Closed geotransformer closed 1 year ago
liggitt
commented
1 year ago I am wondering for GO client code in the below. Is there any token reloading?
Yes, setting BearerTokenFile in that method initiates a background process that rereads the token file once a minute.
liggitt
commented
1 year ago the refresh is set up in https://github.com/kubernetes/client-go/blob/9e63bf02759e31b55eae00043fbb790a10de6d99/transport/round_trippers.go#L52, for reference
liggitt
commented
1 year ago k8s.io/client-go versions v0.15.0+ reload tokens automatically.
Hi team, We are using Python, java, Go Kubernetes client in our microservices. Recently we have some token expiration issue for some deployment running for more than 1 years.
Calico issue: https://github.com/projectcalico/calico/pull/5910 Java-client issue: https://github.com/fabric8io/kubernetes-client/pull/4264
This is because K8s had some change for service account token renew Since k8s 1.21, service account tokens have an lifespan of one hour (short-lived & rotation). The token expiration is 365 days actually.
I am wondering for GO client code in the below. Is there any token reloading?
https://github.com/kubernetes/client-go/blob/9e63bf02759e31b55eae00043fbb790a10de6d99/rest/config.go#L511