Breaking Down Kubeconfigs (Quick Start)

In this quickstart guide, you’re going to learn about what consists of a Kubeconfig and what each piece of the YAML means.

First, capture one of your Kubeconfigs on your local computer. It’s typically under `~/.kube`.


Next, open up the `config` in an editor of your choosing or by using the `cat` command to view it.

Below is a sample `config`. Let’s break it down by splitting it piece by piece.

```jsx
clusters:
- cluster:
certificate-authority-data: some_string_here
server: https://kubernetes.docker.internal:6443
name: docker-desktop
- cluster:
certificate-authority: /Users/michael/.minikube/ca.crt
extensions:
— extension:
last-update: Thu, 08 Sep 2022 12:50:41 EDT
provider: minikube.sigs.k8s.io
version: v1.25.1
name: cluster_info
server: https://127.0.0.1:64599
name: minikube
contexts:
- context:
cluster: docker-desktop
user: docker-desktop
name: docker-desktop
- context:
cluster: minikube
extensions:
— extension:
last-update: Thu, 08 Sep 2022 12:50:41 EDT
provider: minikube.sigs.k8s.io
version: v1.25.1
name: context_info
namespace: default
user: minikube
name: minikube
current-context: minikube
kind: Config
preferences: {}
users:
- name: docker-desktop
user:
client-certificate-data: some_string_here
client-key-data: some_string_here
- name: minikube
user:
client-certificate: /Users/michael/.minikube/profiles/minikube/client.crt
client-key: /Users/michael/.minikube/profiles/minikube/client.key
```

First things first — a `kubeconfig` is how you, the user, interacts with Kubernetes. To interact with a Kubernetes cluster, the `kubeconfig` needs information about your cluster. The first section of the config is the server name, certificate authority, server URL, Kubernetes API version, and metadata information about when the cluster has been updated. This is the actual connection piece to a cluster. You can have more than one cluster listed in a Kubeconfig depending on how many clusters you connect to.

```jsx
clusters:
- cluster:
certificate-authority-data: some_string_here
server: https://kubernetes.docker.internal:6443
name: docker-desktop
- cluster:
certificate-authority: /Users/michael/.minikube/ca.crt
extensions:
— extension:
last-update: Thu, 08 Sep 2022 12:50:41 EDT
provider: minikube.sigs.k8s.io
version: v1.25.1
name: cluster_info
server: https://127.0.0.1:64599
name: minikube
```

Next, there’s the context. The context is the configuration itself to the cluster. Like the cluster section of a config, you can have multiple contexts. The context consist of the username of the user using the Kubernetes cluster, the users default namespace, and the cluster information that the user is connecting to.

```jsx
contexts:
- context:
cluster: docker-desktop
user: docker-desktop
name: docker-desktop
- context:
cluster: minikube
extensions:
— extension:
last-update: Thu, 08 Sep 2022 12:50:41 EDT
provider: minikube.sigs.k8s.io
version: v1.25.1
name: context_info
namespace: default
user: minikube
name: minikube
```

The current context states what Kubernetes cluster inside of the config you have on your computer you’re currently connected to. You can change this to point to another cluster as long as you have appropriate access to said cluster.

```jsx
current-context: minikube
```

The last piece is the config, which is a Kubernetes resource/object itself. It specifies the user that’ll be used to connect to the current Kubernetes cluster, the name of the current Kubernetes cluster in the context, and the authorization (client cert and key) used so the current user that’s associated with the config can connect to the cluster.

```jsx
kind: Config
preferences: {}
users:
- name: docker-desktop
user:
client-certificate-data: some_string_here
client-key-data: some_string_here
- name: minikube
user:
client-certificate: /Users/michael/.minikube/profiles/minikube/client.crt
client-key: /Users/michael/.minikube/profiles/minikube/client.key
```