I would like to access to OpenShift and Kubernetes API from inside a pod to query and modify objects in the application the pod belongs to.
In the documentation (https://docs.openshift.org/latest/dev_guide/service_accounts.html) I found this description on how to access the api:
$ TOKEN="$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)"
$ curl --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
"https://openshift.default.svc.cluster.local/oapi/v1/users/~" \
-H "Authorization: Bearer $TOKEN"
The problem is when I for example want to access a pod, I need to know the namespace I'm in:
https://openshift.default.svc.cluster.local/oapi/v1/namespaces/${namespace}/pods
The only way I found so far is to submit the namespace as an environment variable, but I would like to not requiring the user to enter that information.
We can list all of the pods, services, stateful sets, and other resources in a namespace by using the kubectl get all command. As a result, you may use this command to see the pods, services, and stateful sets in a specific namespace.
From the PCE web console menu, choose Infrastructure > Container Clusters. Select the Container Cluster you want to manage. Select the Container Workload Profiles tab. You will see a list of all namespaces in the cluster.
The most basic command for viewing Kubernetes objects via kubectl is get . If you run kubectl get <resource-name> you will get a listing of all resources in the current namespace. If you want to get a specific resource, you can use kubectl get <resource-name> <object-name> .
At least in kubernetes 1.5.3 I can also see the namespace in /var/run/secrets/kubernetes.io/serviceaccount/namespace
.
You can get the namespace of your pod automatically populated as an environment variable using the downward API.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With