diff --git a/website/docs/using-qovery/configuration/cluster-advanced-settings.md b/website/docs/using-qovery/configuration/cluster-advanced-settings.md
index 20398d7980..4e672ba4a3 100644
--- a/website/docs/using-qovery/configuration/cluster-advanced-settings.md
+++ b/website/docs/using-qovery/configuration/cluster-advanced-settings.md
@@ -1,5 +1,5 @@
---
-last_modified_on: "2025-02-17"
+last_modified_on: "2025-03-13"
title: "Cluster Advanced Settings"
description: "Learn how to set advanced settings on your infrastructure with Qovery"
---
@@ -364,13 +364,13 @@ Once enabled, you can update the advanced setting [resources.override.limit.ram_
| Type | Description | Default Value |
|---------|-----------------------------------------------------------------------------|---------------|
-| boolean | Enable SSO sync allowing IAM users to connect to cluster using SSO. [Setup SSO support for your cluster][guides.tutorial.how-to-activate-sso-to-connect-to-your-eks-cluster].
⚠️ [`aws.iam.sso_role_arn`](#awsiamsso_role_arn) should be set. | `false` |
+| boolean | Deprecated - Enable SSO sync allowing IAM users to connect to cluster using SSO.
⚠️ [`aws.iam.sso_role_arn`](#awsiamsso_role_arn) should be set. | `false` |
#### aws.iam.sso_role_arn 
| Type | Description | Default Value |
|---------|-----------------------------------------------------------------------------|---------------|
-| string | Allows you to specify the SSO role ARN to be used to connect to your cluster. [Setup SSO support for your cluster][guides.tutorial.how-to-activate-sso-to-connect-to-your-eks-cluster] | `""` |
+| string | Deprecated - Allows you to specify the SSO role ARN to be used to connect to your cluster. | `""` |
## Object storage
@@ -452,4 +452,3 @@ Why? Dockerhub has a [rate limit system by IP](https://docs.docker.com/docker-hu
[docs.using-qovery.configuration.advanced-settings#resources]: /docs/using-qovery/configuration/advanced-settings/#resources
[docs.using-qovery.configuration.organization.container-registry]: /docs/using-qovery/configuration/organization/container-registry/
[docs.using-qovery.deployment.image-mirroring]: /docs/using-qovery/deployment/image-mirroring/
-[guides.tutorial.how-to-activate-sso-to-connect-to-your-eks-cluster]: /guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster/
diff --git a/website/docs/using-qovery/configuration/cluster-advanced-settings.md.erb b/website/docs/using-qovery/configuration/cluster-advanced-settings.md.erb
index 4f77e7de67..a51f275b1a 100644
--- a/website/docs/using-qovery/configuration/cluster-advanced-settings.md.erb
+++ b/website/docs/using-qovery/configuration/cluster-advanced-settings.md.erb
@@ -355,13 +355,13 @@ Once enabled, you can update the advanced setting [resources.override.limit.ram_
| Type | Description | Default Value |
|---------|-----------------------------------------------------------------------------|---------------|
-| boolean | Enable SSO sync allowing IAM users to connect to cluster using SSO. [Setup SSO support for your cluster][guides.tutorial.how-to-activate-sso-to-connect-to-your-eks-cluster].
⚠️ `aws.iam.sso_role_arn` should be set. | `false` |
+| boolean | Deprecated - Enable SSO sync allowing IAM users to connect to cluster using SSO.
⚠️ `aws.iam.sso_role_arn` should be set. | `false` |
#### aws.iam.sso_role_arn 
| Type | Description | Default Value |
|---------|-----------------------------------------------------------------------------|---------------|
-| string | Allows you to specify the SSO role ARN to be used to connect to your cluster. [Setup SSO support for your cluster][guides.tutorial.how-to-activate-sso-to-connect-to-your-eks-cluster] | `""` |
+| string | Deprecated - Allows you to specify the SSO role ARN to be used to connect to your cluster. | `""` |
## Object storage
diff --git a/website/docs/using-qovery/interface.md b/website/docs/using-qovery/interface.md
index c120db962f..36f16a90ab 100644
--- a/website/docs/using-qovery/interface.md
+++ b/website/docs/using-qovery/interface.md
@@ -1,5 +1,5 @@
---
-last_modified_on: "2023-12-27"
+last_modified_on: "2025-03-10"
title: Interface
description: "Everything you need to know to use Qovery"
sidebar_label: hidden
diff --git a/website/guides/advanced/sub-account-sso.md b/website/guides/advanced/sub-account-sso.md
index fe855bee8a..d775668b93 100644
--- a/website/guides/advanced/sub-account-sso.md
+++ b/website/guides/advanced/sub-account-sso.md
@@ -1,5 +1,5 @@
---
-last_modified_on: "2024-12-18"
+last_modified_on: "2025-03-13"
$schema: "/.meta/.schemas/guides.json"
title: Configure Single Sign-On (SSO) for an AWS sub-account
description: Learn how to configure Single Sign-On (SSO) on AWS for a sub-account in Qovery.
