K
Q

Connect to Kubernetes apiserver created on Google Container Engine (node.js)

10/26/2015

I've successfully connected to container engine through googleapis nodejs client and get the cluster object back (according to the doc here), and saved the masterAuth object to a json file on disk. However, I still cannot figure out how to make an authenticated request to the apiserver:

var request = require("request");
var key = require("path/to/key/json");
var options = {
    url: "https://IPofKubernetesCluster/api/v1/endpoints",
    cert: key.clientCertificate,
    ca: key.clusterCaCertificate,
    key: key.clientKey,
    passphrase: null
};
request.get(options, function(e, r, body) {});

The code failed with the following error:

crypto.js:131
      c.context.setKey(options.key);
            ^
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
    at Object.exports.createCredentials (crypto.js:131:17)
    at Object.exports.connect (tls.js:1345:27)
    at Agent.createConnection (https.js:79:14)
    at Agent.createSocket (http.js:1294:16)
    at Agent.addRequest (http.js:1270:23)
    at new ClientRequest (http.js:1417:16)
    at Object.exports.request (https.js:123:10)
    at Request.start(node_modules/request/request.js:793:30)
    at Request.end (node_modules/request/request.js:1400:10)
    at end (node_modules/request/request.js:564:14)

Any help would be much appreciated.

-- Fardream
google-cloud-platform
google-kubernetes-engine
kubernetes

Similar Questions

Can Google Kubernetes run Apache Mesos frameworks on top of it?
Kubernetes multi-tier container application
Using Kubernetes to auto scale in google container engine
Auto scaling for Google container engine

1 Answer

10/26/2015

The MasterAuth structure includes base64-encoded client and cluster certificates. You will need to decode them back into the PEM format before passing the string into your http client library.

-- Robert Bailey
Source: StackOverflow