InsecureRequestWarning from urllib3/connectionpool.py when connecting to cluster

[discodex]

Issue that I am seeing and currently trying to work through:

>>> from kubernetes import client, config
>>> api_client_config = config.kube_config.new_client_from_config(config_file='./context-config.yaml')
>>> v1b1 = client.AppsV1beta1Api(api_client_config)
>>> v1b1.read_namespaced_deployment(name='kube-dns', namespace='kube-system').spec.template.spec.containers[0].image

result:
~/lib64/python3.6/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
'gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.4'

pip freeze output

Babel==2.6.0
cachetools==2.1.0
certifi==2018.4.16
chardet==3.0.4
click==6.7
Flask==1.0.2
Flask-Babel==0.11.2
Flask-Table==0.5.0
google-auth==1.4.2
idna==2.6
ipaddress==1.0.22
itsdangerous==0.24
Jinja2==2.10
kubernetes==6.0.0
MarkupSafe==1.0
oauthlib==2.1.0
pyasn1==0.4.3
pyasn1-modules==0.2.1
python-dateutil==2.7.3
pytz==2018.4
PyYAML==3.12
requests==2.18.4
requests-oauthlib==0.8.0
rsa==3.4.2
six==1.11.0
urllib3==1.22
websocket-client==0.48.0
Werkzeug==0.14.1

python --version

Python 3.6.5

python -c "import ssl; print(ssl.OPENSSL_VERSION)"

OpenSSL 1.1.0h-fips 27 Mar 2018

Connecting to a bare metal kubernetes cluster currently on v1.7.5. Kubernetes config file being used (./context-config.yaml) uses tokens in the context configuration. I could probably pull the private ca from the master but not sure how to reference it.

Any help in getting rid of the ssl insecure request warnings is appreciated.

[tomplus]

Please take a look: https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/ There is an option certificate-authority which can be added to your config file.

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

[fejta-bot]

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

[fejta-bot]

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

[k8s-ci-robot]

@fejta-bot: Closing this issue.

Details

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.