This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 33%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPB%3C/text%3E%3C/svg%3E)
Hi Team,
I want to automate the pod status check (AKS cluster) and send mail in case not Running.
The current authentication device_code mechanism always requires keying the code and require human intervention. I am planning to use java kubernetes API https://github.com/kubernetes-client/java/tree/master/kubernetes
Hence, I wanted to know is there a way by which i can get a long-lived token.
Thanks,
Pranab
Hello Pranab Bhatta
Just checking in to see if you got a chance to see previous response.
If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 38%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOB%3C/text%3E%3C/svg%3E)
Hello Pranab,
Thank you for reaching Microsoft Q&A section.
You can geta Pod status with a REST API request by creating a new service account and generate a token as follows.
kubectl create serviceaccount jenkins
kubectl create token jenkins --duration 9999h> ./token
kubectl create clusterrole jenkins --verb=* --resource=*
kubectl create clusterrolebinding jenkins --clusterrole=jenkins --serviceaccount=default:jenkins
TOKEN=$(cat ./token)
# Generate the Rest API call to API Server
curl -sS -m 10 --cacert ./ca.crt --header "Authorization: Bearer ${TOKEN}" -X GET https://aks-fqdn.hcp.westeurope.azmk8s.io:443/api/v1/namespaces/default/pods/jenkins/status
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Hello Pranab Bhatta
Welcome to Microsoft Q&A Platform, thanks for posting your query here.
Currently, there is no way to get long lived token for a user by design.
However, you can choose any of the supported non-interactive methods with kubelogin (https://github.com/Azure/kubelogin#features) for example using Service Principal. Noting that the kubeconfig file should be compatible with the official k8s Java client according to https://github.com/kubernetes-client/java/wiki/2.-Versioning-and-Compatibility.
Alternatively, you can choose to generate a service account token following https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#manually-create-an-api-token-for-a-serviceaccount and use the Kubernetes method to authenticate to AKS apiserver.
Hope this helps.
If you need further help on this, tag me in a comment.
If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.