25-KUBECONFIG

--------------------------------------------------------------------------
KUBECONFIG

if we specify details in file $HOME/.kube/config, then we dont need to specify kubeconfig in command
example kubeconfig file -

apiVersion: v1
kind: config
clusters:
   - name: kube-api-server<this is name of the config>
     cluster:
	    certificate-authority: ca.crt
		server: https://kube-api-server:6443
contexts:
   - name: my-kube-admin@kube-api-server
     context: 
        cluster: kube-api-server
		user: my-kube-admin

users:
   - name: my-kube-admin
     user:
	 client-certificate: admin.crt
	 client-key: admin.key
	 
example config file with multiple clusters,users,contexts - 

apiVersion: v1
kind: config

current-context: dev-user@google < this mean kubectl will always user dev-user to access google cluster >

clusters:
   - name: kube-api-server<this is name of the config>
     cluster:
	    certificate-authority: ca.crt
		server: https://kube-api-server:6443
   - name: development
     cluster:
	    certificate-authority: dev-ca.crt
		server: https://development:6443
contexts:
   - name: my-kube-admin@kube-api-server
     context: 
        cluster: kube-api-server
		user: my-kube-admin
   - name: dev-user@google
     context: 
        cluster: development
		user: dev-user
		namespace: finance

users:
   - name: my-kube-admin
     user:
	    client-certificate: admin.crt
	    client-key: admin.key
   - name: dev-user
     user:
	    client-certificate: dev.crt
	    client-key: dev.key

command to view the current config file thats being used - kubectl config view
command to view custom config - kubectl config view --kubeconfig=my-custom-config
command to change the context while access different cluster -  kubectl config use-context my-kube-admin@kube-api-server - this will change the cureent-context in the kubeconfig file
use this command to know more option - kubectl config -h

NOTE- instead of certificate file, we can also specify the certificate data
convert the certificate data in base64 encoaed using command - cat ca.crt |  base64 | tr -d \\n 
use certificate-authority-data instead of certificate-authority
ex - certificate-authority-data: <base64 encoaded certificate>


--------------------------------------------------------------------------