英文:

parsed kubeconfig is invalid for incluster kube-rs usage

问题

我正试图在k8s部署中从kube-rs/kube内部使用它，如下所示：

```rust
let client = Client::try_default().await?;

但在尝试将JWT令牌作为kubeconfig文件处理时出现错误：

kubeconfig：（解析的kubeconfig结构无效：无效类型：字符串“XXX”

其中XXX是一个b64令牌。

我找不到任何文档来解释如何在incluster与独立模式下不同实例化客户端（独立模式正常工作，因为它在我的开发机器上找到~/.kube/config）。

K8s集群由Digital Ocean管理。

我的图表创建了一个服务帐户，该服务帐户在解码的令牌中被命名，kube-rs调用以实例化客户端，它尝试将令牌处理为kubeconfig文件时出现问题。

<details>
<summary>英文:</summary>

I am trying to use kube-rs/kube from within a k8s deployment as:

let client = Client::try_default().await?;

but get errors as it tries to process a JWT token as a kubeconfig file:

kubeconfig: (the structure of the parsed kubeconfig is invalid: invalid type: string "XXX"

where XXX is a b64 token.

I can't find any docs explaining how to instantiate the client differently incluster vs standalone (standalone works as it finds `~/.kube/config` on my dev machine).

The k8s cluster is managed k8s at Digital Ocean.  

My chart creates a service account which is named in the decoded token the kube-rs call to instantiate the client is choking on as it tries to process the token as a `kubeconfig` file.

</details>


# 答案1
**得分**: 0

问题与 kube-rs 的使用无关。我的服务帐户在我的图表中被错误地指定，并且错误地定义了 `KUBECONFIG` 环境变量，告诉我的应用程序将令牌文件视为 `kubeconfig`。

移除 `KUBECONFIG` 环境变量，并移除服务帐户的显式卷挂载解决了这个问题，现在代码足够智能，能够识别它是否处于 `incluster` 上下文中。

<details>
<summary>英文:</summary>

Issue was not related to kube-rs usage.  My service account was improperly specified in my chart and a `KUBECONFIG` env var was erroneously defined telling my app to think the token file was a `kubeconfig`.

Removing the `KUBECONFIG` env var and removing the explicit volume mounts for the service account solved this issue and the code is now smart enough to recognize when it is in `incluster` context.

</details>