consul/website/content/docs/k8s/k8s-cli.mdx

315 lines
31 KiB
Markdown

---
layout: docs
page_title: Consul K8s CLI Reference
description: >-
Consul K8s CLI is a tool for quickly installing and interacting with Consul on Kubernetes.
---
# Consul on Kubernetes CLI Reference
The Consul on Kubernetes CLI, `consul-k8s`, is a tool for managing Consul
without requiring `Helm`, the [Consul CLI](/commands/index), or `kubectl`.
-> **Note**: For guidance on how to install `consul-k8s`, visit the
[Installing the Consul K8s CLI](/docs/k8s/installation/install-cli) documentation.
This topic describes the subcommands and available options for using `consul-k8s`.
## Usage
Consul K8s CLI uses the following syntax:
```shell-session
$ consul-k8s <SUBCOMMAND> <OPTIONS>
```
## Subcommands
You can use the following subcommands with `consul-k8s`.
- [`install`](#install) installs Consul to your Kubernetes cluster.
- [`proxy`](#proxy) allows you to interact with proxies managed by Consul on your Kubernetes cluster.
- [`proxy list`](#proxy-list)
- [`proxy read`](#proxy-read)
- [`status`](#status) displays the
- [`uninstall`](#uninstall)
- [`upgrade`](#upgrade)
- [`version`](#version)
### `install`
The `install` command installs Consul to your Kubernetes cluster.
```shell-session
$ consul-k8s install <OPTIONS>
```
The following options are available.
| Flag | Description | Default | Required |
| --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | -------- |
| `-auto-approve` &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; | Boolean value that enables you to skip the installation confirmation prompt. | `false` | Optional |
| `-dry-run` | Boolean value that validates the installation and returns a summary. | `false` | Optional |
| `-config-file` | String value that specifies the path to a file containing custom installation configurations, e.g., Consul Helm chart values file. <br/> You can use the `-config-file` flag multiple times to specify multiple files. | none | Optional |
| `-namespace` | String value that specifies the namespace of the Consul installation. | `consul` | Optional |
| `-preset` | String value that installs Consul based on a preset configuration. You can specify the following values: <br/> `demo`: Installs a single replica server with sidecar injection enabled; useful for testing service mesh functionality. <br/> `secure`: Installs a single replica server with sidecar injection, ACLs, and TLS enabled; useful for testing service mesh functionality. | Configuration of the Consul Helm chart. | Optional |
| `-set` | String value that enables you to set a customizable value. This flag is comparable to the `helm install --set` flag. <br/> You can use the `-set` flag multiple times to set multiple values. <br/> Consul Helm chart values are supported. | none | Optional |
| `-set-file` | String value that specifies the name of an arbitrary config file. This flag is comparable to the `helm install --set-file` <br/> flag. The contents of the file will be used to set a customizable value. You can use the `-set-file` flag multiple times to specify multiple files. <br/> Consul Helm chart values are supported. | none | Optional |
| `-set-string` | String value that enables you to set a customizable string value. This flag is comparable to the `helm install --set-string` <br/> flag. You can use the `-set-string` flag multiple times to specify multiple strings. <br/> Consul Helm chart values are supported. | none | Optional |
| `-timeout` | Specifies how long to wait for the installation process to complete before timing out. The value is specified with an integer and string value indicating a unit of time. <br/> The following units are supported: <br/> `ms` (milliseconds)<br/>`s` (seconds)<br/>`m` (minutes) <br/>In the following example, installation will timeout after one minute:<br/> `consul-k8s install -timeout 1m` | `10m` | Optional |
| `-wait` | Boolean value that determines if Consul should wait for resources in the installation to be ready before exiting the command. | `true` | Optional |
| `-verbose`, `-v` | Boolean value that specifies whether to output verbose logs from the install command with the status of resources being installed. | `false` | Optional |
| `-help`, `-h` | Prints usage information for this option. | none | Optional |
See [Global Options](#global-options) for additional commands that you can use when installing Consul on Kubernetes.
#### Example Commands
The following example command installs Consul according in the `myNS` namespace according to the `secure` preset.
```shell-session
$ consul-k8s install -preset=secure -namespace=myNS
```
The following example commands install Consul on Kubernetes using custom values, files, or strings that are set via flags. The underlying Consul-on-Kubernetes Helm chart uses the flags to customize the installation. The flags are comparable to the `helm install` [flags](https://helm.sh/docs/helm/helm_install/#helm-install).
```shell-session
$ consul-k8s install -set key=value
```
```shell-session
$ consul-k8s install -set key1=value1 -set key2=value2
```
```shell-session
$ consul-k8s install -set-file config1=value1.conf
```
```shell-session
$ consul-k8s install -set-file config1=value1.conf -set-file config2=value2.conf
```
```shell-session
$ consul-k8s install -set-string key=value-bool
```
### `proxy`
The `proxy` command exposes two subcommands for interacting proxies managed by
Consul in your Kubernetes Cluster.
