Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unauthorized error when creating a job

See original GitHub issue

Hey,

i want to create Job using the Java Kubernetes API. My tool runs fine when using a minikube cluster, but fails if i try to execute it against a (testing) Kubernetes cluster that was deployed using ubuntu conjure-up. The cluster has been modified to deny anonymous access and uses RBAC and Node authorization and basic auth authentication. i can use kubectl create -f foo.yaml to create a job, when i try to create a job using the Java API it returns:

io.kubernetes.client.ApiException: Unauthorized
        at io.kubernetes.client.ApiClient.handleResponse(ApiClient.java:882)
        at io.kubernetes.client.ApiClient.execute(ApiClient.java:798)
        at io.kubernetes.client.apis.BatchV1Api.createNamespacedJobWithHttpInfo(BatchV1Api.java:164)
        at io.kubernetes.client.apis.BatchV1Api.createNamespacedJob(BatchV1Api.java:148)
        at de.jlu.bioinfsys.workflowUI.Runner.CommonKubeRunner.startJob(CommonKubeRunner.java:62)
        at de.jlu.bioinfsys.workflowUI.handler.WorkflowUIHandler.startWorkflow(WorkflowUIHandler.java:64)
        at de.jlu.bioinfsys.workflowUI.workflowUIAPI.WorkflowServerAPI$Processor$startWorkflow.getResult(WorkflowServerAPI.java:546)
        at de.jlu.bioinfsys.workflowUI.workflowUIAPI.WorkflowServerAPI$Processor$startWorkflow.getResult(WorkflowServerAPI.java:531)
        at org.apache.thrift.ProcessFunction.process(ProcessFunction.java:39)
        at org.apache.thrift.TBaseProcessor.process(TBaseProcessor.java:39)
        at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:286)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at java.lang.Thread.run(Thread.java:748)

I tried this with a custom user and the default admin user with the same result. Both were able to create jobs using kubectl. The config is read correctly when i force parsing by using KubeConfig.loadDefaultKubeConfig().

This is how a build my client:

        ApiClient client = null;
        try {
            client = Config.defaultClient();
        } catch (IOException e) {
            e.printStackTrace();
        }
        Configuration.setDefaultApiClient(client);

        this.batchApiInstance = new BatchV1Api();

Cheers and thanks in advance

Issue Analytics

State:
Created 6 years ago
Comments:12 (5 by maintainers)

Top GitHub Comments

1reaction

OberstHorstcommented, Dec 30, 2017

Here is the Response body:

{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Unauthorized","reason":"Unauthorized","code":401}

Cheers

0reactions

k8s-ci-robotcommented, Jun 26, 2019

@fejta-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.