Refreshing of kubeconfig informations ...
we having the following issue in a cloud setup:
During the startup of the kubewebview we are generating the kubeconfig file with correct informations and with tokens to access all the clusters.
But those tokens are just valid for one hour and we can't extend them. kubewebview does not seems to reread the kubeconfig file. It just fails after a hour to providing informations because of invalid tokens.
The main problem why we have to do this is, that the pykube module is not able to use an authprovider with an exec part in the kubeconfig. In this case, the tokens could be refeshed automatically.
So we have some workarounds, but they comes with interrupts on the dashboard (restart everything, get new tokens, etc.).
- would it be possible to extend the pykube module for doing something like using an authprovider with exec?
- would it be possible to reread the kubeconfig after the dashboard finds that the cluster is not accessable (so we can change the token in the background)
- would it be possible to let the dashboard react on a sighub signal to reread the kubeconfig?
What are you thougts about that?
Re-reading kubeconfig makes sense, but this should already work (?), see https://codeberg.org/hjacobs/kube-web-view/src/branch/main/kube_web/cluster_discovery.py#L133 (reads config file each time). Can you try if the kubeconfig is (re-)read when going to
/clusters (which calls
ok that seems to work. But is also a bad experience for a developer because of the error message (we had to teach around 300 developers).
ATM I do something like this:
while True: proc = subprocess.Popen(kubewebview) time.sleep(3500) refreshKubeTokens() proc.kill()
Maybe the get_clusters() could be called once, if the dashboard comes into the read error case?
This error appears: 401 Client Error: Unauthorized
Deleting a branch is permanent. It CANNOT be undone. Continue?