https://rancher.com/ logo
#rke2
Title
# rke2
a

adamant-kite-43734

11/30/2022, 11:52 AM
This message was deleted.
w

witty-engineer-12406

11/30/2022, 11:56 AM
I first used this in a local minkube installation, which worked as expected. But after switching to a rke2 cluster I'm just getting 401 Unauthorized ApiExceptions
To test the connection to the control plane, I use :
Copy code
import os

from kubernetes import client, config

KUBE_CONFIG_FILE = ""

if os.path.isfile(KUBE_CONFIG_FILE):
    config.load_kube_config(KUBE_CONFIG_FILE)
# check if serviceaccount exits
elif os.path.exists("/run/secrets/kubernetes.io/serviceaccount"):
    print("startup: try loading service account")
    config.load_incluster_config()
else:
    raise Exception("FAIL: cannot connect to control plain")

result = client.ApiClient().call_api(resource_path="/healthz",
                                     method="GET",
                                     #  query_params={"verbose": "true"},
                                     response_type=str)
when I use the token from that service account and create a kubeconfig-file and access the api from outside the cluster it works also
ok, I tried now some other request with the service account, in that pod, e.g. list pods... which worked
now is the question why does the call against
/healthz
not work 🤔
43 Views