@@ -46,9 +46,9 @@ In the ends, you should see your users in the AWS IAM Identity Center console:
-# Ass SSO (with Qovery) on your EKS cluster to support SSO (optional)
+# Add SSO (with Qovery) on your EKS cluster to support SSO (optional)
-Qovery allows you to connect to your EKS cluster using SSO. It's optional, but if you want to do this anyway, please [refer to this guide](/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster).
+Please follow this [AWS guide](https://aws.amazon.com/fr/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/)
# SSO sync for Google workspace (optional)
diff --git a/website/guides/advanced/sub-account-sso.md.erb b/website/guides/advanced/sub-account-sso.md.erb
index 3b5efd1a38..95d53732e1 100644
--- a/website/guides/advanced/sub-account-sso.md.erb
+++ b/website/guides/advanced/sub-account-sso.md.erb
@@ -45,9 +45,9 @@ In the ends, you should see your users in the AWS IAM Identity Center console:
-# Ass SSO (with Qovery) on your EKS cluster to support SSO (optional)
+# Add SSO (with Qovery) on your EKS cluster to support SSO (optional)
-Qovery allows you to connect to your EKS cluster using SSO. It's optional, but if you want to do this anyway, please [refer to this guide](/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster).
+Please follow this [AWS guide](https://aws.amazon.com/fr/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/)
# SSO sync for Google workspace (optional)
diff --git a/website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md b/website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md
deleted file mode 100644
index 6d1eddffe7..0000000000
--- a/website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md
+++ /dev/null
@@ -1,268 +0,0 @@
----
-last_modified_on: "2024-01-05"
-$schema: "/.meta/.schemas/guides.json"
-title: How to activate SSO to connect to your EKS cluster
-description: How to activate SSO to connect to your EKS cluster
-author_github: https://github.com/benjaminch
-tags: ["type: tutorial", "installation_guide: aws"]
-hide_pagination: true
----
-
-import Steps from '@site/src/components/Steps';
-
-import Alert from '@site/src/components/Alert';
-import Assumptions from '@site/src/components/Assumptions';
-import Jump from '@site/src/components/Jump';
-
-Qovery makes it easy to create an EKS cluster on your AWS account and manage the deployment of applications on it. But you still might want to execute operations on it via `kubectl` like you would on any other Kubernetes cluster.
-You have several ways to connect to your cluster:
-* Activate IAM group sync, more on that [here][guides.tutorial.how-to-connect-to-your-eks-cluster-with-kubectl]
-* Activate SSO support on your cluster allowing users to connect using AWS SSO.
-
-
-
-* You have AWS CLI installed
-* You have configured an `Admins` group (or any group used for admins) as described in the [Qovery AWS setup][guides.installation-guide.guide-amazon-web-services]
-* You have an existing EKS cluster managed by Qovery
-* You have followed [this AWS tutorial](https://aws.amazon.com/fr/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/) up to `AWS SSO user configuration` excluded.
-
-
-
-
-
-## Goal
-
-This tutorial will show you how to access a Qovery managed cluster using AWS SSO.
-
-
-
-
-
--
-
-#### Install and configure your toolchain
-
-**kubectl**
-
-To interact with your cluster, you will need `kubectl` installed.
-[https://kubernetes.io/docs/tasks/tools/](https://kubernetes.io/docs/tasks/tools/)
-
-**AWS CLI**
-
-The AWS CLI must be installed and configured on your machine.
-[https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)
-
-
-
--
-
-#### Select IAM user group you configured for Qovery as admin
-
-In AWS console, go to `IAM > User Groups`
-
-
- 
-
-
-then select the group you configured as admin group for Qovery (`Admins` in the example below).
-
-
- 
-
-
-
-
--
-
-#### Create a new policy to this group allowing full access to EKS resources
-
-In this admin group, go to `permissions` tab. Click on `Add permissions > Create inline policy`.
