Kubernetes Developer Setup

Prerequisites

brew install kubectl k9s kubectx

Steps

1. Clone and navigate

git clone git@github.com:Beep-Technologies/ev-infrastructure.git
cd ev-infrastructure/kubernetes-dev-setup

2. Generate RSA key

openssl genrsa -out ~/.kube/beep-ev.key 4096

3. Generate CSR and send to admin

openssl req -config ./developer-csr.cnf -new -key ~/.kube/beep-ev.key -nodes -out beep-ev-developer-${USER}.csr

4. Place kubeconfig received from admin

mkdir -p ~/.kube
mv ~/Downloads/kubeconfig-<your-username> ~/.kube/config

5. Embed private key

cd ~/.kube
kubectl config set-credentials ${USER} --client-key=beep-ev.key --embed-certs=true

6. Verify

kubectl get pods
kubectl config current-context

Admin steps

# Generate and approve CSR
export DEV_USER=<username>
export BASE64_CSR=$(cat beep-ev-developer-${DEV_USER}.csr | base64 | tr -d '\n')
cat developer-csr.yaml.tpl | envsubst | kubectl apply -f -
kubectl certificate approve ev-developer-csr-<username>
 
# Generate kubeconfig
export EV_DEV_CLIENT_CERTIFICATE_DATA=$(kubectl get csr ev-developer-csr-${DEV_USER} -o jsonpath='{.status.certificate}')
export EV_DEV_CLUSTER_CA=$(kubectl config view --raw -o json | jq -r '.clusters[] | select(.name == "'$(kubectl config current-context)'") | .cluster."certificate-authority-data"')
cat kubeconfig.tpl | envsubst > kubeconfig-${DEV_USER}

See also

• k9s — TUI for navigating pods, secrets, namespaces
• secrets — kubectl commands for decoding secrets after setup