I always get "Kubernetes Request Error: Forbidden" from Kubernetes (Services)

Answered

I'm using IntelliJ IDEA Ultimate 2019.3.4 with Kubernetes Plugin 193.6911.31 (2020-04-02).

The plugin seem to recognize my ~/.kube/config since my cluster name appear on the Kubernetes service window. 

The kubectl command from the shell works, so I'm sure the ~/.kube/config is funtioning. This is a ~/.kube/config to connect to a AWS EKS cluster so the setup is maybe different from a "regular" k8s cluster. The config is created following https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html so it contains a section like this:

 

 

So I wonder if there is any way to troubleshoot this. Like can I see what command is the Kubernetes plugins trying to execute to get the list of pods? 

2 comments
Comment actions Permalink

In Help > Debug Log settings I added 

 

#com.intellij.kubernetes

And now in ~/Library/Logs/IntelliJIdea2019.3/idea.log I can see

2020-04-06 13:04:31,062 [ 16582] DEBUG - nt.model.KubernetesCachedValue -
io.kubernetes.client.ApiException: Forbidden
at io.kubernetes.client.ApiClient.handleResponse(ApiClient.java:882)
at io.kubernetes.client.ApiClient$1.onResponse(ApiClient.java:837)
at com.squareup.okhttp.Call$AsyncCall.execute(Call.java:177)
at com.squareup.okhttp.internal.NamedRunnable.run(NamedRunnable.java:33)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
 
which doesn't tell me much. 
 
I'm guessing that the problem is that my ~/.kube/config requires to execute aws --region eu-west-1 eks get-token --cluster-name xxxx , The aws executable is in the PATH  at /usr/local/bin/aws but I'm suspecting that IntelliJ IDEA is not able to find it
 
0
Comment actions Permalink

Ok I've fixed the problem by just giving the full path to aws cli executable in ~/.kube/config



users:
- name: xxx
...
user:
exec:
command: /usr/local/bin/aws
...
0

Please sign in to leave a comment.