0
votes

I am retrieving a list of Clusters from GKE using GKE Rest API. Next, I need to retrieve containers information from Kubernetes API Server for a particular GKE cluster. There are two authentication methods known to me which can be used to authenticate a cluster with Kubernetes API. First One is Basic Authentication and the second one is Authentication using client certificate and client key. I have found out Here that both of these approaches are no more recommended.

My question is that what other authentication method I can use to authenticate my GKE cluster with Kubernetes API using its Java client library.

1

1 Answers

1
votes

The java client should be able to find the pod's service account and authenticate itself within a cluster, and use a kubeconfig file to authenticate when outside cluster. The default location to look for a kubeconfig file is HOME/.kube/config

When outside the cluster, the gcloud container clusters get-credentials ... command will create a kubeconfig file with proper helper configuration to authenticate. Presumably there is a java way to set up a kubeconfig file without running gcloud from a shell in the google-cloud-container library.