How do I programmatically connect to an AKS cluster and create a K8 clientset in Golang?

Mudit Surana 20 Reputation points
2023-05-10T07:59:05.85+00:00

I am trying to fetch all the namespaces present in an AKS cluster programmatically using Golang for which I need to create a Kubernetes clientset for that particular AKS cluster, so that I can list the namespace as follows:

k8ClientSet.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})

I will need to this from outside the cluster and I will not be able to use the Kubelogin exec plugin since it requires it to be installed on the host system which is not possible. Even, the azure auth plugin has been deprecated.

Can someone pls help with this issue. If possible, pls share code sample as well.

Thanks.

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,342 questions
Accepted answer
  1. vipullag-MSFT 19,156 Reputation points Microsoft Employee
    2023-05-10T09:19:04.33+00:00

    Hello Mudit Surana

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    I am not much familiar with Golang, just wanted to share few pointers that can help with your ask:

    If you need to connect to an AKS cluster from outside the cluster without using any plugins, you can use the Azure Active Directory (AAD) authentication method. This involves acquiring a token from Azure AD and using it to authenticate requests to the AKS cluster.

    Here is an example code snippet that shows how to do this:

    import (
    "context"
    "fmt"
    "os"

    "github.com/Azure/azure-sdk-for-go/profiles/latest/containerservice/mgmt/containerservice"
    "github.com/Azure/go-autorest/autorest"
    "github.com/Azure/go-autorest/autorest/azure/auth"
    "k8s.io/client-go/kubernetes"
    "k8s.io/client-go/rest"
)

func main() {
    // Get the AKS cluster credentials using Azure Active Directory authentication
    authorizer, err := auth.NewAuthorizerFromEnvironment()
    if err != nil {
        panic(err.Error())
    }
    subscriptionID := "<your-subscription-id>"
    resourceGroupName := "<your-resource-group-name>"
    clusterName := "<your-aks-cluster-name>"
    client := containerservice.NewManagedClustersClient(subscriptionID)
    client.Authorizer = authorizer
    credentials, err := client.ListClusterAdminCredentials(context.Background(), resourceGroupName, clusterName)
    if err != nil {
        panic(err.Error())
    }
    kubeconfig := string(credentials.Kubeconfigs[0].Value)

    // Create a Kubernetes clientset
    config, err := rest.InClusterConfig()
    if err != nil {
        config, err = clientcmd.NewClientConfigFromBytes([]byte(kubeconfig)).ClientConfig()
        if err != nil {
            panic(err.Error())
        }
    }
    clientset, err := kubernetes.NewForConfig(config)
    if err != nil {
        panic(err.Error())
    }

    // <span class=" active-doc-0" data-doc-items="0">List all the namespaces present in the AKS cluster[1](#doc-pos=0)</span>
    namespaces, err := clientset.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
    if err != nil {
        panic(err.Error())
    }

    // Print the name of each namespace
    for _, ns := range namespaces.Items {
        fmt.Println(ns.Name)
    }
}

    This code first uses the Azure SDK for Go to authenticate with the AKS cluster using Azure Active Directory authentication and get the cluster credentials. Then it creates a Kubernetes clientset using the credentials and lists all the namespaces present in the AKS cluster.

    Hope this helps.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest