First draft of kubectl topic (#492)

2018-02-12 15:50:03 -08:00 · 2018-02-12 15:50:03 -08:00 · 170018b0c9
parent e2a6d22e87
commit 170018b0c9
3 changed files with 121 additions and 9 deletions
--- a/_data/toc.yaml
+++ b/_data/toc.yaml
@ -1679,6 +1679,8 @@ manuals:
        title: Web-based access
      - path: /ee/ucp/user-access/cli/
        title: CLI-based access
+      - path: /ee/ucp/user-access/kubectl/
+        title: Install the Kubernetes CLI
    - sectiontitle: Deploy apps with Swarm
      section:
      - title: Deploy a single service
--- a/ee/ucp/user-access/cli.md
+++ b/ee/ucp/user-access/cli.md
@ -17,12 +17,12 @@ redirect_from:
 {% if include.version=="ucp-3.0" %}

 With Universal Control Plane you can continue using the tools you know and
-love like the Docker CLI client and Kubectl. You just need to download and use
+love like the Docker CLI client and kubectl. You just need to download and use
 a UCP client bundle.

 A client bundle contains a private and public key pair that authorizes your
 requests in UCP. It also contains utility scripts you can use to configure
-your Docker and Kubectl client tools to talk to your UCP deployment.
+your Docker and kubectl client tools to talk to your UCP deployment.

 ## Download client certificates

@ -75,7 +75,7 @@ The client bundle utility scripts update the the environment variables
 `DOCKER_HOST` to make your client tools communicate with your UCP deployment,
 and the `DOCKER_CERT_PATH` environment variable to use the client certificates
 that are included in the client bundle you downloaded. The utility scripts also
-run the `kubectl config` command to configure Kubectl.
+run the `kubectl config` command to configure kubectl.

 To confirm that your client tools are now communicating with UCP, run:

@ -94,6 +94,7 @@ docker version --format '{{.Server.Version}}'
 <hr>
 </div>
 <div id="kube" class="tab-pane fade" markdown="1">
+
 ```bash
 kubectl config current-context
 ```
@ -101,7 +102,7 @@ kubectl config current-context
 </div>
 </div>

-You can now use the Docker and Kubectl clients to create resources in UCP.
+You can now use the Docker and kubectl clients to create resources in UCP.

 ## Client certificates for administrators

@ -116,16 +117,16 @@ UCP issues different types of certificates depending on the user:

 You can also download client bundles by using the
 [UCP REST API](/reference/ucp/3.0/api/). In this example,
-we use `curl` to make the web requests to the API, and `jq` to parse the
-responses.
+we use `curl` to make the web requests to the API, `jq` to parse the
+responses, and `unzip` to unpack the zip archive.

-To install these tools on a Ubuntu distribution, you can run:
+To install these tools on an Ubuntu distribution, you can run:

 ```bash
-sudo apt-get update && sudo apt-get install curl jq
+sudo apt-get update && sudo apt-get install curl jq unzip
 ```

-Then you get an authentication token from UCP, and use it to download the
+Then you get an authentication token from UCP and use it to download the
 client certificates.

 ```bash
@ -134,6 +135,12 @@ AUTHTOKEN=$(curl -sk -d '{"username":"<username>","password":"<password>"}' http

 # Download the client certificate bundle
 curl -k -H "Authorization: Bearer $AUTHTOKEN" https://<ucp-ip>/api/clientbundle -o bundle.zip
+
+# Unzip the bundle.
+unzip bundle.zip
+
+# Run the utility script.
+eval "$(<env.sh)"
 ```

 On Windows Server 2016, open an elevated PowerShell prompt and run:
--- a/ee/ucp/user-access/kubectl.md
+++ b/ee/ucp/user-access/kubectl.md
@ -0,0 +1,103 @@
+---
+title: Install the Kubernetes CLI
+description: Learn how to install kubectl, the Kubernetes command-line tool, on Docker Universal Control Plane.
+keywords: ucp, cli, administration, kubectl, Kubernetes
+ui_tabs:
+- version: ucp-3.0
+  orhigher: false
+next_steps:
+- path: ../kubernetes/
+  title: Deploy a workload to a Kubernetes cluster
+- path: /docker-for-mac/kubernetes/
+  title: Deploy to Kubernetes on Docker for Mac
+---
+
+Docker EE installs Kubernetes automatically when you install UCP, and the
+web UI enables deploying Kubernetes workloads and monitoring pods. You can
+also interact with the Kubernetes deployment by using the Kubernetes
+command-line tool, which is named kubectl.
+
+To use kubectl, install the binary on a UCP manager or worker node. To access
+the UCP cluster with kubectl, install the UCP client bundle.
+
+> Kubernetes on Docker for Mac 
+>
+> Docker for Mac 17.12 CE Edge provides a standalone Kubernetes server that
+> runs on your Mac, with kubectl installed by default. This installation is
+> separate from the Kubernetes deployment on a UCP cluster.
+> Learn how to [deploy to Kubernetes on Docker for Mac](/docker-for-mac/kubernetes.md).
+{: .important}
+
+## Install the kubectl binary
+
+Install the latest version of kubectl for Linux on the node where you want
+to control Kubernetes. You can install kubectl on both manager and worker
+nodes. Learn how to [install and set up kubectl](https://v1-8.docs.kubernetes.io/docs/tasks/tools/install-kubectl/).
+
+On any node in your UCP cluster, run the following commands.
+
+```bash
+# Get the kubectl binary.
+curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
+
+# Make the kubectl binary executable.
+chmod +x ./kubectl
+
+# Move the kubectl executable to /usr/local/bin.
+sudo mv ./kubectl /usr/local/bin/kubectl
+
+```
+
+Repeat these commands on every node that you want to control Kubernetes from.
+
+## Install the UCP client bundle
+
+To access the Kubernetes API server that UCP exposes, you need the private and
+public key pair that authorizes your requests to UCP. Follow the instructions
+in [CLI-based access](cli.md#download-client-certificates-by-using-the-rest-api)
+to install the client bundle.
+
+> UCP client bundle is required
+>
+> If you run a kubectl command without the client bundle, you'll get an
+> error like this:
+> ```
+> The connection to the server localhost:8080 was refused - did you specify the right host or port?
+> ```
+{: .warning}
+
+## Confirm the connection to UCP
+
+To confirm that kubectl is communicating with UCP, run:
+
+```bash
+kubectl config current-context
+```
+
+If the UCP client bundle is installed correctly, you'll see something like
+this: 
+
+```
+ucp_54.70.245.225:6443_admin
+```
+
+## Inspect Kubernetes resources
+
+When the kubectl executable is in place and the UCP client bundle is
+installed, you can run kubectl commands against the UCP cluster, like you
+would on any Kubernetes deployment.
+
+For example, to see all resources in the default namespace, run:
+
+```bash
+kubectl get all
+```
+
+If you haven't deployed any Kubernetes workloads or created any Kubernetes
+objects, you'll see something like this:
+
+```
+NAME             TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
+svc/kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   5d
+```
+