Kubectl: Under the Hood
In this article, we will learn what happens when we run a kubectl command and what goes on behind the scenes.
When you run a kubectl command, the first thing kubectl does is search for a Kubernetes configuration file in the current directory and in your home directory.
If it finds a configuration file, kubectl reads it to determine the endpoint for the cluster that you want to manage.
kubectl then authenticates to the API server using the credentials specified in the configuration file.
Once authenticated, kubectl sends the command to the API server.
The API server validates the command and executes it.
The API server then returns the results to kubectl.
kubectl then displays the results to you.
Here is a more detailed explanation of each step, for beginners:
Authentication and authorization:
Kubernetes uses a variety of authentication and authorization methods. The most common method is to use a kubeconfig file. A kubeconfig file contains the credentials needed to authenticate with the Kubernetes API server. It also contains information about the Kubernetes clusters that you have access to.
Once kubectl has authenticated with the Kubernetes API server, it checks if you have authorization to perform the requested action. This is done by checking your role bindings. A role binding is a mapping between a user or group and a set of roles. A role is a set of permissions that allow you to perform certain actions on Kubernetes resources.
API call
kubectl triggers an API call to the Kubernetes API server based on the command you have issued. The API call will be specific to the resource you are trying to manage and the action you are trying to perform.
For example, if you run kubectl get pods, kubectl will construct an API call to the GET /api/v1/namespaces/<namespace>/pods endpoint. This endpoint returns a list of all pods running in the specified namespace.
API response
The Kubernetes API server processes the API call and returns a response. The response will contain the requested information, such as a list of all pods running in a namespace.
Output to user
kubectl parses the API response and outputs it to the user in the requested format. The default format is YAML, but you can also specify JSON or other formats.
For example, if you ran kubectl get pods -o json, kubectl would output the list of pods in JSON format.
Here is an example of how to use kubectl to get a list of all pods running in the default namespace:
kubectl get pods
This will output a list of all pods, in YAML format.
You can also use kubectl to get more information about a specific pod. For example, to get information about the pod named first-pod, you would run the following command:
kubectl get pod first-pod
This will output detailed information about the pod, such as its status, container image, and IP address.
kubectl is a powerful tool for managing Kubernetes clusters. It allows you to perform a wide range of tasks, such as creating and deleting resources, viewing logs, and scaling applications.