mirror of https://github.com/hashicorp/consul
315 lines
31 KiB
Markdown
315 lines
31 KiB
Markdown
---
|
|
layout: docs
|
|
page_title: Consul K8s CLI Reference
|
|
description: >-
|
|
Consul K8s CLI is a tool for quickly installing and interacting with Consul on Kubernetes.
|
|
---
|
|
|
|
# Consul on Kubernetes CLI Reference
|
|
|
|
The Consul on Kubernetes CLI, `consul-k8s`, is a tool for managing Consul
|
|
without requiring `Helm`, the [Consul CLI](/commands/index), or `kubectl`.
|
|
|
|
-> **Note**: For guidance on how to install `consul-k8s`, visit the
|
|
[Installing the Consul K8s CLI](/docs/k8s/installation/install-cli) documentation.
|
|
|
|
This topic describes the subcommands and available options for using `consul-k8s`.
|
|
|
|
## Usage
|
|
|
|
Consul K8s CLI uses the following syntax:
|
|
|
|
```shell-session
|
|
$ consul-k8s <SUBCOMMAND> <OPTIONS>
|
|
```
|
|
|
|
## Subcommands
|
|
|
|
You can use the following subcommands with `consul-k8s`.
|
|
|
|
- [`install`](#install) installs Consul to your Kubernetes cluster.
|
|
- [`proxy`](#proxy) allows you to interact with proxies managed by Consul on your Kubernetes cluster.
|
|
- [`proxy list`](#proxy-list)
|
|
- [`proxy read`](#proxy-read)
|
|
- [`status`](#status) displays the
|
|
- [`uninstall`](#uninstall)
|
|
- [`upgrade`](#upgrade)
|
|
- [`version`](#version)
|
|
|
|
### `install`
|
|
|
|
The `install` command installs Consul to your Kubernetes cluster.
|
|
|
|
```shell-session
|
|
$ consul-k8s install <OPTIONS>
|
|
```
|
|
|
|
The following options are available.
|
|
|
|
| Flag | Description | Default | Required |
|
|
| --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | -------- |
|
|
| `-auto-approve` | Boolean value that enables you to skip the installation confirmation prompt. | `false` | Optional |
|
|
| `-dry-run` | Boolean value that validates the installation and returns a summary. | `false` | Optional |
|
|
| `-config-file` | String value that specifies the path to a file containing custom installation configurations, e.g., Consul Helm chart values file. <br/> You can use the `-config-file` flag multiple times to specify multiple files. | none | Optional |
|
|
| `-namespace` | String value that specifies the namespace of the Consul installation. | `consul` | Optional |
|
|
| `-preset` | String value that installs Consul based on a preset configuration. You can specify the following values: <br/> `demo`: Installs a single replica server with sidecar injection enabled; useful for testing service mesh functionality. <br/> `secure`: Installs a single replica server with sidecar injection, ACLs, and TLS enabled; useful for testing service mesh functionality. | Configuration of the Consul Helm chart. | Optional |
|
|
| `-set` | String value that enables you to set a customizable value. This flag is comparable to the `helm install --set` flag. <br/> You can use the `-set` flag multiple times to set multiple values. <br/> Consul Helm chart values are supported. | none | Optional |
|
|
| `-set-file` | String value that specifies the name of an arbitrary config file. This flag is comparable to the `helm install --set-file` <br/> flag. The contents of the file will be used to set a customizable value. You can use the `-set-file` flag multiple times to specify multiple files. <br/> Consul Helm chart values are supported. | none | Optional |
|
|
| `-set-string` | String value that enables you to set a customizable string value. This flag is comparable to the `helm install --set-string` <br/> flag. You can use the `-set-string` flag multiple times to specify multiple strings. <br/> Consul Helm chart values are supported. | none | Optional |
|
|
| `-timeout` | Specifies how long to wait for the installation process to complete before timing out. The value is specified with an integer and string value indicating a unit of time. <br/> The following units are supported: <br/> `ms` (milliseconds)<br/>`s` (seconds)<br/>`m` (minutes) <br/>In the following example, installation will timeout after one minute:<br/> `consul-k8s install -timeout 1m` | `10m` | Optional |
|
|
| `-wait` | Boolean value that determines if Consul should wait for resources in the installation to be ready before exiting the command. | `true` | Optional |
|
|
| `-verbose`, `-v` | Boolean value that specifies whether to output verbose logs from the install command with the status of resources being installed. | `false` | Optional |
|
|
| `-help`, `-h` | Prints usage information for this option. | none | Optional |
|
|
|
|
See [Global Options](#global-options) for additional commands that you can use when installing Consul on Kubernetes.
