This page provides some helpful tips for command line connectivity to LHDI and Kubernetes clusters in general. If this is your first time connecting to LHDI, you should start with Lightkeeper-tool.md. Please feel free to contribute your own recommendations and pro-tips for empowering command line connectivity to LHDI.

From PIV card to LHDI kubeconfig

LHDI access always begins with the lightkeeper cli tool, so be sure to start there first. In summary:

1. You'll use your PIV card, to access the VA Network, depending on your setup:

• https://digital.va.gov/employee-resources/remote-access/
• this can be a GFE device if one has been issued to you
• or a Citrix Workspace (mac-or-windows) - https://citrixaccess.va.gov/
• or an Azure Desktop (windows-only) - Azure Virtual Desktop MacOS Client Windows Desktop Client

2. Once on the VA network, you'll install the lightkeeper cli
3. Using lightkeeper, you'll create a clusterconfig (aka kubeconfig)

Prerequisites

• Install kubectl
  • brew install kubectl
• Install krew which is the kubectl plugin manager
• After installing krew, it is easy to install additional kubectl plugins. The two that I recommend are kubectx + kubens

  kubectl krew install ctx # allows you to easily switch between kubernetes clusters
  kubectl krew install ns # allows you to easily switch between kubernetes namespaces
  

• Install kctx-manager (Optional but recommended ) Allows you to manage multiple kubeconfig files with a simple set of subcommands: add/rename/delete

Terminology

• kubeconfig: A kubeconfig file is a configuration file used by the kubectl command-line tool to access and interact with Kubernetes clusters. It contains information such as cluster details, authentication credentials, and context settings. The default location for the kubeconfig file is ~/.kube/config. The kubeconfig file will not always contain secrets, but be advised that the lightkeeper cli that we use in LHDI deployments does, so treat the kubeconfigs produced via lightkeeper accordingly. The kubectl plugins kubectx and kctx-manager can help you manage multiple kubeconfig profiles while maintaining config context clarity, by remembering the context and namespace you've explicitly declared.
• kubernetes context: your root kubeconfig can support multiple kubernetes clusters. Use kctx-manager to add each kubeconfig to the default kubeconfig typically found in the .kubectl directory. list of default kubectl will interact with. lightkeeper will give you prod and nonprod kubeconfigs
• kubernetes namespaces:

Generic method

Once you have the kubeconfig of a kubernetes cluster, you can bring it under management using kctx-manager, for example:

• execute: kctx-manager add ~/Downloads/kubeconfig --name ldx-nonprod-1 and kctx-manager rename ldx-nonprod-1 nonprod

Listing/Updating contexts

List / Switch

You can list all the contexts using kubectx like shown below. You can also switch to the desired context by appending the context name.

╰─ kubectx
ldx-nonprod-1
ldx-prod-1

╰─ kubectx ldx-nonprod-1
Switched to context "ldx-nonprod-1".

Deleting/Renaming

If you wish to rename/delete a context you could use the kctx-manager as shown below

╰─ kctx-manager rename ldx-nonprod-1 dev
Context ldx-nonprod-1 renamed to dev successfully!