Closed katepangLiu closed 2 years ago
Does this problem only happen when the service account is prohibited from listing pods?
If client-go can list pod with right service account, does this problem reproduce ?
Yes, it work well with --clusterrole=view
serviceaccount.
# kubectl create clusterrolebinding default-view --clusterrole=view --serviceaccount=default:default
# ./list_pod_incluster
call CoreV1API_listNamespacedPod.
OK
The return code of HTTP request=200
Get pod list:
The pod name: datadog-cluster-agent-8466bcd8c6-ccld5
The pod name: datadog-kdmqh
The pod name: datadog-kube-state-metrics-6fb56bf889-fbx8s
The pod name: datadog-s7v5n
The pod name: nginx
It's very strange. This example works well in my env:
root@test-pod-8:/# ./list_pod_incluster_bin
The return code of HTTP request=403
Cannot get any pod.
Can you please give more detail ? e.g. stdout of the running of program, souce code (if you changes)
or print apiClient->dataReceived
after CoreV1API_listNamespacedPod
is called
It's very strange. This example works well in my env:
root@test-pod-8:/# ./list_pod_incluster_bin The return code of HTTP request=403 Cannot get any pod.
Can you please give more detail ? e.g. stdout of the running of program, souce code (if you changes)
or print
apiClient->dataReceived
afterCoreV1API_listNamespacedPod
is called
Thanks @ityuhui, I will double check firstlly, I use version(tag) 0.1.0, and import all dependent libs statically, maybe I dit something wrong.
client-go
client-c
backtrace:
coredump: