This document discusses extending kubectl functionality through plugins. It introduces kubectl plugins and Krew, a plugin manager for kubectl. It covers developing and publishing plugins, including writing plugins in any language, creating a krew manifest, and automating plugin updates through GitHub actions.

1. Extending Kubectl

2. Agenda
What are Kubetctl plugins
Intro to Krew
Development
Publishing Plugins

3. Who am I
Engineer on Azure Open-Source team
sig-windows lead
Windows-debug plugin creator
Can build fire in 6 different ways using only sticks and stones
@aspenwilder

4. Kubectl - Hello old friend
❯ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6d4b75cb6d-95h7h 1/1 Running 0 5m8s
kube-system coredns-6d4b75cb6d-x9twc 1/1 Running 0 5m8s
kube-system etcd-kind-control-plane 1/1 Running 0 5m22s
kube-system kindnet-7mxqg 1/1 Running 0 5m8s
kube-system kube-apiserver-kind-control-plane 1/1 Running 0 5m23s
kube-system kube-controller-manager-kind-control-plane 1/1 Running 0 5m23s
kube-system kube-proxy-ldth6 1/1 Running 0 5m8s
kube-system kube-scheduler-kind-control-plane 1/1 Running 0 5m23s
local-path-storage local-path-provisioner-9cd9bd544-4jrxn 1/1 Running 0 5m8s

5. Kubectl - Hello new friend
❯ kubectl access-matrix resource configmap
NAME KIND SA-NAMESPACE LIST CREATE UPDATE DELETE
generic-garbage-collector ServiceAccount kube-system ✔ ✖ ✔ ✔
horizontal-pod-autoscaler ServiceAccount kube-system ✔ ✖ ✖ ✖
local-path-provisioner-service-account ServiceAccount local-path-storage✔ ✖ ✖ ✖
namespace-controller ServiceAccount kube-system ✔ ✖ ✖ ✔
resourcequota-controller ServiceAccount kube-system ✔ ✖ ✖ ✖
root-ca-cert-publisher ServiceAccount kube-system ✖ ✔ ✔ ✖
system:kube-controller-manager User ✔ ✖ ✖ ✖
system:masters Group ✔ ✔ ✔ ✔
https://github.com/corneliusweig/rakkess

6. Kubectl Plugins
Stand alone binary that begins with Kubectl-
◦ kubectl-windows-debug
◦ Kubectl-neat
Added to your PATH
Written in any language

7. Installing and listing plugins
# install plugin
❯ cp kubetctl-capz-ssh /usr/local/bin
# List plugins installed
❯ Kubectl plugin list
The following compatible plugins are available:
/usr/local/bin/kubectl-capz-ssh

8. Krew
Plugin manager for kubectl (think apt-get or npm)
200+ plugins
Helps keep thing up to date
Plugin binaries don’t need to start with kubectl-
Helps with distribution

9. Installing with Krew
❯ kubectl krew search windows
NAME DESCRIPTION INSTALLED
windows-debug Windows node access via kubectl yes
❯ kubectl krew install windows-debug
Updated the local copy of plugin index.
Installing plugin: windows-debug
Installed plugin: windows-debug
| Use this plugin:
| kubectl windows-debug
| Documentation:
| https://github.com/jsturtevant/windows-debug
/

10. demo

11. Developing plugins
KUBECTL PLUGINS
Quick
Keep right in your repo
Simple to install
KREW
Distribution
Manages multiple platforms
Easy upgrades
Wider audience
Install Metrics

12. What language?
BASH
Easy
Simple build process
GO
Cross platform
Can use cli-runtime library
◦ Printing logic, config, etc
Auth plugins that support clouds

13. What’s in a
krew package
LICENSE FILE READ ME
BINARIES

14. Krew Manifest
apiVersion: krew.googlecontainertools.github.com/v1alpha2
kind: Plugin
metadata:
name: windows-debug
spec:
version: {{ .TagName }}
homepage: https://github.com/jsturtevant/windows-debug

15. Krew Manifest - continued
platforms:
- selector:
matchLabels:
os: darwin
arch: amd64
{{addURIAndSha "https://github.com/jsturtevant/windows-debug/releases/d
bin: kubectl-windows-debug
- selector:
matchLabels:
os: linux
arch: amd64
{{addURIAndSha "https://github.com/jsturtevant/windows-debug/releases/download/{{ .TagName }}/kubectl-
windows-debug-{{ .TagName }}.tar.gz" .TagName }}
bin: kubectl-windows-debug
https://krew.sigs.k8s.io/docs/developer-guide/plugin-manifest/

16. Templates
https://github.com/replicatedhq/krew-plugin-
template
https://github.com/kubernetes/sample-cli-plugin

17. Automating Updates
jobs:
release:
runs-on: ubuntu-latest
- name: build package
run: |
tar -czvf kubectl-windows-debug-${GITHUB_REF_NAME}.tar.gz LICENSE README.md kubectl-windows-debug
- name: Release package
uses: softprops/action-gh-release@v1
with:
files: kubectl-windows-debug-${{ github.ref_name }}.tar.gz
- name: Update new version in krew-index
uses: rajatjindal/krew-release-bot@v0.0.43

18. Krew-release-
bot

19. Using go-releaser
If you go with golang can use
https://goreleaser.com/ to build all
the packages
builds:
- id: {{ .PluginName }}
goos:
- linux
- windows
- darwin
goarch:
- amd64
main: cmd/plugin/main.go
archives:
- id: {{ .PluginName }}
builds:
- {{ .PluginName }}
name_template: {{ `"{{ .ProjectName }}_{{ .Os }}_{{ .Arch }}"`
}}
format_overrides:
- goos: windows
format: zip

20. Lessons Learned
• Underscores - dashes are converted to underscores in Krew
• Without Krew
• Kubectl windows debug
• With krew
• kubectl windows-debug
• Kew-release doesn’t work for first submission to Krew index
• must submit your first manifest manually
Testing locally
◦ Generate manifest
◦ Download package and use ‘—archive’ when installing

21. Thanks!
https://kubernetes.io/docs/tasks/extend-kubectl/kubectl-plugins/
https://krew.sigs.k8s.io/
https://krew.sigs.k8s.io/docs/developer-guide/
https://github.com/jsturtevant/windows-debug
@aspenwilder