try using cluster dns to reach apiserver - for #587

kube-rs · Jul 21, 2021 · 64e1492 · 64e1492
1 parent e668ca0
commit 64e1492
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/kube/src/config/incluster_config.rs b/kube/src/config/incluster_config.rs
@@ -2,8 +2,12 @@ use std::env;
 
 use crate::{config::utils, Result};
 
+// Old method to connect to kubernetes
 pub const SERVICE_HOSTENV: &str = "KUBERNETES_SERVICE_HOST";
 pub const SERVICE_PORTENV: &str = "KUBERNETES_SERVICE_PORT";
+// New method to connect to kubernetes
+pub const SERVICE_DNS: &str = "kubernetes.default.svc";
+// Mounted credential files
 const SERVICE_TOKENFILE: &str = "/var/run/secrets/kubernetes.io/serviceaccount/token";
 const SERVICE_CERTFILE: &str = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt";
 const SERVICE_DEFAULT_NS: &str = "/var/run/secrets/kubernetes.io/serviceaccount/namespace";
@@ -15,6 +19,10 @@ pub fn kube_server() -> Option<String> {
     Some(format!("https://{}:{}", host, port))
 }
 
+pub fn kube_dns() -> http::Uri {
+    http::Uri::builder().scheme("https").authority(SERVICE_DNS).build().unwrap()
+}
+
 fn kube_host() -> Option<String> {
     env::var(SERVICE_HOSTENV).ok()
 }

diff --git a/kube/src/config/mod.rs b/kube/src/config/mod.rs
@@ -91,11 +91,12 @@ impl Config {
     /// and relies on you having the service account's token mounted,
     /// as well as having given the service account rbac access to do what you need.
     pub fn from_cluster_env() -> Result<Self> {
-        let cluster_url = incluster_config::kube_server().ok_or(ConfigError::MissingInClusterVariables {
-            hostenv: incluster_config::SERVICE_HOSTENV,
-            portenv: incluster_config::SERVICE_PORTENV,
-        })?;
-        let cluster_url = cluster_url.parse::<http::Uri>()?;
+        let cluster_url = incluster_config::kube_dns();
+        //let cluster_url = incluster_config::kube_server().ok_or(ConfigError::MissingInClusterVariables {
+        //    hostenv: incluster_config::SERVICE_HOSTENV,
+        //    portenv: incluster_config::SERVICE_PORTENV,
+        //})?;
+        //let cluster_url = cluster_url.parse::<http::Uri>()?;
 
         let default_namespace = incluster_config::load_default_ns()
             .map_err(Box::new)