Closed
Description
Once I setup the kubernetes cluster with kubeadm init, I can access the API using the CA cert generated by kubeadm with no problem at all:
curl $APISERVER/api --header "Authorization: Bearer $TOKEN" --cacert /etc/kubernetes/pki/apiserver.crt
{
"kind": "APIVersions",
"versions": [
"v1"
],
"serverAddressByClientCIDRs": [
{
"clientCIDR": "0.0.0.0/0",
"serverAddress": "$MYIP:6443"
}
]
}
However, when doing so with the python client I get an SSL error
[...]
api_instance = kubernetes.client.AppsV1beta1Api()
dep = yaml.load(yamldocument % (name, replicas, label, container_name, image))
try:
api_response = api_instance.create_namespaced_deployment('default', dep, pretty='true')
pprint(api_response)
except ApiException as e:
print("Exception: %s\n" % e)\
[...]
Exception: (0)
Reason: SSLError
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
The above won't work with python nor python3, and I've already run requirements.txt and setup.py with no luck.
The same script does work if I setup the API without TLS, by setting up kubectl proxy --port=8080.
I've tried adding the certificate to the ubuntu ca-certificate path but it didn't work.
Thanks in advance.
Metadata
Metadata
Assignees
Labels
No labels