Bernd Worsch
901535ca44
- bootstrap.yml: install k3s (server+cluster-init, pinned v1.35.1+k3s1) and Helm (v3.17.3 with checksum verify); fetch kubeconfig to control node - tests/smoke_kube.sh: assert node Ready, helm, CoreDNS, Traefik - docs/kubeconfig.md: usage, merge, context-switch, security note - Makefile: k3s-install and smoke targets with make help Closes T01, T02, T03, T04, T05 of RAIL-BS-WP-0002. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1.1 KiB
1.1 KiB
Kubeconfig — HostEurope cluster
Where it lives
After running make k3s-install, the bootstrap playbook fetches the kubeconfig
from the HostEurope node to:
~/.kube/config-hosteurope
This file is gitignored (contains the cluster CA and client certificate) and must never be committed.
Using it directly
export KUBECONFIG=~/.kube/config-hosteurope
kubectl get nodes
Merging into ~/.kube/config
KUBECONFIG=~/.kube/config:~/.kube/config-hosteurope \
kubectl config view --flatten > /tmp/merged-config
mv /tmp/merged-config ~/.kube/config
chmod 600 ~/.kube/config
Switching context
kubectl config get-contexts
kubectl config use-context default # or the context name shown above
Security note
The kubeconfig grants full cluster-admin access. Keep it on the control node
only. Do not share or commit it. The server address inside the file is
127.0.0.1 (k3s default) — if you need to reach the cluster remotely you
will need to either replace the address with the node's actual IP, or use an
SSH tunnel.