Command-line client for the Gardener.
gardenctl
is a command-line client for administrative purposes for the Gardener. It facilitates the administration of one or many garden, seed and shoot clusters, e.g. to check for issues which occured in one of these clusters. Details about the concept behind the Gardener are described in the Gardener wiki.
gardenctl
is shipped for mac and linux in a binary format.
Option 1: Install the latest release with Homebrew (macOS and Linux) as follows:
brew install gardener/tap/gardenctl
Option 2: Manually download and install from gardenctl releases as follows:
curl -LO https://github.com/gardener/gardenctl/releases/download/$(curl -s https://raw.githubusercontent.com/gardener/gardenctl/master/LATEST)/gardenctl-darwin-amd64
To download a specific version, replace the $(curl -s https://raw.githubusercontent.com/gardener/gardenctl/master/LATEST)
portion of the command with the specific version.
For example, to download version 0.16.0 on macOS, type:
curl -LO https://github.com/gardener/gardenctl/releases/download/v0.16.0/gardenctl-darwin-amd64
chmod +x ./gardenctl-darwin-amd64
sudo mv ./gardenctl-darwin-amd64 /usr/local/bin/gardenctl
If no binary builds are available for your platform or architecture, you can build it from source, go get
it or build the docker image from Dockerfile. Please keep in mind to use an up to date version of golang.
To build gardenctl
from sources you need to have a running Golang environment. Moreover, since gardenctl
allows to execute kubectl
as well as a running kubectl
installation is recommended, but not required. Please check this description for further details.
First, you need to clone the repository and build gardenctl
.
git clone https://github.com/gardener/gardenctl.git
cd gardenctl
make build
After successfully building gardenctl
the executables are in the directory ~/go/src/github.com/gardener/gardenctl/bin/
. Next, move the executable for your architecture to /usr/local/bin
. In this case for darwin-amd64.
sudo mv bin/darwin-amd64/gardenctl-darwin-amd64 /usr/local/bin/gardenctl
gardenctl
supports auto completion. This recommended feature is bound to gardenctl
or the alias g
. To configure it you can run:
if you are using bash
:
echo "source <(gardenctl completion bash)" >> ~/.bashrc
source ~/.bashrc
if you are using zsh
:
echo "source <(gardenctl completion zsh)" >> ~/.zshrc
source ~/.zshrc
First clone the repository as described in the the build step "From source". As next step add the garden "config" file and "clusters" folder with the corresponding kubeconfig files for the garden cluster. Then build the container image via docker build -t gardener/gardenctl:v1 .
in the cloned repository and run a shell in the image with docker run -it gardener/gardenctl:v1 /bin/bash
.
gardenctl
requires a configuration file. The default location is in ~/.garden/config
, but it can be overwritten with the environment variable GARDENCONFIG
.
Here an example file:
email: [email protected]
githubURL: https://github.location.company.corp
gardenClusters:
- name: dev
kubeConfig: ~/clusters/dev/kubeconfig.yaml
dashboardUrl: https://url_to_dashboard
accessRestrictions:
- key: seed.gardener.cloud/eu-access
notifyIf: true
msg: warning msg
options:
- key: support.gardener.cloud/eu-access-for-cluster-addons
notifyIf: true
msg: warning msg
- key: support.gardener.cloud/eu-access-for-cluster-nodes
notifyIf: true
msg: warning msg
- name: prod
kubeConfig: ~/clusters/prod/kubeconfig.yaml
The path to the kubeconfig files of a garden cluster can be relative by using the ~ (tilde) expansion or absolute.
gardenctl
caches some information, e.g. the garden project names. The location of this cache is per default $GARDENCTL_HOME/cache
. If GARDENCTL_HOME
is not set, ~/.garden
is assumed.
gardenctl
supports multiple sessions. The session ID can be set via $GARDEN_SESSION_ID
and the sessions are stored under $GARDENCTL_HOME/sessions
.
gardenctl
makes it easy to get additional information of your IaaS provider by using the secrets stored in the corresponding projects in the Gardener. To use this functionality, the CLIs of the IaaS providers need to be available.
Please check the IaaS provider documentation for more details about their CLIs.
Moreover, gardenctl
offers auto completion. To use it, the command
gardenctl completion bash
print on the standard output a completion script which can be sourced via
source <(gardenctl completion bash)
Please keep in mind that the auto completion is bound to gardenctl
or the alias g
.
gardenctl
requires the definition of a target, e.g. garden, project, seed or shoot. The following commands, e.g. gardenctl ls shoots
uses the target definition as a context for getting the information.
Targets represent a hierarchical structure of resources. On top, there is/are the garden/s. E.g. in case you setup a development and a production garden, you would have two entries in your ~/.garden/config
. Via gardenctl ls gardens
you get a list of the available gardens.
gardenctl get target
gardenctl target [garden|project|seed|shoot]
gardenctl drop target
gardenctl ls seeds
gardenctl ls projects
gardenctl target seed-gce-dev
gardenctl target garden-vora
gardenctl show prometheus
gardenctl aws ec2 describe-instances
orgardenctl aws ec2 describe-instances --no-cache
without locally caching credentialsgardenctl target myshoot
gardenctl kubectl get pods -- -n kube-system -l k8s-app=kube-dns
gardenctl ls issues
gardenctl drop
gardenctl shell nodename
gardenctl logs etcd-main --elasticsearch
gardenctl logs etcd-main --elasticsearch --since=2h --tail=100
gardenctl target -g garden-name -s seed-name
gardenctl logs tf infra shoot-name
gardenctl target -g garden-name -t shoot-name
gardenctl logs api | scheduler | controller-manager | etcd-main -c etcd |etcd-main -c backup-restore | vpn-seed | vpn-shoot | machine-controller-manager | prometheus |grafana | cluster-autoscaler
gardenctl target -g garden-name
gardenctl logs gardener-apiserver | gardener-controller-manager
HTTPS
and HTTP
before this command)gardenctl k get nodes
gardenctl ssh node_name
The following examples are based on jq. The Json Query Playground offers a convenient environment to test the queries.
Below a list of examples:
gardenctl ls issues -o json | jq '.issues[] | { project: .project, shoot: .shoot, state: .status.lastOperation.state }'
garden-myproject
gardenctl ls issues -o json | jq '.issues[] | if (.project=="garden-myproject") then . else empty end'
gardenctl ls issues -o json | jq '.issues[] | if (.status.lastOperation.state=="Error") then . else empty end'
gardenctl ls issues -o json | jq '.issues[] | if (.status.lastOperation.state!="Succeeded") then . else empty end'
createdBy
information (typically email addresses) of all shootsgardenctl k get shoots -- -n garden-core -o json | jq -r ".items[].metadata | {email: .annotations.\"garden.sapcloud.io/createdBy\", name: .name, namespace: .namespace}"
Here a few on cluster analysis:
gardenctl ls issues -o json | jq '.issues | group_by( .status.lastOperation.state ) | .[] | {state:.[0].status.lastOperation.state, count:length}'
Failed
gardenctl ls issues -o json | jq '.issues[] | if (.status.lastOperation.state=="Failed") then . else empty end'