Kubernetes-client: Unable to connect client via token

Created on 31 Jul 2018  ·  2Comments  ·  Source: fabric8io/kubernetes-client

Unable to connect client via token
K8s v1.9.1

I created the client in the following way and cannot be authenticated.

Config config = new ConfigBuilder().withMasterUrl(masterUrl).withUsername("admin").withOauthToken(token).build();
KubernetesClient client = new DefaultKubernetesClient(config);
List<Namespace> nameSpaceList =client.namespaces().list().getItems();

The error is as follows:

Exception in thread "main" io.fabric8.kubernetes.client.KubernetesClientException: Operation: [list] for kind: [Namespace] with name: [null] in namespace: [null] failed.
At io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:62)
At io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:71)
At io.fabric8.kubernetes.client.dsl.base.BaseOperation.list(BaseOperation.java:588)
At io.fabric8.kubernetes.client.dsl.base.BaseOperation.list(BaseOperation.java:49)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)
... 41 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
... 47 more

who can help me?

question

Most helpful comment

@wybrono : Yeah, this usually works:

KubernetesClient client = new DefaultKubernetesClient(new ConfigBuilder()
      .withTrustCerts(true)
      .withMasterUrl(MASTER_URL)
      .withOauthToken(OAUTH_TOKEN)
      .build());

I'm closing this since it seems to be resolved

All 2 comments

I have solved this problem. By skipping the authentication method, you can create a client with only token.
This problem can be closed, thank you!

@wybrono : Yeah, this usually works:

KubernetesClient client = new DefaultKubernetesClient(new ConfigBuilder()
      .withTrustCerts(true)
      .withMasterUrl(MASTER_URL)
      .withOauthToken(OAUTH_TOKEN)
      .build());

I'm closing this since it seems to be resolved

Was this page helpful?
0 / 5 - 0 ratings