that are +/-1 minor versions away from the Kubernetes version.
First, find which version of Kubernetes is running in your cluster. This
can be found within the Universal Control Plane dashboard or at the UCP
API endpoint version. You can also find
the Kubernetes version using the Docker CLI. You need to source a client
bundle and type the docker version command.
From the UCP dashboard, click About within the Admin menu in the top left corner of the dashboard. Then navigate to Kubernetes.
Once you have the Kubernetes version, install the kubectl client for the relevant operating system.
You can download the binary from this link
If you have curl installed on your system, you use these commands in Powershell.
Using kubectl with a Docker Enterprise cluster¶
Docker Enterprise provides users unique certificates and keys to authenticate against the Docker and Kubernetes APIs. Instructions on how to download these certificates and how to configure kubectl to use them can be found in CLI-based access.
Install Helm on Docker Enterprise¶
Helm is the package manager for Kubernetes. Tiller is the Helm server. Before installing Helm on Docker Enterprise, you must meet the following requirements:
- You must be running a Docker Enterprise 2.1 or higher cluster.
- You must have kubectl configured to communicate with the cluster (usually this is done via a client bundle).
To use Helm and Tiller with UCP, you must grant the default service account within the kube-system namespace the necessary roles. Enter the following kubectl commands in this order:
kubectl create rolebinding default-view --clusterrole=view --serviceaccount=kube-system:default --namespace=kube-system
kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default
It is recommended that you specify a Role and RoleBinding to limit Tiller’s scope to a particular namespace, as described in Helm’s documentation.
See initialize Helm and install Tiller for more information.