Kubernetes and curl: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
=Invoking into the API Server from Inside a Pod= | =Invoking into the API Server from Inside a Pod= | ||
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); curl - | TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \ | ||
curl -Sk -H "Authorization: Bearer ${TOKEN}" \ | |||
https://kubernetes.default/api/v1/namespaces/ | |||
[[Curl#-k_--insecure|-k]] in the command above instructs curl to execute in insecure mode. We can actually run it in secure mode because we have access to the certificate: | [[Curl#-k_--insecure|-k]] in the command above instructs curl to execute in insecure mode. We can actually run it in secure mode because we have access to the certificate: | ||
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \ | |||
curl -S -H "Authorization: Bearer ${TOKEN}" \ | |||
--cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \ | |||
https://kubernetes.default/api/v1/namespaces/ |
Latest revision as of 17:02, 13 September 2019
Internal
Invoking into the API Server from Inside a Pod
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \ curl -Sk -H "Authorization: Bearer ${TOKEN}" \ https://kubernetes.default/api/v1/namespaces/
-k in the command above instructs curl to execute in insecure mode. We can actually run it in secure mode because we have access to the certificate:
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token); \ curl -S -H "Authorization: Bearer ${TOKEN}" \ --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \ https://kubernetes.default/api/v1/namespaces/