Gitpod : How to use kubectl and manage Kubernetes clusters ?

Florian Lacrampe — Wed, 13 Oct 2021 13:00:57 +0000

Introduction

Gitpod is a Ready-to-Code development platform which allow users to quickly contribute on projects. This platform is powered by VS-Code online.

GitOps is now a standard approach to manage applications and infrastructure delivery. Gitpod is very usefull for that, because you can offer to anyone a Ready-to-Use platform to administrate and contribute.

Gitpod simplifying project startup ! All the tools you use will be available in the VS-Code terminal.

Here, i will share my experience with Gitpod to administrate and contribute on Kubernetes projects.

Requirements

Gitpod account on gitpod.io (Or self-hosted instance)
Gitlab / Github account (or private Git server)
Working Kubernetes cluster
A web browser !

Getting Started

1. Init git project

First, you need to create en empty git project and open it with Gitpod.

Tips: You can install web-browser extension to quickly open git projects with Gitpod : https://www.gitpod.io/docs/browser-extension/

2. Set up .gitpod.yml

Gitpod allow user to specify environments settings like :

Environment Docker image
VS-Code extensions
Startup tasks

Here, we want to manage and administrate a Kubernetes cluster.

Unfortunately, official Gitpod environment image does not contain Kubernetes administration tools (kubectl, Helm, Kustomize etc..).

So, we going to change default image to use a custom image with all needed tools.

Use image from Docker Hub (Easy method !)

I recently publish a Docker image with useful tools to manage Kubernetes cluster through Gitpod.

Project : https://github.com/quadeare/gitpod-kubectl

You can test this Gitpod environement by opening this project with Gitpod :

Create a .gitpod.yml file and copy the following content :

image: quadeare/gitpod-kubectl:latest

After that, commit and push .gitpod.yml. Then, restart Gitpod workspace (close and open).

Use local Dockerfile (Take control !)

You can also build you own Docker image (by using Gitpod) and remain self-sufficient without having to depend on an external image.

So, you can create a simple .gitpod.yml file with the following:

image:
  file: .gitpod.Dockerfile

Next, create .gitpod.Dockerfile like that :

FROM gitpod/workspace-base:latest

ARG KUBECTL_VERSION=v1.22.2

RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl && \
    chmod +x ./kubectl && \
    sudo mv ./kubectl /usr/local/bin/kubectl && \
    mkdir ~/.kube

RUN set -x; cd "$(mktemp -d)" && \
    OS="$(uname | tr '[:upper:]' '[:lower:]')" && \
    ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" && \
    curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/latest/download/krew.tar.gz" && \
    tar zxvf krew.tar.gz && \
    KREW=./krew-"${OS}_${ARCH}" && \
    "$KREW" install krew && \
    echo 'export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"' >> /home/gitpod/.bashrc

After that, commit and push .gitpod.yml/.gitpod.Dockerfile. Then, restart Gitpod workspace (close and open).

3. Add your kubeconfig as Gitpod secret

To administrate your Kubernetes cluster from Gitpod, you need to add Kubeconfig content as secret on Gitpod.

Gitpod supports encrypted, user-specific environment variables. They are stored as part of your user settings and can be used to set access tokens, or pass any other kind of user-specific information to your workspaces.

Convert Kubeconfig to base64

cat kubeconfig | base64 -w 0

Copy Kubeconfig (base64 format) to Gitpod

You can add multiple kubeconfig secrets with same variable name (ex : K8S_CTX) by using project scope !

4. Configure your project to extract kubeconfig

Now, edit your .gitpod.yml file and add this following content :

tasks:
  - name: Set Glados K8s context
    command: echo $K8S_CTX | base64 -d > ~/.kube/config

After that, commit and push .gitpod.yml. Then, restart Gitpod workspace (close and open).

Now, you should be able to administrate your Kubernetes cluster with Kubectl, Helm or even with VS-Code by using Kubernetes extension.

Kubectl and Helm commands

VS-Code Kubernetes extension

Conclusion

Gitpod can be very useful to quickly get a handle on Kubernetes clusters without having to install all tools (Kubectl, Krew plugins, Kustomize etc..).

However, it may be necessary to ask security question :

Are Gitpod secrets really secured ?
Are Gitpod workspace perfectly isolated ?
Is it reasonable to put kubernetes cluster connection informations on Gitpod?

In my case, i prefer to install self-hosted Gitpod to keep my secrets/workspaces in secure place, but that may not be enough.

Moreover, it should not replace an automation by continuous integration. It's very convenient to talk directly to a Kubernetes cluster, but Gitpod should not become a Kubernetes deployment solution. It should be used only for troobleshooting or testing.

DEV Community: Florian Lacrampe