|
|
|
|
#### Example Commands
|
|
|
|
The following example command installs Consul according in the `myNS` namespace according to the `secure` preset.
|
|
|
|
```shell-session
|
|
$ consul-k8s install -preset=secure -namespace=myNS
|
|
```
|
|
|
|
The following example commands install Consul on Kubernetes using custom values, files, or strings that are set via flags. The underlying Consul-on-Kubernetes Helm chart uses the flags to customize the installation. The flags are comparable to the `helm install` [flags](https://helm.sh/docs/helm/helm_install/#helm-install).
|
|
|
|
```shell-session
|
|
$ consul-k8s install -set key=value
|
|
```
|
|
|
|
```shell-session
|
|
$ consul-k8s install -set key1=value1 -set key2=value2
|
|
```
|
|
```shell-session
|
|
$ consul-k8s install -set-file config1=value1.conf
|
|
```
|
|
|
|
```shell-session
|
|
$ consul-k8s install -set-file config1=value1.conf -set-file config2=value2.conf
|
|
```
|
|
|
|
```shell-session
|
|
$ consul-k8s install -set-string key=value-bool
|
|
```
|
|
|
|
### `proxy`
|
|
|
|
The `proxy` command exposes two subcommands for interacting proxies managed by
|
|
Consul in your Kubernetes Cluster.
|
|
|
|
- [`proxy list`](#proxy-list) List all Kubernetes pods running proxies managed by Consul.
|
|
- [`proxy read`](#proxy-read) Inspect the Envoy configuration for a given Pod.
|
|
|
|
### `proxy list`
|
|
|
|
```shell-session
|
|
$ consul-k8s proxy list <OPTIONS>
|
|
```
|
|
|
|
| Flag | Description | Default | Required |
|
|
| -------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | -------- |
|
|
| `-all-namespaces`, `-A` | `Boolean` List pods in all Kubernetes namespaces. | `false` | Optional |
|
|
| `-namespace`, `-n` | `String` The Kubernetes namespace to list proxies in. | Current [kubeconfig](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/) namespace. | Optional |
|
|
|
|
See [Global Options](#global-options) for additional commands that you can use
|
|
when installing Consul on Kubernetes.
|
|
|
|
This command will list proxies alongside their `Type`. Types of proxies include
|
|
|
|
- `Sidecar`: these will be the majority of pods in the cluster. They run the
|
|
proxy in a sidecar pattern to network the pod as a service in the mesh.
|
|
- `API Gateway`: these pods run a proxy to manage connections with networks
|
|
outside of the Consul cluster. [Read more about API gateways](/docs/api-gateway)
|
|
- `Ingress Gateway`: these pods run a proxy to manage ingress into the
|
|
Kubernetes cluster. [Read more about ingress gateways](/docs/k8s/connect/ingress-gateways)
|
|
- `Terminating Gateway`: these pods run a proxy to control connections to
|
|
external services. [Read more about terminating gateways](/docs/k8s/connect/terminating-gateways)
|
|
- `Mesh Gateway`: these pods run a proxy to manage connections between
|
|
Consul clusters connected using mesh federation. [Read more about Consul Mesh Federation](/docs/k8s/installation/multi-cluster/kubernetes)
|
|
|
|
#### Example Commands
|
|
|
|
Display all pods in the current Kubernetes namespace which run proxies managed
|
|
by Consul. Note that `Sidecar` pods are pods which are running the proxy in a
|
|
sidecar pattern and are services running in the mesh.
|
|
|
|
```shell-session
|
|
$ consul-k8s proxy list
|
|
```
|
|
|
|
```
|
|
Namespace: default
|
|
|
|
Name Type
|
|
backend-658b679b45-d5xlb Sidecar
|
|
client-767ccfc8f9-6f6gx Sidecar
|
|
client-767ccfc8f9-f8nsn Sidecar
|
|
client-767ccfc8f9-ggrtx Sidecar
|
|
frontend-676564547c-v2mfq Sidecar
|
|
```
|
|
|
|
Display all pods in the `consul` Kubernetes namespace which run proxies managed
|
|
by Consul. Note that these pods are labeled with the type `Ingress Gateway`.
