[SOLVED] How to run kubectl commands inside a container? - kubernetes

[SOLVED] Running kubectl Commands Inside a Container: A Simple Guide

In this article, we look at different ways to run kubectl commands inside a container in Kubernetes. It is important for us to know how to run these commands. We might need this when we fix problems, manage resources, or deploy applications. We will share several methods that fit different situations. This way, you can pick what works best for you.

Solutions We Will Talk About:

• Solution 1: Using a Kubernetes Pod with kubectl Installed
• Solution 2: Running kubectl from a Docker Container
• Solution 3: Putting Kubeconfig into the Container
• Solution 4: Using kubectl Proxy for Access
• Solution 5: Custom Docker Image with kubectl
• Solution 6: Running kubectl in an Init Container

When we understand these solutions, we can run kubectl commands better in our container apps. For more info, you can read about how to access the Kubernetes API or check out how to share storage between containers. Now, let’s jump into each solution and see the best ways to run kubectl commands inside a container.

Solution 1 - Using a Kubernetes Pod with kubectl Installed

One of the easiest ways to run kubectl commands inside a container is to use a Kubernetes Pod that has kubectl installed. This method lets us run kubectl commands directly on our Kubernetes cluster from inside a container.

Steps to Create a Pod with kubectl Installed

1. Create a Docker Image with kubectl: We can use an existing image that has kubectl, like the official kubectl image, or we can create our own custom Docker image.

   Here is a simple Dockerfile to make a custom image:

   FROM bitnami/kubectl:latest
   
   # Optional: Add any extra tools or settings
   RUN apk add --no-cache curl

2. Build and Push the Image (if using a custom image):

   docker build -t your-repo/kubectl-image:latest .
   docker push your-repo/kubectl-image:latest

3. Create a Kubernetes Pod:

   We can create a Pod that uses this image. Below is an example YAML config for a Pod that runs kubectl:

   apiVersion: v1
   kind: Pod
   metadata:
     name: kubectl-pod
   spec:
     containers:
       - name: kubectl
         image: your-repo/kubectl-image:latest
         command: ["/bin/sh", "-c", "sleep 3600"] # Keep the Pod running
         volumeMounts:
           - name: kubeconfig
             mountPath: /root/.kube
     volumes:
       - name: kubeconfig
         configMap:
           name: kubeconfig-map # Assuming we have a ConfigMap with kubeconfig

4. Apply the Pod Configuration:

   kubectl apply -f kubectl-pod.yaml

5. Execute kubectl Commands Inside the Pod:

   After the Pod is running, we can run kubectl commands by using the exec command:

   kubectl exec -it kubectl-pod -- /bin/sh

   Inside the Pod’s shell, we can now run kubectl commands like this:

   kubectl get pods

Important Considerations

• Make sure the Pod has the right permissions to work with the Kubernetes API. We may need to set up RoleBindings or ClusterRoleBindings.
• If we need to pass specific settings or environment variables, we can check how to pass environment variables into a Kubernetes Pod.

By using a Kubernetes Pod with kubectl installed, we can easily manage our cluster and fix issues from inside a container. This way is good for running admin commands without leaving our Kubernetes context.

Solution 2 - Executing kubectl from a Docker Container

We can run kubectl commands inside a Docker container. We have two options. We can use an existing container with kubectl already installed. Or we can create a new Docker container. This way is good when we want to work with our Kubernetes cluster without needing a full Kubernetes setup on our local machine.

Steps to Execute kubectl from a Docker Container

1. Pull a Docker Image with kubectl: We can start with a Docker image that has kubectl installed. For instance, we can use the official Kubernetes kubectl image.

   docker pull bitnami/kubectl

2. Run a Container with kubectl: We run a container using the image we pulled. We need to mount our kubeconfig file. This lets the container connect to our Kubernetes cluster.

   docker run -it --rm \
     -v $HOME/.kube/config:/root/.kube/config \
     bitnami/kubectl get pods

   In this command:

   • -it lets us run the container directly.
   • --rm means the container will be removed after it stops.
   • -v $HOME/.kube/config:/root/.kube/config mounts our local kubeconfig file into the container. Now kubectl can use our Kubernetes context.

