Kube API access
This service is currently in Early Access. Contact us to request access.
With Xelon, you have full access to the Kube API via the Admin Kube Config, which you can download from HQ. Navigate to the dashboard of your cluster and click on “Download config” in the “Kubernetes Configuration” segment.
Kubectl
Kubectl is the best-known tool for accessing the Kubernetes API. It enables the creation and manipulation of Kubernetes resources.
Installation
We refer to the official documentation, which varies depending on the operating system. Please find the direct links for installation on the most common operating systems below:
To check whether the tool is installed correctly, you can open a terminal and execute the following command to read out the version:
kubectl version
The output of this command should look like the output below, with the difference that you probably have a newer version and may not yet be able to access a Kubernetes cluster (server version). However, if the client version is displayed, kubectl is installed.
Client Version: v1.30.0
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.30.3
As a rule of thumb, Kubectl should not differ from the server version by more than +/- one minor version.
Configuration
Configuring the kubectl binary is simple, the tool needs to know which connection file to use. There are three methods for this, which are explained below. The first method is generally recommended, but those who often work with different Kubernetes Clusters will most likely prefer method 2 or 3 in combination with option 1.
Method 1 - default path:
By default, the connection file (“config”) in the “.kube” folder, which is located in the user folder (~/.kube/config), is used. If you move your kubeconfig to this directory (with the correct name), it will be used by default.
kubectl get nodes
Method 2 - argument: When executing the kubectl command, a kubeconfig file can be specified as an argument. This argument must then be passed for each kubectl command.
kubectl --kubeconfig=./Downloads/kubeconfig get nodes
Method 3 - environment variable: If the environment variable “KUBECONFIG” is set to a path, this kubeconfig file is used.
KUBECONFIG=./Downloads/kubeconfig kubectl get nodes
At first glance, this method looks like the second method (with the argument), but has the advantage that you can have several terminals open in which you can set the environment variables to different Kubeconfig files and then use the same commands for both terminals.
Stage environment (terminal 1):
export KUBECONFIG=./.kube/config-stage
kubectl get nodes
Productive environment (terminal 2)
export KUBECONFIG=./.kube/config-prod
kubectl get nodes
Talos-API-Zugriff
With Xelon, you have full access to the Kubernetes nodes via the Talos Config. This is a connection file similar to the Kube Config. However, you can use this tool to change the operating system of the Kubernetes nodes yourself. Navigate to the dashboard of your cluster and click on “Download config” in the “Cluster info” segment.
This access is not required in most cases, but can be used for extended control.
Talosctl
The talosctl is strongly inspired by the kubectl, uses similar principles and, like the kubectl, is “only” a tool for accessing the Talos API. The Talos API has a slightly different architecture than the Kube API. The Kube API runs on all Controlplane nodes, but not on the Worker nodes. The Talos API on the other hand runs on all nodes, the approach that Talos Linux uses is that the entire operating system is controlled via the API.
Installation
Siderolabs (developer of Talos Linux) offers Talosctl as a binary that is automatically released with the Talos Linux binaries. The binaries can then be found on the Github Releases Page under “Assets”. Visit the following URL and adjust the version number to your Talos version.
https://github.com/siderolabs/talos/releases/tag/v1.7.5
There are different variations of the talosctl binary in the assets, here you will find the corresponding variation for your operating system from which you want to run talosctl: “talosctl-<operating system>-<CPU architecture>”.
The following steps are operating system-specific, but generally the same.
1. Move the binary file to a folder that is used by your environment as an application folder.
Linux/MacOS: Under POSIX operating systems, the path can be determined via the $PATH system variable.
In most cases, this variable contains a path that looks like this:
/home/<username>/.local/bin
This path is ideal for binary files that can only be executed by the current user. If the user exists, you can store your binary files here.
Windows: In Windows, you can find this variable by clicking on the settings.
“Settings” -> ‘System’ -> ‘About’ -> ‘Advanced system settings’ -> ‘Advanced’ -> ”Environment variables...”
In this menu, you can add another path to the “Path” variable:
We recommend creating the folder “%USERPROFILE%\AppData\Local\bin” here, in which you can store your binaries.
2. if necessary, store the rights to execute the binary file.
3. check your previous steps by executing the following command:
talosctl version
If you see a client version, the binary version is now available for you.
Example of an output:
Client:
Tag: v1.7.2
SHA: f876025b
Built:
Go version: go1.22.3
OS/Arch: linux/amd64
Server:
nodes are not set for the command: please use `--nodes` flag or configuration file to set the nodes to run the command against
Usage:
talosctl version [flags]
Flags:
--client Print client version only
-h, --help help for version
-i, --insecure use Talos maintenance mode API
--short Print the short version
Global Flags:
--cluster string Cluster to connect to if a proxy endpoint is used.
--context string Context to be used in command
-e, --endpoints strings override default endpoints in Talos configuration
-n, --nodes strings target the specified nodes
--talosconfig string The path to the Talos configuration file. Defaults to 'TALOSCONFIG' env variable if set, otherwise '$HOME/.talos/config' and '/var/run/secrets/talos.dev/config' in order.
Configuration
The configuration of talosctl is almost identical to that of kubectl. All 3 methods are available, the only thing that has changed is that talosconfig is used instead of kubeconfig.
The default path of talosconfig is also in the user folder, but not in the folder “.kube”, but in the folder “.talos”: (~/.talos/config). If the Talosconfig is moved there, the talosctl command can be executed.
talosctl dashboard -n 100.110.255.11
The dashboard subcommand provides an overview of the current node, which is specified with “-n <ip>”. The IPs of the individual nodes can be read out using the kubectl command:
kubectl get nodes -o wide
Example of an output:
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
customer-cp-1-1 Ready control-plane 6d19h v1.30.3 100.110.255.11 <none> Talos (v1.7.5) 6.6.33-talos containerd://1.7.18
customer-w-1-1 Ready <none> 5d22h v1.30.3 100.110.255.21 <none> Talos (v1.7.5) 6.6.33-talos containerd://1.7.18
customer-w-1-2 Ready <none> 5d22h v1.30.3 100.110.255.22 <none> Talos (v1.7.5) 6.6.33-talos containerd://1.7.18
customer-w-1-3 Ready <none> 5d22h v1.30.3 100.110.255.23 <none> Talos (v1.7.5) 6.6.33-talos containerd://1.7.18
The IP address is displayed in the “INTERNAL-IP” column.
Method 2 - argument:
With talosctl, the configuration file can also be specified with an argument, in this case the argument is “--talosconfig”.
talosctl --talosconfig=./Downloads/talosconfig dashboard -n 100.110.255.11
Method 3 - Environment variable:
If the environment variable “TALOSCONFIG” is set to a path, this connection file is used.
TALOSCONFIG=./Downloads/talosconfig talosctl dashboard -n 100.110.255.11