Logging in to Enterprise PKS
Page last updated:
Warning: Pivotal Container Service (PKS)
v1.4 is no longer supported because it has reached the End
of General Support (EOGS) phase as defined by the
Support Lifecycle Policy.
To stay up to date with the latest software and security updates, upgrade to a supported version.
This topic describes how to log in to Enterprise Pivotal Container Service (Enterprise PKS).
To manage Enterprise PKS-deployed clusters, you use the PKS Command
Line Interface (PKS CLI). When you log in to Enterprise PKS successfully
for the first time, the PKS CLI generates a local
creds.yml file that contains
the API endpoint, refresh token, access token, and CA certificate, if applicable.
creds.yml is saved in the
~/.pks directory on your local system.
You can use the
PKS_HOME environment variable to override this location and
creds.yml in any directory on your system.
Before you can log in to Enterprise PKS, you must have the following:
- A running Enterprise PKS environment. See the Installing Enterprise PKS section for your cloud provider.
- The PKS CLI installed on your local system. See Installing the PKS CLI.
- A username and password that has access to the PKS API. See Configuring PKS API Access.
Use the command in this section to log in as an individual user. The login procedure is the same for users created in UAA or users from external LDAP groups.
On the command line, run the following command in your terminal to log in to the PKS CLI:
pks login -a PKS-API -u USERNAME -p PASSWORD --ca-cert CERT-PATH
Replace the placeholder values in the command as follows:
PKS-APIis the domain name for the PKS API that you entered in Ops Manager > Enterprise PKS > PKS API > API Hostname (FQDN). For example,
PASSWORDbelong to the account you created in the Grant Enterprise PKS Access to a User section of Managing Users in Enterprise PKS with UAA. If you do not use
-pto provide a password, the PKS CLI prompts for the password interactively. Pivotal recommends running the login command without the
-pflag for added security.
CERT-PATHis the path to your root CA certificate. Provide the certificate to validate the PKS API certificate with SSL.
$ pks login -a api.pks.example.com -u alana \ --ca-cert /var/tempest/workspaces/default/root_ca_certificate
If you are logging in to a trusted environment, you can use
-kto skip SSL verification instead of
$ pks login -a api.pks.example.com -u alana -k
Please send any feedback you have to firstname.lastname@example.org.