Quick start
Configure the CLI
Point the CLI at your kobe endpoint
kobe config set endpoint https://kobe.example.comOr open the interactive config editor:
kobe configAuthenticate
kobe loginkobe supports SSH key auth (Ed25519 via your SSH agent), OIDC tokens, and static bearer tokens. The login flow detects which methods your endpoint accepts and guides you through the appropriate one.
To check which auth methods are available on your endpoint:
kobe statusList available pools
kobe statusThis shows the endpoint version, available auth methods, pool summary, and your active leases.
Lease a cluster
kobe lease ci-smallkobe writes the kubeconfig to ~/.kube/kobe-<lease-id> by default and prints the lease ID and expiry. The cluster is ready to use immediately.
To write to a specific path:
kobe lease ci-small --kubeconfig /tmp/kube.yamlTo request a longer TTL (within your policy's maxTtl):
kobe lease ci-small --ttl 2hUse the cluster
KUBECONFIG=~/.kube/kobe-<lease-id> kubectl get nodesThe cluster is a fully isolated Kubernetes environment. It won't affect other callers, and all resources you create are destroyed with it when the lease expires or is released.
Release the cluster
kobe release <lease-id>This immediately destroys the cluster and returns it to the pool for recycling. Releasing early is good practice in CI — it lets the pool refill faster for the next run.
Manage active leases
kobe status
Shows your active leases together with pool availability. For raw lease data, call GET /v1/leases.
What happens when a lease expires
kobe enforces TTLs server-side. When a lease expires, the operator sets its phase to Expired and begins recycling the cluster. The kubeconfig you received stops working at expiry — Kubernetes API calls will fail with certificate errors, since the client cert is issued with the same TTL.