-
-
- 
-
-
-Switch to JSON view.
-
-
- 
-
-
-Put this content to the `Policy editor`:
-
-```json
-{
- "Version": "2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "eks:*",
- "sts:AssumeRole"
- ],
- "Resource": "*"
- }
- ]
-}
-```
-
-Then click on `Next`.
-
-
- 
-
-
-Give a name to this new policy, for example `SSO_EKSClusterAdminAccess`. Then click on `Create Policy`.
-
-
- 
-
-
-
-
--
-
-#### Set up CLI with SSO access to EKS
-
-Create a named SSO profile using AWS CLI.
-
-```bash
-aws configure sso
-```
-
-You will be prompted an SSO session name, put what you want, I used `sso-benjamin`.
-
-```bash
-SSO session name (Recommended): sso-benjamin
-Attempting to automatically open the SSO authorization page in your default browser.
-If the browser does not open or you wish to use a different device to authorize this request, open the following URL:
-
-https://device.sso.us-east-2.amazonaws.com/
-
-Then enter the code:
-
-FHTG-****
-```
-
-You will be redirected to your browser, validate the form.
-
-Then you will be prompted to select your AWS account.
-
-```bash
-There are 1 AWS account available to you.
-> qovery, q@qovery.com (283389****)
-```
-
-Then you will be prompted for default region (`eu-west-3` in my case), output format (`json` in my case) and profile name (`bchastanier_sso` in my case, but feel free to pick whatever you want).
-
-```bash
-Using the account ID 283389****
-The only role available to you is: AdministratorAccess
-Using the role name "AdministratorAccess"
-CLI default client Region [None]: eu-west-3
-CLI default output format [None]: json
-CLI profile name: bchastanier_sso
-```
-
-
--
-
-#### Get SSO role ARN
-
-Go to AWS console > IAM > Roles.
-
-
- 
-
-
-Look for a role named `AWSReservedSSO_xx` and select it (name can varies based on what you have configured / how you named your `Admins` user group, but it should start with `AWSReservedSSO_`).
-
-
- 
-
-
-Copy its ARN and keep it somewhere, you will need it in next step.
-
-
- 
-
-
-
-
--
-
-#### Enable SSO on your cluster
-
-Go to your clusters in Qovery console and click on cluster you want to activate SSO on settings.
-
-
- 
-
-
-Then go to advanced settings, and set:
-* `aws.iam.enable_sso` to `true`
-* `aws.iam.sso_role_arn` to the SSO role ARN string you copy from previous step.
-
-
- 
-
-
-Redeploy your cluster once advanced settings are saved.
-
-
-
--
-
-#### Download the Kubeconfig file
-
-To connect to your EKS cluster you will need to set a context to `kubectl`. This is done with a `Kubeconfig` file.
-
-When installing a new cluster, Qovery stores it in an S3 bucket on your account. You can retrieve the Kubeconfig of your cluster directly from the Qovery interface by following the procedure "Get your cluster kubeconfig file" [within this section][docs.using-qovery.configuration.clusters#performing-actions-on-your-clusters].
-
-
-
-
--
-
-#### Connect to your cluster
-
-Connect via the CLI running this command:
-
-```bash
-aws sso login --profile
-```
-
-This will open your browser and prompt you to connect, validate the form.
-
-
- 
-
-
-Now you should be able to access your cluster without anything else, let's try to get `aws-auth` configmap showing users and roles allowed to connect to the cluster:
-
-```bash
-AWS_PROFILE= kubectl describe -n kube-system configmap/aws-auth
-```
-
-This should give you the config map content. If not, something is not properly configured.
-
-
-
-
-
-
-
-## Conclusion
-
-You can access your Qovery clusters via your SSO directly.
