Skip to main content
Version: 2.4.1

Configure Kubernetes Access

The Kubernetes collector is configured within the Resoto Worker configuration via the config command in Resoto Shell:

> config edit resoto.worker

Add k8s to the list of collectors by modifying the configuration as follows:

Resoto Worker configuration
resotoworker:
...
# List of collectors to run
collector:
- 'k8s'
...
...

Authentication

You can authenticate with Kubernetes via kubeconfig files, manual configuration, or both.

kubeconfig Files

The easiest way to configure access to Kubernetes is to give Resoto Worker access to kubeconfig files.

  1. Make your kubeconfig file(s) available to Resoto at /home/resoto/.kube:

    • Add volume definition(s) for each kubeconfig file to the resotoworker service in docker-compose.yaml:

      docker-compose.yaml
      services:
      ...
      resotoworker:
      image: somecr.io/someengineering/resotoworker:2.4.1
      ...
      volumes:
      - <PATH TO kubeconfig FILE>:/home/resoto/.kube/config_1
      - <PATH TO ANOTHER kubeconfig FILE>:/home/resoto/.kube/config_2
      ...
      ...
    • Recreate the resotoworker container with the updated service definition:

      $ docker compose up -d
  2. Open the Resoto Worker configuration via the config command in Resoto Shell:

    > config edit resoto.worker
  3. Modify the k8s section of the configuration as follows, defining path and contexts for each file:

    Resoto Worker configuration
    resotoworker:
    ...
    ...
    k8s:
    config_files:
    - path: "/home/resoto/.kube/config_1"
    all_contexts: false
    contexts: ["context1", "context2"]
    - path: "/home/resoto/.kube/config_2"
    all_contexts: true
    info

    If a single kubeconfig file holds multiple contexts, it is possible to restrict the contexts to be used by defining them explicitly. Setting all_contexts to true will not filter, resulting in taking all found contexts.

Manual Configuration

Instead of exposing a kubeconfig file to Resoto Worker, you can alternatively supply credentials manually.

The required values can be found in the kubeconfig file:

Optionkubeconfig Property
serverclusters.cluster.server
tokenusers.user.token
certificate_authority_dataclusters.cluster.certificate-authority-data
(only required if the server is using a self-signed certificate)
  1. Open the Resoto Worker configuration via the config command in Resoto Shell:

    > config edit resoto.worker
  2. Modify the k8s section of the configuration as follows:

    Resoto Worker configuration
    resotoworker:
    ...
    ...
    k8s:
    configs:
    - name: 'dev'
    certificate_authority_data: 'xxx'
    server: 'https://k8s-cluster-server.example.com'
    token: 'token'
    info

    Multiple k8s clusters can be defined by adding multiple sets of values.

Resource Collection

By default, Resoto performs resource collection each hour. To immediately trigger a collect run, use the workflow run command in Resoto Shell:

> workflow run collect

Once the collect run completes, you can view a summary of collected Kubernetes resources using the following search:

> search is(kubernetes_resource) | count kind