3. Using a Custom Dockerfile: If we want a special setup, we can make a Dockerfile that installs kubectl. Here is an example:

   FROM alpine:3.14
   
   RUN apk add --no-cache curl
   RUN curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" \
       && chmod +x ./kubectl \
       && mv ./kubectl /usr/local/bin/kubectl
   
   ENTRYPOINT ["kubectl"]

   Now we build the Docker image:

   docker build -t my-kubectl-image .

   Then we run the container:

   docker run -it --rm \
     -v $HOME/.kube/config:/root/.kube/config \
     my-kubectl-image get pods

Considerations

• Make sure our kubeconfig file has the right permissions and points to the correct cluster.
• If we have problems with connection, we can check guides on how to access the Kubernetes API for help.

By following these steps, we can run kubectl commands from a Docker container. This gives us a light and separate environment to manage Kubernetes.

Solution 3 - Mounting Kubeconfig into the Container

We can run kubectl commands inside a container by mounting the Kubeconfig file into it. This helps the container to communicate with the Kubernetes API server. The container will use the settings from your Kubeconfig. Here is how we can do this:

Prerequisites

• We need a valid Kubeconfig file. It is usually found at ~/.kube/config on our local machine.
• The container image we use should have kubectl installed.

Steps to Mount Kubeconfig

1. Create a Kubernetes Pod Definition: We must define a pod that mounts our local Kubeconfig file into the container. Below is a simple example of a YAML configuration for a pod called kubectl-pod.

apiVersion: v1
kind: Pod
metadata:
  name: kubectl-pod
spec:
  containers:
    - name: kubectl-container
      image: bitnami/kubectl:latest # Example image with kubectl installed
      command: ["sleep", "3600"] # Keep the container running for a while
      volumeMounts:
        - name: kubeconfig-volume
          mountPath: /root/.kube # Default path where kubectl looks for the config
  volumes:
    - name: kubeconfig-volume
      hostPath:
        path: /home/youruser/.kube # Change this to your Kubeconfig path

2. Deploy the Pod: We can apply the pod definition using kubectl.

kubectl apply -f kubectl-pod.yaml

3. Access the Container: When the pod is running, we can enter the container to run kubectl commands.

kubectl exec -it kubectl-pod -- /bin/sh

4. Run kubectl Commands: Now inside the container, we can run kubectl commands like we do on our local machine.

kubectl get pods

Important Notes

• We use the hostPath volume type to mount the local Kubeconfig into the container. Make sure the path we specify matches our local setup.
• We should be careful with permissions. Mounting sensitive files can expose them to the container. It is better to limit access to trusted containers.
• For more information about volume types, we can check the Kubernetes documentation.

This method gives us an easy way to run kubectl commands inside a container by using the Kubeconfig we already have. If we need more help or other options, we can look into solutions like executing kubectl from a Docker container or using a custom Docker image with kubectl installed.

Solution 4 - Using kubectl Proxy for Access

We can use kubectl proxy to access the Kubernetes API from a container. This way works well because it makes a proxy server. This server listens on a port and sends requests to the Kubernetes API server. With kubectl proxy, we can skip the complicated authentication. We can talk to the API directly without needing kubeconfig files. This makes it easy to run kubectl commands in our container.

Steps to Use kubectl Proxy Inside a Container

1. Run a Container with kubectl Installed: First, we need to make sure our container has kubectl installed. We can use a ready-made image or make a custom Docker image. Here is a simple Dockerfile:

   FROM bitnami/kubectl:latest
   
   # Set necessary environment variables if needed
   ENV KUBECONFIG=/path/to/kubeconfig
   
   # Copy your kubeconfig file into the image (if necessary)
   COPY kubeconfig /path/to/kubeconfig
   
   CMD ["kubectl", "proxy", "--port=8001"]

2. Build and Run the Docker Container:

   docker build -t my-kubectl-proxy .
   docker run -d --name kubectl-proxy -p 8001:8001 my-kubectl-proxy

3. Accessing the Kubernetes API: After the proxy is running, we can access the Kubernetes API at http://localhost:8001/api/v1/namespaces/{namespace}/pods. Just replace {namespace} with the Kubernetes namespace we want.