-
-
-[docs.using-qovery.configuration.clusters#performing-actions-on-your-clusters]: /docs/using-qovery/configuration/clusters/#performing-actions-on-your-clusters
-[guides.installation-guide.guide-amazon-web-services]: /guides/installation-guide/guide-amazon-web-services/
-[guides.tutorial.how-to-connect-to-your-eks-cluster-with-kubectl]: /guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl/
diff --git a/website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md.erb b/website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md.erb
deleted file mode 100644
index 776dac82d0..0000000000
--- a/website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md.erb
+++ /dev/null
@@ -1,251 +0,0 @@
----
-$schema: "/.meta/.schemas/guides.json"
-title: How to activate SSO to connect to your EKS cluster
-description: How to activate SSO to connect to your EKS cluster
-author_github: https://github.com/benjaminch
-tags: ["type: tutorial", "installation_guide: aws"]
-hide_pagination: true
----
-import Alert from '@site/src/components/Alert';
-import Assumptions from '@site/src/components/Assumptions';
-import Jump from '@site/src/components/Jump';
-
-Qovery makes it easy to create an EKS cluster on your AWS account and manage the deployment of applications on it. But you still might want to execute operations on it via `kubectl` like you would on any other Kubernetes cluster.
-You have several ways to connect to your cluster:
-* Activate IAM group sync, more on that [here][guides.tutorial.how-to-connect-to-your-eks-cluster-with-kubectl]
-* Activate SSO support on your cluster allowing users to connect using AWS SSO.
-
-
-
-* You have AWS CLI installed
-* You have configured an `Admins` group (or any group used for admins) as described in the [Qovery AWS setup][guides.installation-guide.guide-amazon-web-services]
-* You have an existing EKS cluster managed by Qovery
-* You have followed [this AWS tutorial](https://aws.amazon.com/fr/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/) up to `AWS SSO user configuration` excluded.
-
-
-
-## Goal
-
-This tutorial will show you how to access a Qovery managed cluster using AWS SSO.
-
-
-
-
-
--
-
-#### Install and configure your toolchain
-
-**kubectl**
-
-To interact with your cluster, you will need `kubectl` installed.
-[https://kubernetes.io/docs/tasks/tools/](https://kubernetes.io/docs/tasks/tools/)
-
-**AWS CLI**
-
-The AWS CLI must be installed and configured on your machine.
-[https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)
-
-
-
--
-
-#### Select IAM user group you configured for Qovery as admin
-
-In AWS console, go to `IAM > User Groups`
-
-
-
-
-
-then select the group you configured as admin group for Qovery (`Admins` in the example below).
-
-
-
-
-
-
-
--
-
-#### Create a new policy to this group allowing full access to EKS resources
-
-In this admin group, go to `permissions` tab. Click on `Add permissions > Create inline policy`.
-
-
-
-
-
-Switch to JSON view.
-
-
-
-
-
-Put this content to the `Policy editor`:
-
-```json
-{
- "Version": "2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "eks:*",
- "sts:AssumeRole"
- ],
- "Resource": "*"
- }
- ]
-}
-```
-
-Then click on `Next`.
-
-
-
-
-
-Give a name to this new policy, for example `SSO_EKSClusterAdminAccess`. Then click on `Create Policy`.
-
-
-
-
-
-
-
--
-
-#### Set up CLI with SSO access to EKS
-
-Create a named SSO profile using AWS CLI.
-
-```bash
-aws configure sso
-```
-
-You will be prompted an SSO session name, put what you want, I used `sso-benjamin`.
-
-```bash
-SSO session name (Recommended): sso-benjamin
-Attempting to automatically open the SSO authorization page in your default browser.
-If the browser does not open or you wish to use a different device to authorize this request, open the following URL:
-
-https://device.sso.us-east-2.amazonaws.com/
-
-Then enter the code:
-
-FHTG-****
-```
-
-You will be redirected to your browser, validate the form.
-
-Then you will be prompted to select your AWS account.
-
-```bash
-There are 1 AWS account available to you.
-> qovery, q@qovery.com (283389****)
-```
-
-Then you will be prompted for default region (`eu-west-3` in my case), output format (`json` in my case) and profile name (`bchastanier_sso` in my case, but feel free to pick whatever you want).
-
-```bash
-Using the account ID 283389****
-The only role available to you is: AdministratorAccess
-Using the role name "AdministratorAccess"
-CLI default client Region [None]: eu-west-3
-CLI default output format [None]: json
-CLI profile name: bchastanier_sso
-```
-
-
--
-
-#### Get SSO role ARN
-
-Go to AWS console > IAM > Roles.
-
-
-
-
-
-Look for a role named `AWSReservedSSO_xx` and select it (name can varies based on what you have configured / how you named your `Admins` user group, but it should start with `AWSReservedSSO_`).
-
-
-
-
-
-Copy its ARN and keep it somewhere, you will need it in next step.
-
-
-
-
-
-
-
--
-
-#### Enable SSO on your cluster
-
-Go to your clusters in Qovery console and click on cluster you want to activate SSO on settings.
