Retrieving Cluster Credentials and Configuration
Page last updated:
Warning: Pivotal Container Service (PKS)
v1.4 is no longer supported because it has reached the End
of General Support (EOGS) phase as defined by the
Support Lifecycle Policy.
To stay up to date with the latest software and security updates, upgrade to a supported version.
This topic describes how to use the
pks get-credentials command in Enterprise Pivotal Container Service (Enterprise PKS) using the PKS Command Line Interface (PKS CLI).
pks get-credentials command performs the following actions:
- Fetch the cluster’s kubeconfig
- Add the cluster’s kubeconfig to the existing kubeconfig
- Create a new kubeconfig, if none exists
- Switch the context to the
When you run
pks get-credentials CLUSTER-NAME, PKS sets the context to the cluster you provide as the
PKS binds your username to the cluster and populates the kubeconfig file on your local workstation with cluster credentials and configuration.
The default path for your kubeconfig is
If you access multiple clusters, you can choose to use a custom kubeconfig file for each cluster.
To save cluster credentials to a custom kubeconfig, use the
KUBECONFIG environment variable when you run
$ KUBECONFIG=/path/to/my-cluster.config pks get-credentials my-cluster
Perform the following steps to populate your local kubeconfig with cluster credentials and configuration:
On the command line, run the following command to log in:
pks login -a PKS-API -u USERNAME -kWhere:
PKS-APIis the domain name for the PKS API that you entered in Ops Manager > Enterprise PKS > PKS API > API Hostname (FQDN). For example,
USERNAMEis your user name.
See Logging in to Enterprise PKS for more information about the
Run the following command:
pks get-credentials CLUSTER-NAMEWhere
CLUSTER-NAMEis the unique name for your cluster. For example:
$ pks get-credentials pks-example-cluster Fetching credentials for cluster pks-example-cluster. Context set for cluster pks-example-cluster. You can now switch between clusters by using: $kubectl config use-context <cluster-name>
Note: If you enable OpenID Connect (OIDC) in the Enterprise PKS tile, PKS requires your password to run the
pks get-credentials CLUSTER-NAMEcommand. This allows PKS to retrieve valid tokens for the kubeconfig file. You can provide your password at the prompt or as the
PKS_USER_PASSWORDenvironment variable. For more information, see the Configure OpenID Connect section of Installing Enterprise PKS for your IaaS.
After PKS populates your kubeconfig, you can use the Kubernetes Command Line Interface (kubectl) to run commands against your Kubernetes clusters.
See Installing the Kubernetes CLI for information about installing kubectl.
For information about using kubectl, refer to the Kubernetes documentation.
Please send any feedback you have to firstname.lastname@example.org.