Toolery

Kubeconfig Manager

Manage Kubernetes kubeconfig files securely in your browser

Privacy Notice: All processing happens in your browser. Your kubeconfig never leaves your device.

Drop kubeconfig file(s) here or click to upload

Accepts .yaml, .yml, .conf, .config or any text file. Drop multiple to auto-merge.

OR paste your kubeconfig

How to Use

  1. Upload your kubeconfig file by dragging and dropping or pasting the YAML content
  2. The tool automatically validates your kubeconfig and displays any errors or warnings
  3. View all contexts, change the current-context, or remove unused contexts
  4. Upload additional kubeconfig files and merge them into a single configuration
  5. Analyze and remove orphan clusters and users that are not referenced by any context
  6. Copy the cleaned kubeconfig to your clipboard or download it as a file

What is Kubeconfig?

Kubeconfig is the configuration file that Kubernetes command-line tools like kubectl use to find the information needed to connect to clusters. This file is typically located at ~/.kube/config by default, though you can specify an alternative location using the KUBECONFIG environment variable or --kubeconfig flag. The kubeconfig file follows the Kubernetes v1 API format and contains three main sections: clusters (the actual Kubernetes clusters with their API server addresses and certificate data), users (authentication credentials such as client certificates, tokens, or exec-based authentication mechanisms), and contexts (which combine a cluster, a user, and optionally a namespace to create a named configuration). When you run kubectl commands, it reads the current-context field to determine which cluster to communicate with, which user credentials to use, and which namespace to default to. Understanding kubeconfig structure is essential for managing multiple clusters efficiently, whether you're working with development, staging, and production environments, or managing clusters across different cloud providers like AWS EKS, Google GKE, and Azure AKS. The file is YAML-formatted and can be edited manually, though doing so requires care to maintain proper structure and avoid breaking cluster access.

How Our Kubeconfig Manager Works

Our Kubeconfig Manager performs all processing operations entirely client-side in your browser using JavaScript—your kubeconfig file never leaves your device, ensuring complete privacy and security for sensitive cluster credentials. The tool uses the js-yaml library to parse and serialize YAML content, validating the structure against expected kubeconfig schema patterns. The interface is organized into five functional tabs: Load (for uploading or pasting kubeconfig files), Merge (for combining multiple kubeconfig files with intelligent conflict resolution), Contexts (for viewing all contexts, switching current-context, and managing context list), Cleanup (for identifying and removing orphaned clusters and users that exist in the file but aren't referenced by any context), and Save (for exporting the processed kubeconfig via clipboard copy or file download). When merging kubeconfig files, the tool detects naming conflicts and automatically renames duplicate entries to prevent overwrites, ensuring no cluster access is lost. The validation engine checks for required fields, proper YAML syntax, valid certificate data encoding, and structural integrity, displaying helpful error messages when issues are found. This browser-based approach means your production cluster credentials remain secure—there's no server-side storage, no logging, and no network transmission of your configuration data.

Common Use Cases

  • Managing multiple Kubernetes clusters across different environments (development, staging, production) and quickly switching between them
  • Merging kubeconfigs from different cloud providers—combining AWS EKS, Google Cloud GKE, and Azure AKS configurations into a single unified file
  • Cleaning up stale contexts after cluster deletion to prevent kubectl from trying to connect to non-existent clusters
  • Validating kubeconfig files before sharing with team members to ensure they contain proper structure and won't cause kubectl errors
  • Removing sensitive credentials before committing kubeconfig to version control systems or documentation repositories
  • Consolidating kubeconfigs from multiple tools like eksctl, gcloud, az CLI, and Rancher which each generate separate configuration files
  • Getting a quick context switching overview without using command-line tools—visually see all available clusters and their current status

Tips and Best Practices

  • Keep separate kubeconfig files per environment and use KUBECONFIG environment variable to switch between them rather than maintaining one massive file
  • Regularly clean up unused contexts and clusters to keep your kubeconfig lean and avoid accidentally targeting the wrong cluster
  • Never commit kubeconfig files with real credentials to git repositories—use placeholder values or exec-based authentication instead
  • Use exec-based authentication (like aws eks get-token or gcloud config config-helper) for production clusters to avoid embedding long-lived credentials
  • Validate your kubeconfig after manual edits to catch YAML syntax errors or structural problems before trying to use kubectl
  • Back up your kubeconfig before performing merge operations so you can restore it if the merge doesn't work as expected
  • Use namespace field in contexts to avoid accidentally applying changes to the wrong namespace—specify default namespaces explicitly
  • Rotate credentials periodically according to your organization's security policies and update kubeconfig files accordingly
  • Use Role-Based Access Control (RBAC) to limit what each user can do in each cluster—configure least-privilege access for each user entry