-
-
-
-
-
-Then go to advanced settings, and set:
-* `aws.iam.enable_sso` to `true`
-* `aws.iam.sso_role_arn` to the SSO role ARN string you copy from previous step.
-
-
-
-
-
-Redeploy your cluster once advanced settings are saved.
-
-
-
--
-
-#### Download the Kubeconfig file
-
-To connect to your EKS cluster you will need to set a context to `kubectl`. This is done with a `Kubeconfig` file.
-
-When installing a new cluster, Qovery stores it in an S3 bucket on your account. You can retrieve the Kubeconfig of your cluster directly from the Qovery interface by following the procedure "Get your cluster kubeconfig file" [within this section][docs.using-qovery.configuration.clusters#performing-actions-on-your-clusters].
-
-
-
-
--
-
-#### Connect to your cluster
-
-Connect via the CLI running this command:
-
-```bash
-aws sso login --profile
-```
-
-This will open your browser and prompt you to connect, validate the form.
-
-
-
-
-
-Now you should be able to access your cluster without anything else, let's try to get `aws-auth` configmap showing users and roles allowed to connect to the cluster:
-
-```bash
-AWS_PROFILE= kubectl describe -n kube-system configmap/aws-auth
-```
-
-This should give you the config map content. If not, something is not properly configured.
-
-
-
-
-
-
-
-## Conclusion
-
-You can access your Qovery clusters via your SSO directly.
diff --git a/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md b/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md
index 1e4f51172f..1813bb0dab 100644
--- a/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md
+++ b/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md
@@ -1,10 +1,10 @@
---
-last_modified_on: "2024-11-01"
+last_modified_on: "2025-03-13"
$schema: "/.meta/.schemas/guides.json"
-title: How to connect to your EKS cluster with kubectl
-description: How to connect to your EKS cluster using kubectl
+title: How to connect to your Qovery managed cluster with kubectl
+description: How to connect to your Qovery managed cluster with kubectl
author_github: https://github.com/l0ck3
-tags: ["type: tutorial", "installation_guide: aws"]
+tags: ["type: tutorial", "installation_guide: kubernetes"]
hide_pagination: true
---
@@ -14,12 +14,11 @@ import Alert from '@site/src/components/Alert';
import Assumptions from '@site/src/components/Assumptions';
import Jump from '@site/src/components/Jump';
-Qovery makes it easy to create an EKS cluster on your AWS account and manage the deployment of applications on it. But you still might want to execute operations on it via `kubectl` like you would on any other Kubernetes cluster.
+Qovery makes it easy to create a managed cluster on your cloud account (AWS, GCP etc..) and manage the deployment of applications on it. But you still might want to execute operations on it via `kubectl` like you would on any other Kubernetes cluster.
-* You have an existing EKS cluster manages by Qovery
-* You have deployed an application on this cluster with Qovery
+* You have an existing EKS/GKE/Kapsule cluster manages by Qovery
@@ -41,6 +40,17 @@ This tutorial will show you how to access a Qovery managed cluster on AWS with `
+## Important information
+
+In this tutorial, we will use the Kubeconfig and credentials automatically generated by Qovery via the Qovery CLI. To do this, you need to be either an Organization Admin or a Cluster Admin.
+
+If you want to use your own set of credentials to access the Kubernetes cluster, make sure you have the right permissions to access both your cloud account and the Kubernetes cluster.
+
+For example, on AWS, a user doesn't get access to the Kubernetes API by default. To gain access, you have two possibilities:
+- EKS access entry: Via the AWS console, you can manually add users to the [EKS access entry](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html) of the cluster.
+- SSO: You can automate the provisioning/deprovisioning of Kubernetes access using the [AWS SSO feature](https://aws.amazon.com/fr/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/)
+
+
-
@@ -52,10 +62,11 @@ This tutorial will show you how to access a Qovery managed cluster on AWS with `
To interact with your cluster, you will need `kubectl` installed.
[https://kubernetes.io/docs/tasks/tools/](https://kubernetes.io/docs/tasks/tools/)
-**AWS CLI**
+**Cloud provider CLI**
+
+Depending on your cloud provider, you might need its CLI to authenticate or retrieve the Kubeconfig.
-The AWS CLI must be installed and configured on your machine.
-[https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)
+For example, you might need the [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html) or [GCP CLI](https://cloud.google.com/sdk/docs/install).
