Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kubernetes Client can't be initialized with OIDC authentication #1997

Closed
wing011203 opened this issue Feb 11, 2020 · 5 comments
Closed

Kubernetes Client can't be initialized with OIDC authentication #1997

wing011203 opened this issue Feb 11, 2020 · 5 comments
Assignees
@rohanKanojia
Labels
status/never-stale

Comments

@wing011203
Copy link

wing011203 commented Feb 11, 2020
edited

Hi,
I want to report a Kubernetes Client Initialization failure issue, it may be due to OIDC authentication.

I provisioned a Kubernetes cluster service from IBM Cloud platform, and I have got the kube config file which is using OIDC for user authentication, I tried to use Fabric Kubernetes Client library to connect to the cluster, but it failed when I try to load the config and initialize the KubernetesClient.

The root cause is that some of the Kubernetes API models under package io.fabric8.kubernetes.api.model are missing.
For my case, I checked the source code, in class io.fabric8.kubernetes.client.Config, it imports below 2 models which can't be found.
import io.fabric8.kubernetes.api.model.ExecConfig;
import io.fabric8.kubernetes.api.model.ExecEnvVar;

And in below method:
private static boolean loadFromKubeconfig(Config config, String context, String kubeconfigContents, String kubeconfigPath)
When the kube config file uses OIDC authentication, it will run below source code.
source_code
As ExecConfig can't be found, line 543 will raise below error.
error_message

I have tried version both 4.4.2 and 4.7.1, the error is same.
Please check and advise how we should use this library under OIDC based authentication.

Regards,
Pan
@wing011203 wing011203 mentioned this issue Feb 11, 2020
Closed
@rkdec89
Copy link

rkdec89 commented Mar 18, 2020

I am encountering the same issue as wing011203 posted above, but I provisioned a Kubernetes Cluster from Oracle Cloud Infrastructure (OKE service). Please help.

@eugene-krivobokov
Copy link

Hi! I've used a bit different workaround for OIDC.
Take a look at #2111 . Maybe it will help.

@stale
Copy link

stale bot commented Jul 3, 2020

This issue has been automatically marked as stale because it has not had any activity since 90 days. It will be closed if no further activity occurs within 7 days. Thank you for your contributions!

@stale stale bot added the status/stale label Jul 3, 2020
@stale stale bot closed this as completed Jul 11, 2020
@rohanKanojia rohanKanojia reopened this Jul 11, 2020
@stale stale bot removed the status/stale label Jul 11, 2020
@manusa
Copy link
Member

manusa commented Aug 24, 2020

Relates to:

@manusa manusa mentioned this issue Aug 25, 2020
Closed
@rohanKanojia rohanKanojia self-assigned this Aug 27, 2020
@rohanKanojia
Copy link
Member

When I was fixing #2111 I tried it out and found out that client works with OIDC(i.e. client is able to load the token from auth-provider config). Maybe it wasn't the case when this issue was filed. I think we can close this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rohanKanojia rohanKanojia

Labels
status/never-stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@manusa @eugene-krivobokov @rkdec89 @wing011203 @rohanKanojia