Log in a specific cluster

Access a specific cluster as a user

Before you begin

This procedure requires the following configurations and background:

Access a cluster

If your group can access a cluster managed by Kommander, you can connect to that cluster from the Kommander landing page.

In this example, the Kommander cluster has two managed clusters on Azure but, as a user, you can only access the management cluster.

  1. Go to the landing page, provided by an administrator, and select Generate kubectl Token.

Konvoy Landing Page

  1. Select the cluster you want to log into.

Generate Kubernetes Token

  1. As a user having access to the management cluster, select the Main cluster and log in using an identity provider.

Login Identity Provider

  1. Attach kubectl to the cluster using the interface instructions.

Connection Instructions

Your local kubectl can now communicate with the cluster. Depending on your rights, you can view and edit different api-resources.

Switch from a cluster to another cluster

To log in to another cluster that is part of your Kommander infrastructure, use the Access a cluster procedure again for the other cluster.

Once kubectl is on this new cluster, you can switch between clusters using contexts. Open-source tools such as kubectx can make this operation faster.

Messages when attached to a cluster that you do not have access

The Access a Cluster instructions work for any clusters (management and attached ones) even if you do not have access to them.

The difference is that, once you have attached the cluster, none of the kubectl commands will succeed as the user does not have access:

$ kubectl get pods -A
Error from server (Forbidden): pods is forbidden: User "user@yourcompany.com" cannot list resource "pods" in API group "" at the cluster scope