|
|
They run a proxy managed by Consul for controlling ingress into the Kubernetes
|
|
cluster.
|
|
|
|
```shell-session
|
|
$ consul-k8s proxy list -n consul
|
|
```
|
|
|
|
```
|
|
Namespace: consul
|
|
|
|
Name Type
|
|
consul-ingress-gateway-6fb5544485-br6fl Ingress Gateway
|
|
consul-ingress-gateway-6fb5544485-m54sp Ingress Gateway
|
|
```
|
|
|
|
Display all pods across all
|
|
|
|
```shell-session
|
|
$ consul-k8s proxy list -A
|
|
```
|
|
|
|
```
|
|
Namespace: All Namespaces
|
|
|
|
Namespace Name Type
|
|
consul consul-ingress-gateway-6fb5544485-br6fl Ingress Gateway
|
|
consul consul-ingress-gateway-6fb5544485-m54sp Ingress Gateway
|
|
default backend-658b679b45-d5xlb Sidecar
|
|
default client-767ccfc8f9-6f6gx Sidecar
|
|
default client-767ccfc8f9-f8nsn Sidecar
|
|
default client-767ccfc8f9-ggrtx Sidecar
|
|
default frontend-676564547c-v2mfq Sidecar
|
|
```
|
|
|
|
### `proxy read`
|
|
|
|
|
|
### `status`
|
|
|
|
The `status` command provides an overall status summary of the Consul on Kubernetes installation. It also provides the config that was used to deploy Consul K8s and provides a quick glance at the health of both Consul servers and clients. This command does not take in any flags.
|
|
|
|
```shell-session
|
|
$ consul-k8s status
|
|
```
|
|
|
|
#### Example Command
|
|
|
|
```shell-session
|
|
$ consul-k8s status
|
|
|
|
==> Consul-K8s Status Summary
|
|
NAME | NAMESPACE | STATUS | CHARTVERSION | APPVERSION | REVISION | LAST UPDATED
|
|
---------+-----------+----------+--------------+------------+----------+--------------------------
|
|
consul | consul | deployed | 0.41.1 | 1.11.4 | 1 | 2022/03/10 07:48:58 MST
|
|
|
|
==> Config:
|
|
connectInject:
|
|
enabled: true
|
|
metrics:
|
|
defaultEnableMerging: true
|
|
defaultEnabled: true
|
|
enableGatewayMetrics: true
|
|
controller:
|
|
enabled: true
|
|
global:
|
|
metrics:
|
|
enableAgentMetrics: true
|
|
enabled: true
|
|
name: consul
|
|
prometheus:
|
|
enabled: true
|
|
server:
|
|
replicas: 1
|
|
ui:
|
|
enabled: true
|
|
service:
|
|
enabled: true
|
|
|
|
✓ Consul servers healthy (1/1)
|
|
✓ Consul clients healthy (3/3)
|
|
```
|
|
|
|
### `uninstall`
|
|
|
|
The `uninstall` command removes Consul from Kubernetes.
|
|
|
|
```shell-session
|
|
$ consul-k8s uninstall <OPTIONS>
|
|
```
|
|
|
|
The following options are available.
|
|
|
|
| Flag | Description | Default | Required |
|
|
| --------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | -------- |
|
|
| `-auto-approve` | Boolean value that enables you to skip the removal confirmation prompt. | `false` | Optional |
|
|
| `-name` | String value for the name of the installation to remove. | none | Optional |
|
|
| `-namespace` | String value that specifies the namespace of the Consul installation to remove. | `consul` | Optional |
|
|
| `-timeout` | Specifies how long to wait for the removal process to complete before timing out. The value is specified with an integer and string value indicating a unit of time. <br/> The following units are supported: <br/> `ms` (milliseconds)<br/>`s` (seconds)<br/>`m` (minutes) <br/>`h` (hours) <br/>In the following example, removal will timeout after one minute:<br/> `consul-k8s uninstall -timeout 1m` | `10m` | Optional |
|
|
| `-wipe-data` | Boolean value that deletes PVCs and secrets associated with the Consul installation during installation. <br/> Data will be removed without a verification prompt if the `-auto-approve` flag is set to `true`. | `false` <br/> Instructions for removing data will be printed to the console. | Optional |
|
|
| `--help` | Prints usage information for this option. | none | Optional |
|
|
|
|
See [Global Options](#global-options) for additional commands that you can use when uninstalling Consul from Kubernetes.
