Workbench and Cloud Shell are web-based command-line tools that Alibaba Cloud provides to allow you to connect to and manage Container Service for Kubernetes (ACK) clusters without the need for additional software. After you log on to the Alibaba Cloud console, you can use Workbench or Cloud Shell in a browser. When Workbench or Cloud Shell is launched, ACK automatically loads the kubeconfig file used to connect to your ACK cluster.
Workbench: a tool that allows you to connect to an Elastic Compute Service (ECS) instance without the need for additional software. You can use Workbench to connect to an ACK cluster over the Internet or an internal network.
Cloud Shell: a shell that creates a Linux VM pre-installed with various programming languages and command-line tools. You can use Cloud Shell to connect to an ACK cluster only over the Internet.
If you want to use Cloud Shell to connect to an ACK cluster over the Internet, you must first associate an elastic IP address with the API server of the cluster. For more information, see Control public access to the API server of a cluster.
The VM created by Cloud Shell is valid only for 1 hour. When the VM expires, Cloud Shell immediately destroys the VM. If no interactive operation is performed on a VM for 30 minutes or all sessions are closed, the VM is destroyed in 15 minutes. When you launch Cloud Shell again, it creates a new VM.
Preparations
Before you use a Resource Access Management (RAM) user to connect to an ACK cluster, you must assign a service-linked role to ACK and authorize the RAM user to access the cluster. For more information, see Authorization.
Before you use a RAM user to launch Cloud Shell, you must attach the AliyunCloudShellFullAccess policy to the RAM user. If you need to create and mount File Storage NAS (NAS) file systems on Cloud Shell, you must attach the AliyunNASFullAccess policy to the RAM user. For more information, see Grant permissions to a RAM user.
Procedure
To use kubectl on Workbench or Cloud Shell to connect to ACK clusters, perform the following steps:
Workbench
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster that you want to manage and click its name. In the left-side pane, click Cluster Information.
In the upper-right corner of the Cluster Information page, click Manage Clusters Using Workbench.
In the terminal that appears, you can run kubectl commands to connect to the cluster.
Run the following command to query the namespaces of the cluster:
kubectl get namespaceExpected output:
NAME STATUS AGE default Active 3h14m kube-node-lease Active 3h14m kube-public Active 3h14m kube-system Active 3h14m
CloudShell
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster that you want to manage and click its name. In the left-side pane, click Cluster Information.
In the upper-right corner of the Cluster Information page, click Open Cloud Shell.
Optional: Click the
icon and then click Mount File Storage. You can associate and mount a NAS file system to persist files and scripts that are commonly used. This way, the files and scripts are not deleted when the NAS file system is released. You can click Create Now or Skip based on your requirements.
Run kubectl commands to connect to the cluster.
Run the following command to query the namespaces of the cluster:
kubectl get namespaceExpected output:
NAME STATUS AGE default Active 3h14m kube-node-lease Active 3h14m kube-public Active 3h14m kube-system Active 3h14m