- [`proxy list`](#proxy-list) List all Kubernetes pods running proxies managed by Consul.
- [`proxy read`](#proxy-read) Inspect the Envoy configuration for a given Pod.
### `proxy list`
```shell-session
$ consul-k8s proxy list <OPTIONS>
```
| Flag | Description | Default | Required |
| -------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | -------- |
| `-all-namespaces`, `-A` &nbsp; &nbsp; &nbsp; | `Boolean` List pods in all Kubernetes namespaces. | `false` | Optional |
| `-namespace`, `-n` | `String` The Kubernetes namespace to list proxies in. | Current [kubeconfig](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/) namespace. | Optional |
See [Global Options](#global-options) for additional commands that you can use
when installing Consul on Kubernetes.
This command will list proxies alongside their `Type`. Types of proxies include
- `Sidecar`: these will be the majority of pods in the cluster. They run the
proxy in a sidecar pattern to network the pod as a service in the mesh.
- `API Gateway`: these pods run a proxy to manage connections with networks
outside of the Consul cluster. [Read more about API gateways](/docs/api-gateway)
- `Ingress Gateway`: these pods run a proxy to manage ingress into the
Kubernetes cluster. [Read more about ingress gateways](/docs/k8s/connect/ingress-gateways)
- `Terminating Gateway`: these pods run a proxy to control connections to
external services. [Read more about terminating gateways](/docs/k8s/connect/terminating-gateways)
- `Mesh Gateway`: these pods run a proxy to manage connections between
Consul clusters connected using mesh federation. [Read more about Consul Mesh Federation](/docs/k8s/installation/multi-cluster/kubernetes)
#### Example Commands
Display all pods in the current Kubernetes namespace which run proxies managed
by Consul. Note that `Sidecar` pods are pods which are running the proxy in a
sidecar pattern and are services running in the mesh.
```shell-session
$ consul-k8s proxy list
```
```
Namespace: default
Name Type
backend-658b679b45-d5xlb Sidecar
client-767ccfc8f9-6f6gx Sidecar
client-767ccfc8f9-f8nsn Sidecar
client-767ccfc8f9-ggrtx Sidecar
frontend-676564547c-v2mfq Sidecar
```
Display all pods in the `consul` Kubernetes namespace which run proxies managed
by Consul. Note that these pods are labeled with the type `Ingress Gateway`.
They run a proxy managed by Consul for controlling ingress into the Kubernetes
cluster.
```shell-session
$ consul-k8s proxy list -n consul
```
```
Namespace: consul
Name Type
consul-ingress-gateway-6fb5544485-br6fl Ingress Gateway
consul-ingress-gateway-6fb5544485-m54sp Ingress Gateway
```
Display all pods across all
```shell-session
$ consul-k8s proxy list -A
```
```
Namespace: All Namespaces
Namespace Name Type
consul consul-ingress-gateway-6fb5544485-br6fl Ingress Gateway
consul consul-ingress-gateway-6fb5544485-m54sp Ingress Gateway
default backend-658b679b45-d5xlb Sidecar
default client-767ccfc8f9-6f6gx Sidecar
default client-767ccfc8f9-f8nsn Sidecar
default client-767ccfc8f9-ggrtx Sidecar
default frontend-676564547c-v2mfq Sidecar
```
### `proxy read`
### `status`
The `status` command provides an overall status summary of the Consul on Kubernetes installation. It also provides the config that was used to deploy Consul K8s and provides a quick glance at the health of both Consul servers and clients. This command does not take in any flags.
```shell-session
$ consul-k8s status
```
#### Example Command
```shell-session
$ consul-k8s status
==> Consul-K8s Status Summary
NAME | NAMESPACE | STATUS | CHARTVERSION | APPVERSION | REVISION | LAST UPDATED
---------+-----------+----------+--------------+------------+----------+--------------------------
consul | consul | deployed | 0.41.1 | 1.11.4 | 1 | 2022/03/10 07:48:58 MST
==> Config:
connectInject:
enabled: true
metrics:
defaultEnableMerging: true
defaultEnabled: true
enableGatewayMetrics: true
controller:
enabled: true
global:
metrics:
enableAgentMetrics: true
enabled: true
name: consul
prometheus:
enabled: true
server:
replicas: 1
ui:
enabled: true
service:
enabled: true
✓ Consul servers healthy (1/1)
✓ Consul clients healthy (3/3)
```
### `uninstall`
The `uninstall` command removes Consul from Kubernetes.
