K8s ignore kubeconfig file and connects to localhost when in a kubernetes cluster

[FlorianJDF]

SUMMARY

Hello all,
I'm trying to use an ansible playbook with the k8s module inside a container started by tekton on a kubernetes cluster.
In this container I have a kubeconfig file that is working (kubectl commands works)

When running the playbook, the K8S modules tries to connect to "localhost:80" instead of the URL provided in the kubeconfig file.
When changing the env var K8S_AUTH_HOST, the playbook tries to connect to the URL declared in the env var K8S_AUTH_HOST.

Look like for some reason the module is ignoring the "context" and "kubeconfig" input.
But if one of them is wrong (no kubeconfig file or wrong context for example) the playbook fails.

Using the same playbook on a local linux machine works perfectly.

ISSUE TYPE

• Bug Report

COMPONENT NAME

community.kubernetes.k8s

ANSIBLE VERSION

ansible 2.9.15
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/tekton/home/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Aug 13 2020, 02:51:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]

CONFIGURATION

ANSIBLE_PIPELINING(/workspace/genbox/configuration/ansible.cfg) = True
ANSIBLE_SSH_ARGS(/workspace/genbox/configuration/ansible.cfg) = -o ControlMaster=auto -o ControlPersist=600s
ANSIBLE_SSH_CONTROL_PATH(/workspace/genbox/configuration/ansible.cfg) = /tmp/ansible-ssh-%%h-%%p-%%r
DEFAULT_CALLBACK_WHITELIST(/workspace/genbox/configuration/ansible.cfg) = [u'profile_roles']
DEFAULT_FORKS(/workspace/genbox/configuration/ansible.cfg) = 20
DEFAULT_LOG_PATH(/workspace/genbox/configuration/ansible.cfg) = /tekton/home/.ansible.log
DEFAULT_TIMEOUT(/workspace/genbox/configuration/ansible.cfg) = 30
INVENTORY_UNPARSED_IS_FAILED(/workspace/genbox/configuration/ansible.cfg) = True

OS / ENVIRONMENT

Container ubi7 with ansible and python installed

STEPS TO REPRODUCE

Using this playbook

- name: test k8s
  hosts: localhost
  tasks:
  - name: k8s
    community.kubernetes.k8s:
      context: test-env.maint.com
      kubeconfig: /root/.kube/config
      src: ./test.yml 
      state: present
      merge_type: merge
      verify_ssl: true
    check_mode: true

EXPECTED RESULTS

The K8s module checking on the cluster https://api-test-env.maint.com:6443 with the context and kubeconfig declared

Tuesday 01 December 2020  08:06:55 +0000 (0:00:00.847)       0:00:00.880 ****** 
ok: [localhost] => {"changed": false, "method": "patch", "result": {"apiVersion": "rbac.authorization.k8s.io/v1", "kind": "RoleBinding", "metadata": {"annotations": {}, "creationTimestamp": "2020-07-08T17:01:06Z", "name": "system:test", "namespace": "debug", "resourceVersion": "XXXX", "selfLink": "", "uid": "xxxx-xxxxx-xxxxx-xxxxx"}, "roleRef": {"apiGroup": "rbac.authorization.k8s.io", "kind": "ClusterRole", "name": "system:test"}, "subjects": [{"kind": "ServiceAccount", "name": "test", "namespace": "debug"}]}}

ACTUAL RESULTS

The K8s modules failed tying to conect to localhost:80

 "msg": "Failed to get client due to HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /version (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fe0fd6b3d90>: Failed to establish a new connection: [Errno 111] Connection refused',))"
}

[ansibot]

Files identified in the description:
None

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

[mkrizek]

!component =lib/ansible/modules/clustering/k8s/k8s.py

[ansibot]

Files identified in the description:

• lib/ansible/modules/clustering/k8s/k8s.py

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibot]

Thank you very much for your interest in Ansible. Ansible has migrated much of the content into separate repositories to allow for more rapid, independent development. We are closing this issue/PR because this content has been moved to one or more collection repositories.

• lib/ansible/modules/clustering/k8s/k8s.py -> https://galaxy.ansible.com/community/kubernetes

For further information, please see:
https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md

[FlorianJDF]

Hello,
I am using https://galaxy.ansible.com/community/kubernetes.

What do i need to change ?

[mkrizek]

Open this issue in https://github.com/ansible-collections/community.kubernetes/issues.

[sergiosamu]

Hello @FlorianJDF
I'm facing the same issue. Did you manage to solve it?
Thanks in advance.

[FlorianJDF]

Hi @sergiosamu

Yes I did.
If fact ansible <= 2.9 do not work with the python kubertes lib > 11.0.0.
So if like me you are using rhel, so ansible 2.10 is not supported, you need to use kubernetes==11.0.0.

Warning, I was using the openshift 0.11.2 lib that before installed the kubernetes 11 lib, but now installs the kubernetes 12 lib.

I hope this helps you,

[sergiosamu]

Hello! Thanks for your tips. Switching to kubernetes 11.0.0 and openshift 0.11.0 solved the issue. Best.

…

On Sat, Dec 5, 2020, 11:23 Florian Teissedre ***@***.***> wrote: Hi @sergiosamu <https://github.com/sergiosamu> Yes I did. If fact ansible <= 2.9 do not work with the python kubertes lib > 11.0.0. So if like me you are using rhel, so ansible 2.10 is not supported, you need to use kubernetes==11.0.0. Warning, I was using the openshift 0.11.2 lib that before installed the kubernetes 11 lib, but now installs the kubernetes 12 lib. I hope this helps you, — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#72769 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADREFBTIBNVURPXGYUMHVS3STIC3PANCNFSM4UI2FGMQ> .