**Qovery CLI**
@@ -66,20 +77,7 @@ The Qovery CLI is required to get the kubeconfig file of your cluster:
-
-#### IAM user permissions
-
-Since `kubectl` will use IAM to authenticate, you need to have one of those things:
-1. Add your IAM user (the one the AWS CLI is authenticated with) to the `Admins` group you created when setting up Qovery
-2. Have the permissions to access the EKS cluster via SSO ([see cluster advanced settings for it](/docs/using-qovery/configuration/cluster-advanced-settings/#awsiamenable_sso))
-
-
- 
-
-
-
--
-
-#### Download the Kubeconfig file
+#### Retrieve Kubeconfig and credentials
To get the kubeconfig file of your cluster, run the following command to list your clusters and get the desired cluster ID:
@@ -99,19 +97,13 @@ INFO[2024-11-01T11:42:49+01:00] Execute `export KUBECONFIG=/Users/user/kubeconfi
The path of your kubeconfig file will be displayed in the output. You can now use it to set the context for `kubectl`.
-
-
-On AWS you'll need to have the `AWS_PROFILE` environment variable set to the right profile to be able to download the kubeconfig file or AWS credentials set as environment variables.
-
-
-
-
#### Set the context for kubectl
-To set the context for kubectl, run the following command:
+Following the output of the previous command, to set the context for kubectl, run the following command:
```bash
export KUBECONFIG=
@@ -159,8 +151,8 @@ logging Active 44d
nginx-ingress Active 44d
prometheus Active 44d
qovery Active 44d
-z0121531e-zb2daee81 Active 35d
-z016bd165-zeb51c37e Active 31d
+z0121531e-namespac1 Active 35d
+z016bd165-namespac2 Active 31d
```
The Qovery application namespaces are the ones begining with `z`.
@@ -175,16 +167,12 @@ In your URL bar you'll have something like:
`https://console.qovery.com/platform/organization//projects//environments//applications`
-
- 
-
-
-The environment namespace is defined the following way: `z-z`.
+The environment namespace is defined the following way: `z-`.
The short ID is the first section of the ID. For example, given the following ID: `e0aabc0d-99cb-4867-ad39-332d6162c32c`, the short ID will be `e0aabc0d`.
-The following environment URL: `https://console.qovery.com/platform/organization//projects/e0aabc0d-99cb-4867-ad39-332d6162c32c/environments/b91d2eb8-a850-49b5-8626-ade7afc4a28b/applications`
-would translate to the following namespace: `ze0aabc0d-zb91d2eb8`.
+The following environment "production site" with URL: `https://console.qovery.com/platform/organization//projects/e0aabc0d-99cb-4867-ad39-332d6162c32c/environments/b91d2eb8-a850-49b5-8626-ade7afc4a28b/applications`
+would translate to the following namespace: `zb91d2eb8-production-site`.
-
@@ -200,9 +188,9 @@ kubectl get pods --namespace
The output should be similar to this one:
```bash
-NAME READY STATUS RESTARTS AGE
-app-z2fc29b74-5db6745975-nrw8v 1/1 Running 0 29h
-app-zabbcf976-74f969f848-kzp87 1/1 Running 0 29h
+NAME READY STATUS RESTARTS AGE
+app-z2fc29b74-backend-5db6745975-nrw8v 1/1 Running 0 29h
+app-zabbcf976-frontend-74f969f848-kzp87 1/1 Running 0 29h
```
The same principle goes for finding the right application pod. Go to the application page on the Qovery console.
@@ -211,17 +199,23 @@ You'll get an URL looking like this:
`https://console.qovery.com/platform/organization//projects//environments//applications/abbcf976-27a1-4531-9cdd-e4d15d7b2c27/summary`
-Get the short ID of our application, in our case `abbcf976` which means the application pod name will start with `app-zabbcf976`.
+Get the short ID of our application and its name, in our case `abbcf976` and `backend` which means the application pod name will start with `app-zabbcf976-frontend`. The app might start with "app", "job", "cronjob", "database" depending on its type.
In case you setup your app to run multiple replicas, it is possible that you see several pods begining with the same string. You can pick any of them.
-In our case the right pod corresponding to our application would be `app-zabbcf976-74f969f848-kzp87`.
-
#### Shell into the container
+
+
+If you don't want to use kubectl, you can directly use the Qovery CLI Shell feature. Check our [documentation here][docs.using-qovery.interface.cli#shell] to know more about it.
