Just expanding on @user1110502's excellent answer, the kubeconfig you get is a CredentialResult
object. You can turn that into a yaml string which can then be saved as a file like below:
aks_client = ContainerServiceClient(credential, subscription_id)
result: CredentialResult = aks_client.managed_clusters.list_cluster_user_credentials(
"resourcegroup-name", "cluster-name"
).kubeconfigs[0]
kubeconfig: str = result.value.decode("utf-8")
To then use this config in the kubernetes
python library you could save it as a file and load it in the usual manner with kubernetes.config.load_kube_config
, however the same can be achieved without the unnecessary disk IO like below:
import yaml
import kubernetes
from kubernetes.config.kube_config import KubeConfigLoader
cfg_dict = yaml.safe_load(kubeconfig)
loader = KubeConfigLoader(cfg_dict)
config = client.Configuration()
loader.load_and_set(config)
client.Configuration.set_default(config)
The kubernetes
library can then be connected to your AKS cluster:
with kubernetes.client.ApiClient(config) as api_client:
api = client.WellKnownApi(api_client)
resp = api.get_service_account_issuer_open_id_configuration()
print(resp)
subprocess.check_call('az aks get-credentials --resource-group [resource group name] --name [aks name]', shell=True)
would be a lot easier – Sufismsubprocess
solution because I don't want to login to Azure inaz
command (i don't want to depend on aaz
package, only on python). – Foliatedlist_cluster_admin_credential
to get my configuration – Foliated