我需要使用 Python 将一些东西部署到 Openshift 集群(我已经被其他任何解决方案抢先使用),所以我正在尝试使用该kubernetes
模块:
from kubernetes import client, config
configuration = client.Configuration()
configuration.username='admin'
configuration.password='redacted'
configuration.host='https://api.cluster.example.com:6443'
configuration.verify_ssl = False
v1 = client.CoreV1Api(client.ApiClient(configuration))
ns = {}
ns['kind'] = 'Namespace'
ns['apiVersion'] = 'v1'
ns['metadata'] = {}
ns['metadata']['name'] = 'mynamespace'
v1.create_namespace(ns)
可悲的是,v1 对象没有使用我给它的用户名/密码对集群进行身份验证:
kubernetes.client.rest.ApiException: (403)
Reason: Forbidden
HTTP response headers: HTTPHeaderDict({'Audit-Id': 'd59bb32d-a114-4b42-90ca-86c6315809d0', Cache-Control': 'no-cache, private', 'Content-Type': 'application/json', 'X-Content-Type-ptions': 'nosniff', 'X-Kubernetes-Pf-Flowschema-Uid': '58a1456a-ff43-47a6-9a08-4a682ad5a509', X-Kubernetes-Pf-Prioritylevel-Uid': 'efbe11a3-861b-46ec-8e4a-1eadb766e284', 'Date': 'Thu, 21 Jan 2021 19:17:31 GMT', 'Content-Length': '273'})
HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"namespaces is forbidden: User \"system:anonymous\" cannot create resource \"namespaces\" in API group \"\" at the cluster scope","reason":"Forbidden","details":{"kind":"namespaces"},"code":403}
我正在寻找一种在 OCP 集群上抛出配置 YAML 并让它坚持下去的方法......