```shell-session
$ consul-k8s uninstall <OPTIONS>
```
The following options are available.
| Flag | Description | Default | Required |
| --------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | -------- |
| `-auto-approve` &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; | Boolean value that enables you to skip the removal confirmation prompt. | `false` | Optional |
| `-name` | String value for the name of the installation to remove. | none | Optional |
| `-namespace` | String value that specifies the namespace of the Consul installation to remove. | `consul` | Optional |
| `-timeout` | Specifies how long to wait for the removal process to complete before timing out. The value is specified with an integer and string value indicating a unit of time. <br/> The following units are supported: <br/> `ms` (milliseconds)<br/>`s` (seconds)<br/>`m` (minutes) <br/>`h` (hours) <br/>In the following example, removal will timeout after one minute:<br/> `consul-k8s uninstall -timeout 1m` | `10m` | Optional |
| `-wipe-data` | Boolean value that deletes PVCs and secrets associated with the Consul installation during installation. <br/> Data will be removed without a verification prompt if the `-auto-approve` flag is set to `true`. | `false` <br/> Instructions for removing data will be printed to the console. | Optional |
| `--help` | Prints usage information for this option. | none | Optional |
See [Global Options](#global-options) for additional commands that you can use when uninstalling Consul from Kubernetes.
#### Example Command
The following example command immediately uninstalls Consul from the `my-ns` namespace with the name `my-consul` and removes PVCs and secrets associated with the installation without asking for verification:
```shell-session
$ consul-k8s uninstall -namespace=my-ns -name=my-consul -wipe-data=true -auto-approve=true
```
### `upgrade`
-> The `consul-k8s upgrade` **subcommand is currently in beta**: This subcommand is not recommended for production environments.
The `upgrade` command upgrades the Consul on Kubernetes components to the current version of the `consul-k8s` cli. Prior to running `consul-k8s upgrade`, the `consul-k8s` CLI should first be upgraded to the latest version as described [Upgrade the Consul K8s CLI](#upgrade-the-consul-k8s-cli)
```shell-session
$ consul-k8s upgrade
```
The following options are available.
| Flag | Description | Default | Required |
| --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | -------- |
| `-auto-approve` &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; | Boolean value that enables you to skip the upgrade confirmation prompt. | `false` | Optional |
| `-dry-run` | Boolean value that allows you to run pre-upgrade checks and returns a summary of the upgrade. | `false` | Optional |
| `-config-file` | String value that specifies the path to a file containing custom upgrade configurations, e.g., Consul Helm chart values file. <br/> You can use the `-config-file` flag multiple times to specify multiple files. | none | Optional |
| `-namespace` | String value that specifies the namespace of the Consul installation. | `consul` | Optional |
| `-preset` | String value that upgrades Consul based on a preset configuration. | Configuration of the Consul Helm chart. | Optional |
| `-set` | String value that enables you to set a customizable value. This flag is comparable to the `helm upgrade --set` flag. <br/> You can use the `-set` flag multiple times to set multiple values. <br/> Consul Helm chart values are supported. | none | Optional |
| `-set-file` | String value that specifies the name of an arbitrary config file. This flag is comparable to the `helm upgrade --set-file` <br/> flag. The contents of the file will be used to set a customizable value. You can use the `-set-file` flag multiple times to specify multiple files. <br/> Consul Helm chart values are supported. | none | Optional |
| `-set-string` | String value that enables you to set a customizable string value. This flag is comparable to the `helm upgrade --set-string` <br/> flag. You can use the `-set-string` flag multiple times to specify multiple strings. <br/> Consul Helm chart values are supported. | none | Optional |
| `-timeout` | Specifies how long to wait for the upgrade process to complete before timing out. The value is specified with an integer and string value indicating a unit of time. <br/> The following units are supported: <br/> `ms` (milliseconds)<br/>`s` (seconds)<br/>`m` (minutes) <br/>In the following example, the upgrade will timeout after one minute:<br/> `consul-k8s upgrade -timeout 1m` | `10m` | Optional |
| `-wait` | Boolean value that determines if Consul should wait for resources in the upgrade to be ready before exiting the command. | `true` | Optional |
| `-verbose`, `-v` | Boolean value that specifies whether to output verbose logs from the upgrade command with the status of resources being upgraded. | `false` | Optional |
| `--help` | Prints usage information for this option. | none | Optional |
See [Global Options](#global-options) for additional commands that you can use when installing Consul on Kubernetes.
### `version`
The `version` command prints the Consul on Kubernetes version. This command does not take any options.
```shell-session
$ consul-k8s version
```
You can also print the version with the `--version` flag.
```shell-session
$ consul-k8s --version
```
## Global Options
The following global options are available.
| Flag | Description | Default | Required |
| ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- | ------- | -------- |
| `-context` &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; | String value that sets the Kubernetes context to use for Consul K8s CLI operations. | none | Optional |
| `-kubeconfig` <br/> Alias: `-c` | String value that specifies the path to the `kubeconfig` file. <br/> | none | Optional |