Generating New Cluster Credentials

Occasionally you may want to generate new credentials for your cluster. This can be accomplished with either teectl or the traefikee CLI.

Specify Kubernetes Configuration Location

For the Kubernetes examples below, the environment variable $KUBECONFIG should be set to the path on your local machine where the kubeconfig file is stored (typically $HOME/.kube/config).

From teectl

Loss of Credentials

In the event the cluster remote access credentials are lost, teectl will not be able to connect to the remote cluster. In this case, new credentials must be generated using the traefikee CLI. Note that this operation does not revoke the old credentials.

To generate a new set of credentials, run the following command:

teectl create credentials --kubernetes.kubeconfig=$KUBECONFIG --cluster=$CLUSTER_NAME > config.yaml
teectl create credentials --swarm.hosts="$CLUSER_IP" --cluster=$CLUSTER_NAME > config.yaml

In this case teectl will connect to the cluster named $CLUSTER_NAME and create new credentials for it, making a new cluster configuration with the same cluster name.

From traefikee

To generate new cluster credentials from a running Controller using the traefikee CLI, run the following command:

kubectl exec -n traefikee default-controller-0 -- /traefikee generate credentials --kubernetes.kubeconfig=$KUBECONFIG --cluster=$CLUSTER_NAME > config.yaml
docker exec -ti $CONTROLLER_CONTAINER_ID /traefikee generate credentials --swarm.hosts="$CLUSTER_IP" --cluster=$CLUSTER_NAME > config.yaml

Use the Correct Cluster Name

Make sure to indicate the cluster name (--cluster option) that was used when the cluster was installed. Otherwise, teectl will fail to connect to the cluster.

It is possible to fix the generated config file by setting the cluster_name field to the correct name. If no cluster name was given, then the correct value is default.

Import the configuration

In order to use the credentials generated above in teectl, they must first be imported:

teectl cluster import --file=config.yaml

The above command will import the generated cluster configuration file into the correct teectl location, leaving the original file in place.

The cluster can then be used with the --cluster=$CLUSTER_NAME option on each teectl command or by setting the cluster context:

teectl cluster use --name=$CLUSTER_NAME