+
+
+
+
To get a shell access to the container running inside the application pod, all you have to do is:
```bash
@@ -243,4 +237,4 @@ Qovery helps you manage your Kubernetes cluster and deploy your applications on
-
+[docs.using-qovery.interface.cli#shell]: /docs/using-qovery/interface/cli/#shell
diff --git a/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md.erb b/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md.erb
index 0f7e538626..65bab06677 100644
--- a/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md.erb
+++ b/website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md.erb
@@ -1,21 +1,20 @@
---
$schema: "/.meta/.schemas/guides.json"
-title: How to connect to your EKS cluster with kubectl
-description: How to connect to your EKS cluster using kubectl
+title: How to connect to your Qovery managed cluster with kubectl
+description: How to connect to your Qovery managed cluster with kubectl
author_github: https://github.com/l0ck3
-tags: ["type: tutorial", "installation_guide: aws"]
+tags: ["type: tutorial", "installation_guide: kubernetes"]
hide_pagination: true
---
import Alert from '@site/src/components/Alert';
import Assumptions from '@site/src/components/Assumptions';
import Jump from '@site/src/components/Jump';
-Qovery makes it easy to create an EKS cluster on your AWS account and manage the deployment of applications on it. But you still might want to execute operations on it via `kubectl` like you would on any other Kubernetes cluster.
+Qovery makes it easy to create a managed cluster on your cloud account (AWS, GCP etc..) and manage the deployment of applications on it. But you still might want to execute operations on it via `kubectl` like you would on any other Kubernetes cluster.
-* You have an existing EKS cluster manages by Qovery
-* You have deployed an application on this cluster with Qovery
+* You have an existing EKS/GKE/Kapsule cluster manages by Qovery
@@ -29,6 +28,17 @@ This tutorial will show you how to access a Qovery managed cluster on AWS with `
+## Important information
+
+In this tutorial, we will use the Kubeconfig and credentials automatically generated by Qovery via the Qovery CLI. To do this, you need to be either an Organization Admin or a Cluster Admin.
+
+If you want to use your own set of credentials to access the Kubernetes cluster, make sure you have the right permissions to access both your cloud account and the Kubernetes cluster.
+
+For example, on AWS, a user doesn't get access to the Kubernetes API by default. To gain access, you have two possibilities:
+- EKS access entry: Via the AWS console, you can manually add users to the [EKS access entry](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html) of the cluster.
+- SSO: You can automate the provisioning/deprovisioning of Kubernetes access using the [AWS SSO feature](https://aws.amazon.com/fr/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/)
+
+
-
@@ -40,10 +50,11 @@ This tutorial will show you how to access a Qovery managed cluster on AWS with `
To interact with your cluster, you will need `kubectl` installed.
[https://kubernetes.io/docs/tasks/tools/](https://kubernetes.io/docs/tasks/tools/)
-**AWS CLI**
+**Cloud provider CLI**
+
+Depending on your cloud provider, you might need its CLI to authenticate or retrieve the Kubeconfig.
-The AWS CLI must be installed and configured on your machine.
-[https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)
+For example, you might need the [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html) or [GCP CLI](https://cloud.google.com/sdk/docs/install).
**Qovery CLI**
@@ -54,20 +65,7 @@ The Qovery CLI is required to get the kubeconfig file of your cluster:
-
-#### IAM user permissions
-
-Since `kubectl` will use IAM to authenticate, you need to have one of those things:
-1. Add your IAM user (the one the AWS CLI is authenticated with) to the `Admins` group you created when setting up Qovery
-2. Have the permissions to access the EKS cluster via SSO ([see cluster advanced settings for it](/docs/using-qovery/configuration/cluster-advanced-settings/#awsiamenable_sso))
-
-
-
-
-
-
--
-
-#### Download the Kubeconfig file
+#### Retrieve Kubeconfig and credentials
To get the kubeconfig file of your cluster, run the following command to list your clusters and get the desired cluster ID:
@@ -87,19 +85,13 @@ INFO[2024-11-01T11:42:49+01:00] Execute `export KUBECONFIG=/Users/user/kubeconfi
The path of your kubeconfig file will be displayed in the output. You can now use it to set the context for `kubectl`.
-
-
-On AWS you'll need to have the `AWS_PROFILE` environment variable set to the right profile to be able to download the kubeconfig file or AWS credentials set as environment variables.
