Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# .1: GET API SERVERS
$ oc config view | grep server
server: https://127.0.0.1:8443
server: https://192.168.65.2:8443
server: https://192.168.99.100:8443
server: https://api.starter-us-east-1.openshift.com:443
$ oc config view | grep server | cut -f 2- -d ":"
https://127.0.0.1:8443
https://192.168.65.2:8443
https://192.168.99.100:8443
https://api.starter-us-east-1.openshift.com:443
$ oc config view | grep server | cut -f 2- -d ":" | tr -d " "
https://127.0.0.1:8443
https://192.168.65.2:8443
https://192.168.99.100:8443
https://api.starter-us-east-1.openshift.com:443
$ export APISERVER=https://192.168.99.100:8443
# .1.1 best alternative approach
$ oc whoami --show-server=true
https://192.168.99.100:8443
$ export APISERVER=$(oc whoami --show-server=true)
# .2: GET TOKEN
$ oc get secrets | grep default
default-dockercfg-hdb9h kubernetes.io/dockercfg 1 21h
default-token-2qhp8 kubernetes.io/service-account-token 4 21h
default-token-7bz28 kubernetes.io/service-account-token 4 21h
$ oc describe secret default-token-2qhp8 | grep -E '^token'
token: eyJhbG[snip]
$ oc describe secret default-token-2qhp8 | grep -E '^token' | cut -f2 -d':'
eyJhbG[snip]
$ oc describe secret default-token-2qhp8 | grep -E '^token' | cut -f2 -d':' | tr -d '\t'
eyJhbG[snip]
$ export TOKEN=$(oc describe secret default-token-2qhp8 | grep -E '^token' | cut -f2 -d':' | tr -d '\t')
# .2.1: GET TOKEN best alternative approach
export MYTOKEN=$(oc whoami --show-token=true)
# .3 curl API
$ curl $APISERVER/api --header "Authorization: Bearer $TOKEN" --insecure
{
"kind": "APIVersions",
"versions": [
"v1"
],
"serverAddressByClientCIDRs": [
{
"clientCIDR": "0.0.0.0/0",
"serverAddress": "192.168.99.100:8443"
}
]
$ curl $APISERVER/api/v1/namespaces/myproject/services/booster-rest-http --header "Authorization: Bearer $TOKEN" --insecure
User "system:serviceaccount:myproject:default" cannot get services in the namespace "myproject": User "system:serviceaccount:myproject:default" cannot get services in project "myproject"booster-rest-http (config)*$ whoami
$ curl $APISERVER/api/v1/namespaces/myproject/services/booster-rest-http --header "Authorization: Bearer $MYTOKEN" --insecure
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "booster-rest-http",
"namespace": "myproject",
"selfLink": "/api/v1/namespaces/myproject/services/booster-rest-http",
[snip]
@rondinif

This comment has been minimized.

Copy link
Owner Author

commented Jan 28, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.