Kubernetes and curl: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 5: Line 5:
=Invoking into the API Server from Inside a Pod=
=Invoking into the API Server from Inside a Pod=


  TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); curl -sSk -H "Authorization: Bearer ${TOKEN}" https://kubernetes.default/api/v1/namespaces/
  TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \
curl -Sk -H "Authorization: Bearer ${TOKEN}" \
https://kubernetes.default/api/v1/namespaces/


[[Curl#-k_--insecure|-k]] in the command above instructs curl to execute in insecure mode. We can actually run it in secure mode because we have access to the certificate:
[[Curl#-k_--insecure|-k]] in the command above instructs curl to execute in insecure mode. We can actually run it in secure mode because we have access to the certificate:
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \
curl -S -H "Authorization: Bearer ${TOKEN}" \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
https://kubernetes.default/api/v1/namespaces/

Latest revision as of 17:02, 13 September 2019

Internal

Invoking into the API Server from Inside a Pod

TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \
curl -Sk -H "Authorization: Bearer ${TOKEN}" \
https://kubernetes.default/api/v1/namespaces/

-k in the command above instructs curl to execute in insecure mode. We can actually run it in secure mode because we have access to the certificate:

TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \
curl -S -H "Authorization: Bearer ${TOKEN}" \
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
https://kubernetes.default/api/v1/namespaces/