-
-
-
-
#### Set the context for kubectl
-To set the context for kubectl, run the following command:
+Following the output of the previous command, to set the context for kubectl, run the following command:
```bash
export KUBECONFIG=
@@ -147,8 +139,8 @@ logging Active 44d
nginx-ingress Active 44d
prometheus Active 44d
qovery Active 44d
-z0121531e-zb2daee81 Active 35d
-z016bd165-zeb51c37e Active 31d
+z0121531e-namespac1 Active 35d
+z016bd165-namespac2 Active 31d
```
The Qovery application namespaces are the ones begining with `z`.
@@ -163,16 +155,12 @@ In your URL bar you'll have something like:
`https://console.qovery.com/platform/organization//projects//environments//applications`
-
-
-
-
-The environment namespace is defined the following way: `z-z`.
+The environment namespace is defined the following way: `z-`.
The short ID is the first section of the ID. For example, given the following ID: `e0aabc0d-99cb-4867-ad39-332d6162c32c`, the short ID will be `e0aabc0d`.
-The following environment URL: `https://console.qovery.com/platform/organization//projects/e0aabc0d-99cb-4867-ad39-332d6162c32c/environments/b91d2eb8-a850-49b5-8626-ade7afc4a28b/applications`
-would translate to the following namespace: `ze0aabc0d-zb91d2eb8`.
+The following environment "production site" with URL: `https://console.qovery.com/platform/organization//projects/e0aabc0d-99cb-4867-ad39-332d6162c32c/environments/b91d2eb8-a850-49b5-8626-ade7afc4a28b/applications`
+would translate to the following namespace: `zb91d2eb8-production-site`.
-
@@ -188,9 +176,9 @@ kubectl get pods --namespace
The output should be similar to this one:
```bash
-NAME READY STATUS RESTARTS AGE
-app-z2fc29b74-5db6745975-nrw8v 1/1 Running 0 29h
-app-zabbcf976-74f969f848-kzp87 1/1 Running 0 29h
+NAME READY STATUS RESTARTS AGE
+app-z2fc29b74-backend-5db6745975-nrw8v 1/1 Running 0 29h
+app-zabbcf976-frontend-74f969f848-kzp87 1/1 Running 0 29h
```
The same principle goes for finding the right application pod. Go to the application page on the Qovery console.
@@ -199,17 +187,23 @@ You'll get an URL looking like this:
`https://console.qovery.com/platform/organization//projects//environments//applications/abbcf976-27a1-4531-9cdd-e4d15d7b2c27/summary`
-Get the short ID of our application, in our case `abbcf976` which means the application pod name will start with `app-zabbcf976`.
+Get the short ID of our application and its name, in our case `abbcf976` and `backend` which means the application pod name will start with `app-zabbcf976-frontend`. The app might start with "app", "job", "cronjob", "database" depending on its type.
In case you setup your app to run multiple replicas, it is possible that you see several pods begining with the same string. You can pick any of them.
-In our case the right pod corresponding to our application would be `app-zabbcf976-74f969f848-kzp87`.
-
#### Shell into the container
+
+
+If you don't want to use kubectl, you can directly use the Qovery CLI Shell feature. Check our [documentation here][docs.using-qovery.interface.cli#shell] to know more about it.
+
+
+
+
To get a shell access to the container running inside the application pod, all you have to do is:
```bash
diff --git a/website/metadata.js b/website/metadata.js
index b1d696ad4c..046736243e 100644
--- a/website/metadata.js
+++ b/website/metadata.js
@@ -555,15 +555,6 @@ module.exports = {
"series_position": null,
"title": "How to Build a Cloud Version of Your Open Source Software - A Case Study with AppWrite - Part 3"
},
- {
- "author_github": "https://github.com/benjaminch",
- "description": null,
- "id": "/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster",
- "last_modified_on": null,
- "path": "website/guides/tutorial/how-to-activate-sso-to-connect-to-your-eks-cluster.md",
- "series_position": null,
- "title": "How to activate SSO to connect to your EKS cluster"
- },
{
"author_github": "https://github.com/benjaminch",
"description": null,
@@ -589,7 +580,7 @@ module.exports = {
"last_modified_on": null,
"path": "website/guides/tutorial/how-to-connect-to-your-eks-cluster-with-kubectl.md",
"series_position": null,
- "title": "How to connect to your EKS cluster with kubectl"
+ "title": "How to connect to your Qovery managed cluster with kubectl"
},
{
"author_github": "https://github.com/l0ck3",