Access Kubernetes API from a pod in C#
Ideally, I'd like to just use WebClient
The Kubernetes is a REST API, so this would work. As shown on Directly accessing the REST API using kubectl proxy it is easy to explore the API using e.g. curl
.
Example with curl
and kubectl proxy
- response is in json format.
curl http://localhost:8080/api/v1/pods
The complicating factor is that you probably need a private certificate bundle, and it is good practice to properly validate this for security reasons. When accessing the API from a Pod, the client certificate is located on /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
and in addition, you need to authenticate using the token located on /var/run/secrets/kubernetes.io/serviceaccount/token
But do I really have to bring a whole client library on board just for a simple GET to a single endpoint?
What you get from a client library is:
- Implemented authentication using certificates and tokens
- Typed client access - instead of hand code urls and requests
The dotnet-client example shows how the "Typed client access" looks like, for "listing Pods in the default namespace" (see authentication alternatives):
var config = KubernetesClientConfiguration.InClusterConfig() // auth from PodIKubernetes client = new Kubernetes(config);Console.WriteLine("Starting Request!");var list = client.ListNamespacedPod("default");foreach (var item in list.Items){ Console.WriteLine(item.Metadata.Name);}