This message was deleted Rancher Users #rke2

Join Slack

This message was deleted.

# rke2

adamant-kite-43734

11/30/2022, 11:52 AM

This message was deleted.

witty-engineer-12406

11/30/2022, 11:56 AM

I first used this in a local minkube installation, which worked as expected. But after switching to a rke2 cluster I'm just getting 401 Unauthorized ApiExceptions

witty-engineer-12406

11/30/2022, 12:05 PM

To test the connection to the control plane, I use :

Copy code

import os

from kubernetes import client, config

KUBE_CONFIG_FILE = ""

if os.path.isfile(KUBE_CONFIG_FILE):
    config.load_kube_config(KUBE_CONFIG_FILE)
# check if serviceaccount exits
elif os.path.exists("/run/secrets/kubernetes.io/serviceaccount"):
    print("startup: try loading service account")
    config.load_incluster_config()
else:
    raise Exception("FAIL: cannot connect to control plain")

result = client.ApiClient().call_api(resource_path="/healthz",
                                     method="GET",
                                     #  query_params={"verbose": "true"},
                                     response_type=str)

witty-engineer-12406

11/30/2022, 12:15 PM

when I use the token from that service account and create a kubeconfig-file and access the api from outside the cluster it works also

witty-engineer-12406

11/30/2022, 2:10 PM

ok, I tried now some other request with the service account, in that pod, e.g. list pods... which worked

witty-engineer-12406

11/30/2022, 2:11 PM

now is the question why does the call against

/healthz

not work 🤔

51 Views

Open in Slack

Previous Next