Introduction to kubeconfig

Kubecofig enables clients like kubectl and many programming languages to securely access your Kubernetes Cluster. Specifically, kubeconfig is a YAML file that contains either a username and password combination or a secure token that when read programmatically removes the need for the Kubernetes client to ask for interactive authentication. kubeconfig is the secure and standard method to enable access to your Kubernetes clusters.

For more information on kubeconfig, refere to the Kubernetes kubeconfig documentation.

Kubernetes Clients

Kubernetes client libraries handle the complicated task of integrating and understanding Kubernetes by natively handling the Kubernetes APIs. A number of client libraries are maintained by the Kubernetes SIG API machinery, this includes Python, Go, Java, dotNet, Javascript and Haskell. These languages and related libraries are able to utilize the kubeconfig file to authenticate against the Kubernetes API.


kubectl provides a command line tool for interacting with Kubernetes.

kubectl depends on kubeconfig for authentication with your cluster. By default kubectl will expect kubeconfig, represented as a file named config to be present in the $HOME/.kube directory. Without kubeconfig you cannot use kubectl.

To get started with kubectl view the cheatsheet. For a detailed guide on kubectl review the Kubernetes documentation.