4. Executing kubectl Commands: To run kubectl commands, we can go into the container’s shell or use curl to talk to the API through the proxy. For example:

   # Accessing the container's shell
   docker exec -it kubectl-proxy sh
   
   # Now we can run kubectl commands
   kubectl get pods

5. Using curl to Interact with the API:

   curl http://localhost:8001/api/v1/pods

Important Considerations

• Security: We must be careful when we expose the proxy. It can show sensitive info about our Kubernetes cluster. We should secure the endpoint if needed.
• Kubeconfig: If our Kubernetes cluster needs authentication, we must make sure the kubeconfig file is set up right and can be accessed in the container.
• Networking: We should check that the container can reach the Kubernetes API server. Also, we need to set any firewall rules needed to allow traffic on the port.

Using kubectl proxy makes it easier to access the Kubernetes API from inside a container. We can run kubectl commands smoothly. For more details on accessing the Kubernetes API, check out this guide.

Solution 5 - Custom Docker Image with kubectl

We can create a custom Docker image that has kubectl. This lets us run Kubernetes commands right from our container. This is very helpful when we want a small setup for specific jobs that need kubectl.

Steps to Create a Custom Docker Image with kubectl

1. Create a Dockerfile: First, we need to make a Dockerfile. This file tells Docker what environment to set up and how to install kubectl.

   # Use a base image with a lightweight OS
   FROM alpine:latest
   
   # Install curl and bash
   RUN apk add --no-cache curl bash
   
   # Download kubectl binary
   RUN curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" && \
       chmod +x ./kubectl && \
       mv ./kubectl /usr/local/bin/kubectl
   
   # Set the entrypoint
   ENTRYPOINT ["kubectl"]

2. Build the Docker Image: Next, we go to the folder that has our Dockerfile. Then we build the Docker image.

   docker build -t my-kubectl-image .

3. Run the Container: When we start the container, we have to make sure that the Kubernetes configuration (kubeconfig) is available in the container. We can do this by mounting the kubeconfig file from our host system.

   docker run -v $HOME/.kube:/root/.kube -it my-kubectl-image get pods

   In this command:

   • -v $HOME/.kube:/root/.kube connects our local kubeconfig folder to the container.
   • The -it flag lets us talk with the container.

4. Using the Container: Now we can run any kubectl command in this container. For example, to see all pods in the default namespace, we run:

   docker run -v $HOME/.kube:/root/.kube -it my-kubectl-image get pods

5. Additional Configuration: If we want to send environment variables or set the context, we can use Docker’s -e flag:

   docker run -v $HOME/.kube:/root/.kube -e KUBECONFIG=/root/.kube/config -it my-kubectl-image get nodes

Benefits of Using a Custom Docker Image

• Portability: We can share the image with others or use it in different places without worrying about installing kubectl.
• Consistency: Using one version of kubectl helps us do things the same way in different setups.
• Customization: We can add other tools and scripts to the image for our own needs.

By following these steps, we can create a custom Docker image with kubectl. This allows us to run Kubernetes commands from within the container. For more information on how to access Kubernetes APIs, we can check this guide on accessing Kubernetes API.

Solution 6 - Running kubectl in an Init Container

Using an Init Container is a good way to run kubectl commands in your Kubernetes setup before your main app container starts. Init Containers finish their tasks before the main app container starts. This helps us prepare the environment and set up resources.

Step-by-step Guide

1. Define the Init Container in Your Pod Specification: We need to add the Init Container in our Pod specification. Here is an example of how to do it:

apiVersion: v1
kind: Pod
metadata:
  name: my-app
spec:
  initContainers:
  - name: init-myservice
    image: bitnami/kubectl:latest # Use an image with kubectl installed
    command: ['sh', '-c', 'kubectl apply -f /config/my-config.yaml']
    volumeMounts:
    - name: config-volume
      mountPath: /config
  containers:
  - name: my-app-container
    image: my-app-image
    ports:
    - containerPort: 8080
  volumes:
  - name: config-volume
    configMap:

## Conclusion

In this article, we looked at different ways to run kubectl commands inside a container. We talked about using a Kubernetes pod with kubectl installed. We also explained how to run kubectl from a Docker container and how to mount kubeconfig. These methods are very important for developers and operators who want to manage Kubernetes resources well.

For more information on Kubernetes practices, we can check our guide on [how to connect to the Kubernetes API](http://www.bestonlinetutorial.com/2025/01/solved-how-do-i-access-kubernetes-api.html). You can also learn how to [mount a local directory into a pod](http://www.bestonlinetutorial.com/2025/01/solved-mount-local-directory-into-pod.html).