In a container inside a pod, how can I run a command using kubectl? For example, if i need to do something like this inside a container:
kubectl get pods
I have tried this : In my dockerfile, I have these commands :
RUN curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl RUN chmod +x ./kubectl RUN sudo mv ./kubectl /usr/local/bin/kubectl
EDIT : I was trying the OSX file, I have corrected it to the linux binary file. (corrected by @svenwltr
While creating the docker file, this is successful, but when I run the kubectl get pods inside a container,
kubectl get pods
I get this error :
The connection to the server : was refused - did you specify the right host or port?
When I was deploying locally, I was encountering this error if my docker-machine was not running, but inside a container how can a docker-machine be running?
Locally, I get around this error by running the following commands: (dev is the name of the docker-machine)
docker-machine env dev eval $(docker-machine env dev)
Can someone please tell me what is it that I need to do?
If you would like to query the API without an official client library, you can run kubectl proxy as the command of a new sidecar container in the Pod. This way, kubectl proxy will authenticate to the API and expose it on the localhost interface of the Pod, so that other containers in the Pod can use it directly.
Running Commands in an Alternate Directory in a Docker Container. To run a command in a certain directory of your container, use the --workdir flag to specify the directory: docker exec --workdir /tmp container-name pwd.
Kubernetes in Docker (kind) is a relatively new tool for running Kubernetes clusters locally using Docker containers as Kubernetes nodes.
I would use kubernetes api, you just need to install curl, instead of kubectl
and the rest is restful.
curl http://localhost:8080/api/v1/namespaces/default/pods
Im running above command on one of my apiservers. Change the localhost to apiserver ip address/dns name.
Depending on your configuration you may need to use ssl or provide client certificate.
In order to find api endpoints, you can use --v=8
with kubectl
.
example:
kubectl get pods --v=8
Resources:
Kubernetes API documentation
Update for RBAC:
I assume you already configured rbac, created a service account for your pod and run using it. This service account should have list permissions on pods in required namespace. In order to do that, you need to create a role and role binding for that service account.
Every container in a cluster is populated with a token that can be used for authenticating to the API server. To verify, Inside the container run:
cat /var/run/secrets/kubernetes.io/serviceaccount/token
To make request to apiserver, inside the container run:
curl -ik \ -H "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \ https://kubernetes.default.svc.cluster.local/api/v1/namespaces/default/pods
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With