From ae1fa536d09156ecfe814e5127cc7cce01586a49 Mon Sep 17 00:00:00 2001 From: Oliver Gould Date: Thu, 8 Sep 2022 08:41:22 -0700 Subject: [PATCH] Fix in-cluster API discovery documentation The documentation incorrectly describes the way that client libraries discover the Kubernetes API server. While the `kubernetes.default.svc` DNS is provided as a convenience, **all** of the officially supported API clients use environment variables to discover the address of the API server. This change updates the documentation to reflect this. Signed-off-by: Oliver Gould --- .../en/docs/tasks/run-application/access-api-from-pod.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/content/en/docs/tasks/run-application/access-api-from-pod.md b/content/en/docs/tasks/run-application/access-api-from-pod.md index d56f624cd561b..3ea855afe4df2 100644 --- a/content/en/docs/tasks/run-application/access-api-from-pod.md +++ b/content/en/docs/tasks/run-application/access-api-from-pod.md @@ -42,10 +42,11 @@ securely with the API server. ### Directly accessing the REST API -While running in a Pod, the Kubernetes apiserver is accessible via a Service named -`kubernetes` in the `default` namespace. Therefore, Pods can use the -`kubernetes.default.svc` hostname to query the API server. Official client libraries -do this automatically. +While running in a Pod, the Kubernetes API server is referenced by the environment +variables `KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT`. As a convenience, +the API server may also be referenced via a Service named `kubernetes` in the `default` +namespace. Therefore, Pods can use the `kubernetes.default.svc` hostname to query the +API server. The recommended way to authenticate to the API server is with a [service account](/docs/tasks/configure-pod-container/configure-service-account/)