github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/kubernetes/index.html.markdown

github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/kubernetes/index.html.markdown (about)

     1  ---
     2  layout: "kubernetes"
     3  page_title: "Provider: Kubernetes"
     4  sidebar_current: "docs-kubernetes-index"
     5  description: |-
     6    The Kubernetes (K8s) provider is used to interact with the resources supported by Kubernetes. The provider needs to be configured with the proper credentials before it can be used.
     7  ---
     8  
     9  # Kubernetes Provider
    10  
    11  The Kubernetes (K8S) provider is used to interact with the resources supported by Kubernetes. The provider needs to be configured with the proper credentials before it can be used.
    12  
    13  Use the navigation to the left to read about the available resources.
    14  
    15  -> **Note:** The Kubernetes provider is new as of Terraform 0.9. It is ready to be used but many features are still being added. If there is a Kubernetes feature missing, please report it in the GitHub repo.
    16  
    17  ## Example Usage
    18  
    19  ```hcl
    20  provider "kubernetes" {
    21    config_context_auth_info = "ops"
    22    config_context_cluster   = "mycluster"
    23  }
    24  
    25  resource "kubernetes_namespace" "example" {
    26    metadata {
    27      name = "my-first-namespace"
    28    }
    29  }
    30  ```
    31  
    32  ## Kubernetes versions
    33  
    34  Both backward and forward compatibility with Kubernetes API is mostly defined
    35  by the [official K8S Go library](https://github.com/kubernetes/kubernetes) which we ship with Terraform.
    36  Below are versions of the library bundled with given versions of Terraform.
    37  
    38  * Terraform `<= 0.9.6` - Kubernetes `1.5.4`
    39  * Terraform `0.9.7+` - Kubernetes `1.6.1`
    40  
    41  ## Authentication
    42  
    43  There are generally two ways to configure the Kubernetes provider.
    44  
    45  ### File config
    46  
    47  The provider always first tries to load **a config file** from a given
    48  (or default) location. Depending on whether you have current context set
    49  this _may_ require `config_context_auth_info` and/or `config_context_cluster`
    50  and/or `config_context`.
    51  
    52  #### Setting default config context
    53  
    54  Here's an example for how to set default context and avoid all provider configuration:
    55  
    56  ```
    57  kubectl config set-context default-system \
    58    --cluster=chosen-cluster \
    59    --user=chosen-user
    60  
    61  kubectl config use-context default-system
    62  ```
    63  
    64  Read [more about `kubectl` in the official docs](https://kubernetes.io/docs/user-guide/kubectl-overview/).
    65  
    66  ### Statically defined credentials
    67  
    68  The other way is **statically** define all the credentials:
    69  
    70  ```hcl
    71  provider "kubernetes" {
    72    host     = "https://104.196.242.174"
    73    username = "ClusterMaster"
    74    password = "MindTheGap"
    75  
    76    client_certificate     = "${file("~/.kube/client-cert.pem")}"
    77    client_key             = "${file("~/.kube/client-key.pem")}"
    78    cluster_ca_certificate = "${file("~/.kube/cluster-ca-cert.pem")}"
    79  }
    80  ```
    81  
    82  If you have **both** valid configuration in a config file and static configuration, the static one is used as override.
    83  i.e. any static field will override its counterpart loaded from the config.
    84  
    85  ## Argument Reference
    86  
    87  The following arguments are supported:
    88  
    89  * `host` - (Optional) The hostname (in form of URI) of Kubernetes master. Can be sourced from `KUBE_HOST`. Defaults to `https://localhost`.
    90  * `username` - (Optional) The username to use for HTTP basic authentication when accessing the Kubernetes master endpoint. Can be sourced from `KUBE_USER`.
    91  * `password` - (Optional) The password to use for HTTP basic authentication when accessing the Kubernetes master endpoint. Can be sourced from `KUBE_PASSWORD`.
    92  * `insecure`- (Optional) Whether server should be accessed without verifying the TLS certificate. Can be sourced from `KUBE_INSECURE`. Defaults to `false`.
    93  * `client_certificate` - (Optional) PEM-encoded client certificate for TLS authentication. Can be sourced from `KUBE_CLIENT_CERT_DATA`.
    94  * `client_key` - (Optional) PEM-encoded client certificate key for TLS authentication. Can be sourced from `KUBE_CLIENT_KEY_DATA`.
    95  * `cluster_ca_certificate` - (Optional) PEM-encoded root certificates bundle for TLS authentication. Can be sourced from `KUBE_CLUSTER_CA_CERT_DATA`.
    96  * `config_path` - (Optional) Path to the kube config file. Can be sourced from `KUBE_CONFIG` or `KUBECONFIG`. Defaults to `~/.kube/config`.
    97  * `config_context` - (Optional) Context to choose from the config file. Can be sourced from `KUBE_CTX`.
    98  * `config_context_auth_info` - (Optional) Authentication info context of the kube config (name of the kubeconfig user, `--user` flag in `kubectl`). Can be sourced from `KUBE_CTX_AUTH_INFO`.
    99  * `config_context_cluster` - (Optional) Cluster context of the kube config (name of the kubeconfig cluster, `--cluster` flag in `kubectl`). Can be sourced from `KUBE_CTX_CLUSTER`.