| title |
|---|
Configure Pulumi for Kubernetes |
The Pulumi Kubernetes provider authenticates and connects to a Kubernetes cluster using a local kubeconfig file. This logic is implemented using the official Kubernetes Go client library, so Pulumi's behavior is identical to kubectl. If you have already provisioned a Kubernetes cluster and set up kubectl to connect to it, the Pulumi CLI should "just work."
Pulumi never sends your Kubernetes authentication secrets or credentials to the Pulumi service. Because the Pulumi client uses the Kubernetes Go client to connect to the cluster and execute operations on your behalf, your credentials are only ever stored where you left them (typically in the local kubeconfig file,
~/.ssh, and so on).
If you're not yet set up, you'll need to do two things:
- Provision a Kubernetes cluster. There are several popular guides for each of the major public clouds:
- For AWS, there is EKS and the Heptio quickstart.
- For Azure, there is AKS.
- For GCP, there is GKE.
- Download
kubectl, the Kubernetes CLI. There is an extensive tutorial available in the Kubernetes docs. If you're using Homebrew on macOS, you can install the community-managed kubectl formula viabrew install kubectl.