K
Q

Kubernetes python client: authentication problem

4/1/2019

I am trying to use the python API for kubernetes and I can't seem to be able to execute the request. I think the pipeline is not clear to me.

I am following the steps here: Kubernetes python client: authentication issue

On the remote server:

  • I setup my service account and generated the secret as described in the link
  • I added the token to my code

I am getting connection refused.

  • Am I supposed to import any information from the cluster into the local client?
  • Is the port okay?
from kubernetes import client, config
def main():
    configuration = client.Configuration() 

    configuration.host = "http://my_ip:8080"
    configuration.api_key_prefix['authorization'] = "Bearer"
    configuration.api_key['authorization'] = "my_token"
    v1 = client.CoreV1Api()
    print("Listing pods with their IPs:")
    ret = v1.list_pod_for_all_namespaces(watch=False)
    for i in ret.items:
        print("%s\t%s\t%s" %
            (i.status.pod_ip, i.metadata.namespace, i.metadata.name))

if __name__ == '__main__':
    main()

Output:

   raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='xx.xx.xx.xx', port=8080): Max retries exceeded with url: /api/v1/pods?watch=False (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x1118e5668>: Failed to establish a new connection: [Errno 61] Connection refused'

Current local client kubectl config view:

apiVersion: v1
clusters: []
contexts: []
current-context: ""
kind: Config
preferences: {}
users: []
-- Ademord
kubernetes
kubernetes-python-client

Similar Questions

Kubernetes POD's does not receive any data
kubectl set image throws error: the server doesn't have a resource type deployment"
Resizing instance groups by schedule
how to deal "failed to connect to Kubernetes master ip"
JKube doesn&#39;t create imagePullSecret

2 Answers

3/26/2020

You neglected to specify the API server certificate in your configuration. The link you included has the following:

configuration.ssl_ca_cert = '<path_to_cluster_ca_certificate>'
-- Chris Lauwers
Source: StackOverflow
4/1/2019

First, check if kubectl is configured correctly, like in the excerpt below from the docs here.

Configure kubectl

In order for kubectl to find and access a Kubernetes cluster, it needs a kubeconfig file, which is created automatically when you create a cluster using kube-up.sh or successfully deploy a Minikube cluster. [...] By default, kubectl configuration is located at ~/.kube/config.

Check the kubectl configuration

Check that kubectl is properly configured by getting the cluster state:

kubectl cluster-info

If you see a URL response, kubectl is correctly configured to access your cluster. If you see a message similar to the following, kubectl is not correctly configured or not able to connect to a Kubernetes cluster.

The connection to the server <server-name:port> was refused - did you specify the right host or port?

Because it looks like it isn't connected to a cluster. If it doesn't give back a URL, you can get the config file from your remote server (from the $HOME/.kube directory).

You can put that file on your local machine, similarly named $HOME/.kube/config.

Then you can load that config file in your Python script with:

def main():
    config.load_kube_config()

Example can be found here.

-- char
Source: StackOverflow