Install Kubectl and Helm Clients Directly on a Host

You can use kubectl and helm to interact with a controller from a remote system.

About this task

Commands such as those that reference local files or commands that require a shell are more easily used from clients running directly on a remote workstation.

Complete the following steps to install kubectl and helm on a remote system.

The following procedure shows how to configure the kubectl and helm clients directly on remote host, for an admin user with cluster-admin cluster role. If using a non-admin user such as one with only role privileges within a private namespace, the procedure is the same, however, additional configuration is required in order to use helm.

Prerequisites

You must configure the oidc-auth-apps OIDC Identity Provider (dex) on the target StarlingX environment to get Kubernetes authentication tokens. See Set up OIDC Auth Applications for more information.

Procedure

1. On the controller, create a rolebinding for the admin-user user. Alternatively, to use group rolebinding and user group membership for authorization, see Configure Users, Groups, and Authorization for more information.

   % MYUSER="admin-user"
   % cat <<EOF > admin-user-rolebinding.yaml
   kind: ClusterRoleBinding
   apiVersion: rbac.authorization.k8s.io/v1
   metadata:
    name: ${MYUSER}-rolebinding
   roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: cluster-admin
   subjects:
   - apiGroup: rbac.authorization.k8s.io
     kind: User
     name: ${MYUSER}
   EOF
   % kubectl apply -f admin-user-rolebinding.yaml
   

2. On the remote workstation, install the kubectl client, set up the Kubernetes configuration and get a token. Follow the steps of section Kubernetes Remote Client Access using the Host Directly at Configure Kubernetes Client Access, then test the kubectl access with the command below.

   % kubectl get nodes -o wide
   NAME           STATUS   ROLES    AGE    VERSION   INTERNAL-IP       EXTERNAL-IP   OS-IMAGE ...
   controller-0   Ready    master   15h    v1.12.3   192.168.204.3     <none>        CentOS L ...
   controller-1   Ready    master   129m   v1.12.3   192.168.204.4     <none>        CentOS L ...
   worker-0       Ready    <none>   99m    v1.12.3   192.168.204.201   <none>        CentOS L ...
   worker-1       Ready    <none>   99m    v1.12.3   192.168.204.202   <none>        CentOS L ...
   %
   

3. On the workstation, install the helm client on an Ubuntu host by taking the following actions on the remote Ubuntu system.

   1. Install helm. See the following reference: https://helm.sh/docs/intro/install/. Helm accesses the Kubernetes cluster as configured in the previous step, using the default ~/.kube/config.

      % wget https://get.helm.sh/helm-v3.2.1-linux-amd64.tar.gz
      % tar xvf helm-v3.2.1-linux-amd64.tar.gz
      % sudo cp linux-amd64/helm /usr/local/bin
      

   2. Verify that helm installed correctly.

      % helm version
      version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}
      

   3. Run the following commands:

      % helm repo add bitnami https://charts.bitnami.com/bitnami
      % helm repo update
      % helm repo list
      % helm search repo
      % helm install wordpress bitnami/wordpress
      

See also

Configure Container-backed Remote CLIs and Clients

Using Container-backed Remote CLIs and Clients