Extending Kubectl with Plugins
Aditya Joshi
Posted on November 12, 2022
Plugins are software extensions that can be loaded on a program to improve its functionality. kubectl
is a tool that allows you to perform literally any and all Kubernetes-related tasks. This tool is used to make a list of all pods in the cluster and debug nodes. kubectl’s functionality can be extended with the help of the plugin. You can create kubectl plugins to solve some of the use cases that are complex in nature.
But what is the kubectl plugin?
A plugin is a standalone executable file, whose name begins with kubectl-
. To install a plugin, move its executable file anywhere on your PATH.
Krew is the package manager for kubectl
plugins as well as Kubernetes SIG that aims at solving the package management issue for kubectl.
Criteria to be a plugin
There are two important criteria to qualify as a kubectl plugin
- Plugin binary name must start with
kubectl-
followed by the name of your plugin. Exkubectl-decode
,kubectl-count
. - The plugin binary must be present in the
PATH
variable so that kubectl can identify it as the plugin.
Usecase
We will be creating a kubectl plugin that will decode the Kubernetes secrets. We all know that Kubernetes stores the Secrets in the base64 decoded format and if have to see the values of those secrets we need to extract the base64 encode value and then decode with plain text.
Kubernetes secret stored in base64 format
Expectation
Let's first set up the expectations/expected output from the plugin we will develop. we want the plugin to return the base64 encoded secrets in plain text. Also, it should support a way to specify the Kubernetes namespaces.
Implementation
For this article, we are going to create this plugin using the shell script but the same can be done using any programming language.
We want this plugin to work like how a normal kubectl command works, where the user specifies the operation (create, update, delete and get) and the resource (pod, deployment, configmap, secret), also user can provide the namespace over which he wants to perform that operation, but if no namespace is provided default namespace is considered.
I have made a video on creating kubectl plugins using GoLang
- We will create a text file with the name
kubectl-decode
, where decode is the name of our plugin. - Next, will use the kubectl command itself to get the secret and with the help of go-template, we can iterate over the secrets and decode them.
- Put the plugin in the
PATH
variable so that kubectl can recognise it as the plugin.
#!/bin/bash
if [ $# -lt 1 ]
then
echo "invalid argument "
exit 1
fi
NAMESPACE="default"
if [ "$2" = "-n" ]
then
if [ $# -eq 3 ]
then
NAMESPACE=$3
fi
fi
kubectl get secrets "$1" -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"\n\n"}}{{end}}' -n "$NAMESPACE"
Sum up
When we make use of this kubectl, we can simplify tedious tasks to be very simpler. kubectl plugins may look complex to you but trust me they will make your life much easier.
There are some shortcoming that comes with the bash-based plugins but those can be easily solved when you will use any programming language like go, java, or nodejs.
In this article we learned the basics of the kubectl plugin and what it takes to be a kubectl plugin, and also saw how we can create a kubectl plugin.
Resources
- [Implementation] A full implementation for this pattern in this GitHub repo
- [Video] A detailed video explanation can be found here.
- [GoLang] implementation can be found here
Thanks for reading and I hope you find this useful!
Posted on November 12, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.