How to setMasterUrl in Ignite XML config for Kubernetes IPFinder

Question

Using test config with Ignite 2.4 and k8s 1.9:

Answer 1

@Denis was right.

Kubernetes using RBAC access controlling system and you need to authorize your pod to access to API.

For that, you need to add a Service Account to your pod.

So, for do that you need:

1. Create a service account and set role for it:

   apiVersion: v1
   kind: ServiceAccount
   metadata:
     name: ignite
     namespace: 
   

2. I am not sure that permissions to access only pods will be enough for Ignite, but if not - you can add as more permissions as you want. Here is example of different kind of roles with large list of permissions. So, now we create Cluster Role for your app:

   apiVersion: rbac.authorization.k8s.io/v1beta1
   kind: ClusterRole
   metadata:
     name: ignite
     namespace: 
   rules:
   - apiGroups:
     - ""
     resources:
     - pods # Here is resources you can access
     verbs: # That is what you can do with them
     - get
     - list
     - watch
   

3. Create binding for that role:

   kind: ClusterRoleBinding
   apiVersion: rbac.authorization.k8s.io/v1beta1
   metadata:
     name: ignite
   roleRef:
     kind: ClusterRole
     name: ignite
     apiGroup: rbac.authorization.k8s.io
   subjects:
   - kind: ServiceAccount
     name: ignite
     namespace: 
   

4. Now, you need to associate ServiceAccount to pods with your application:

   apiVersion: extensions/v1beta1
   kind: DaemonSet
   metadata:
     ....
   spec:
     template:
       spec:
         serviceAccountName: ignite
   

After that, your application will have an access to K8s API. P.S. Do not forget to change to namespace where you running Ignition.