|
|
|
|
#### Example Command
|
|
|
|
The following example command immediately uninstalls Consul from the `my-ns` namespace with the name `my-consul` and removes PVCs and secrets associated with the installation without asking for verification:
|
|
|
|
```shell-session
|
|
$ consul-k8s uninstall -namespace=my-ns -name=my-consul -wipe-data=true -auto-approve=true
|
|
```
|
|
|
|
### `upgrade`
|
|
|
|
-> The `consul-k8s upgrade` **subcommand is currently in beta**: This subcommand is not recommended for production environments.
|
|
|
|
The `upgrade` command upgrades the Consul on Kubernetes components to the current version of the `consul-k8s` cli. Prior to running `consul-k8s upgrade`, the `consul-k8s` CLI should first be upgraded to the latest version as described [Upgrade the Consul K8s CLI](#upgrade-the-consul-k8s-cli)
|
|
|
|
```shell-session
|
|
$ consul-k8s upgrade
|
|
```
|
|
|
|
The following options are available.
|
|
|
|
| Flag | Description | Default | Required |
|
|
| --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | -------- |
|
|
| `-auto-approve` | Boolean value that enables you to skip the upgrade confirmation prompt. | `false` | Optional |
|
|
| `-dry-run` | Boolean value that allows you to run pre-upgrade checks and returns a summary of the upgrade. | `false` | Optional |
|
|
| `-config-file` | String value that specifies the path to a file containing custom upgrade configurations, e.g., Consul Helm chart values file. <br/> You can use the `-config-file` flag multiple times to specify multiple files. | none | Optional |
|
|
| `-namespace` | String value that specifies the namespace of the Consul installation. | `consul` | Optional |
|
|
| `-preset` | String value that upgrades Consul based on a preset configuration. | Configuration of the Consul Helm chart. | Optional |
|
|
| `-set` | String value that enables you to set a customizable value. This flag is comparable to the `helm upgrade --set` flag. <br/> You can use the `-set` flag multiple times to set multiple values. <br/> Consul Helm chart values are supported. | none | Optional |
|
|
| `-set-file` | String value that specifies the name of an arbitrary config file. This flag is comparable to the `helm upgrade --set-file` <br/> flag. The contents of the file will be used to set a customizable value. You can use the `-set-file` flag multiple times to specify multiple files. <br/> Consul Helm chart values are supported. | none | Optional |
|
|
| `-set-string` | String value that enables you to set a customizable string value. This flag is comparable to the `helm upgrade --set-string` <br/> flag. You can use the `-set-string` flag multiple times to specify multiple strings. <br/> Consul Helm chart values are supported. | none | Optional |
|
|
| `-timeout` | Specifies how long to wait for the upgrade process to complete before timing out. The value is specified with an integer and string value indicating a unit of time. <br/> The following units are supported: <br/> `ms` (milliseconds)<br/>`s` (seconds)<br/>`m` (minutes) <br/>In the following example, the upgrade will timeout after one minute:<br/> `consul-k8s upgrade -timeout 1m` | `10m` | Optional |
|
|
| `-wait` | Boolean value that determines if Consul should wait for resources in the upgrade to be ready before exiting the command. | `true` | Optional |
|
|
| `-verbose`, `-v` | Boolean value that specifies whether to output verbose logs from the upgrade command with the status of resources being upgraded. | `false` | Optional |
|
|
| `--help` | Prints usage information for this option. | none | Optional |
|
|
|
|
See [Global Options](#global-options) for additional commands that you can use when installing Consul on Kubernetes.
|
|
|
|
### `version`
|
|
|
|
The `version` command prints the Consul on Kubernetes version. This command does not take any options.
|
|
|
|
```shell-session
|
|
$ consul-k8s version
|
|
```
|
|
|
|
You can also print the version with the `--version` flag.
|
|
|
|
```shell-session
|
|
$ consul-k8s --version
|
|
```
|
|
|
|
## Global Options
|
|
|
|
The following global options are available.
|
|
|
|
| Flag | Description | Default | Required |
|
|
| ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- | ------- | -------- |
|
|
| `-context` | String value that sets the Kubernetes context to use for Consul K8s CLI operations. | none | Optional |
|
|
| `-kubeconfig` <br/> Alias: `-c` | String value that specifies the path to the `kubeconfig` file. <br/> | none | Optional |
|