更新时间:2022-05-13 21:48:58
我做过的错误是要传递我直接从kubectl edit secret nameofsa-token-xyze -n default
获得的 ca.crt 数据到代码中的configuration.ssl_ca_cert
.
Mistake i did was to pass data of ca.crt which i got from kubectl edit secret nameofsa-token-xyze -n default
directly to configuration.ssl_ca_cert
in the code.
相反,应该做的是使用base64 --decode
解码数据,这是我从上述命令(kubectl edit secret nameofsa-token-xyze -n default
)获得的,这就是我的方法.
Instead what should be done is to decode the data using base64 --decode
, which i got from above command(kubectl edit secret nameofsa-token-xyze -n default
), this is how i did it.
kubectl get secrets default-token-nqkdv -n default -o jsonpath='{.data.ca\.crt}' | base64 --decode > ca.crt
.
然后我需要在代码中传递ca.crt文件的路径,因此最终代码如下所示:
Then i need to pass the path of ca.crt file in the code, so final code look like below
from __future__ import print_function
import time
import kubernetes.client
from kubernetes.client.rest import ApiException
configuration = kubernetes.client.Configuration()
configuration.ssl_ca_cert = 'ca.crt'
configuration.api_key['authorization'] = 'ZXXXXXXXXXXdw=='
configuration.api_key_prefix['authorization'] = 'Bearer'
configuration.host = 'https://aaaaaaaaaaaaaaa.gr7.us-east-1.eks.amazonaws.com'
api_instance = kubernetes.client.CoreV1Api(kubernetes.client.ApiClient(configuration))
api_response = api_instance.list_namespace()
for i in api_response.items:
print(i.metadata.name)