๐Authentication
For authentication and cluster interaction, a KubernetesCluster
class is provided. In the showcase, you have been shown how to initialize a Kubernetes Cluster instance when the method is kubectl proxy
-supported.
As an argument, you can pass any Kubernetes endpoint towards your cluster:
Further to this page, you will find some ways to authenticate to your cluster.
Bearer Token
The simplest way is to attach a bearer token to the request:
You can also attach a token from a file path:
HTTP authentication header
In case you have a username-password HTTP authentication, the underlying code will make it accessible for you:
In-Cluster
Kubernetes allows Pods to access the internal kubeapi within a container. Each pod that runs in a Cluster has a token and a CA certificate injected at a specific location. The package will recognize the files and will apply the token and the CA accordingly.
Please keep in mind that this works only within pods that run in a Kubernetes cluster.
Authenticating with kubeconfig file
You may call fromKubeConfigYamlFile
method to specify the cluster to be authenticated with the given kubeconfig path and use the passed context:
KUBECONFIG
environment variable
KUBECONFIG
environment variableAvailable from: 2.12+
Instead of passing a single kubeconfig file with fromKubeConfigYamlFile
, you may use the KUBECONFIG
variabile. This variable is defined in the specs as holding multiple paths to different kubeconfig files. From all the paths, PHPK8s will merge all kubeconfig files and will use the specified.
SSL/TLS Support
Besides the authentication, you might want to pass SSL data for the API requests:
If you have a CA certificate, you might also want to pass it:
For testing purposes or local checkups, you can disable SSL checks. This will disable peer verification:
Last updated