dotnet-kube-client: The request failed with unexpected status code 'Forbidden' when connecting to AKS (dev spaces)
hi,
- I’m running VS 2017 15.9.3 Preview 1.0.
- I’m have installed the VS Kubernetes Tools.
- I’ve deployed an ASPnet core 2.2 mvc app.
I’ve seen this issue: tintoy/dotnet-kube-client#20
However, my issue is slightly different. I create an AKS, and get Azure dev spaces installed. I then deploy a a mvc web project to it using VS 2017.
This is the code I’m using to read my secrets with kube-client.
public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseApplicationInsights()
.ConfigureAppConfiguration(
configuration => GetConfigurationBuilder(configuration)
)
.UseStartup<Startup>()
.UseSetting(WebHostDefaults.ApplicationKey, typeof(Program).GetTypeInfo().Assembly.FullName); // beware of this
private static IConfigurationBuilder GetConfigurationBuilder(IConfigurationBuilder configuration)
{
if (Hosted.ByKubernetes)
{
_isConfiguredKubernetes = true;
return configuration.AddKubeSecret(secretName: DbConnectionString,
clientOptions: KubeClientOptions.FromPodServiceAccount(),
kubeNamespace: "default",
reloadOnChange: true
);
}
_isConfiguredKubernetes = false;
return configuration;
}
this code runs. however, the exception then occurs on this line:
var host = CreateWebHostBuilder(args).Build();
Here’s the exception log:
Exception thrown: 'HTTPlease.HttpRequestException`1' in System.Private.CoreLib.dll: 'The request failed with unexpected status code 'Forbidden'.'
Stack trace:
> at HTTPlease.FormatterResponseExtensions.<ReadContentAsAsync>d__15`2.MoveNext()
> at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
> at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
> at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
> at KubeClient.ResourceClients.KubeResourceClient.<GetSingleResource>d__18`1.MoveNext()
> at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
> at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
> at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
> at KubeClient.ResourceClients.SecretClientV1.<Get>d__1.MoveNext()
> at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
> at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
> at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
> at KubeClient.Extensions.Configuration.SecretConfigurationProvider.Load()
> at Microsoft.Extensions.Configuration.ConfigurationRoot..ctor(IList`1 providers)
> at Microsoft.Extensions.Configuration.ConfigurationBuilder.Build()
> at Microsoft.AspNetCore.Hosting.WebHostBuilder.BuildCommonServices(AggregateException& hostingStartupErrors)
> at Microsoft.AspNetCore.Hosting.WebHostBuilder.Build()
> at Application.Web.Program.Main(String[] args) in /src/application.web/Program.cs:line 25
I have previously created a secret on the AKS with the following command:
kubectl create secret generic application-web-appsettings "--from-literal=DBConnectionString='sql connection string'" -o json
I have verified that the secret exists
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 15 (9 by maintainers)
(so you don’t need to use the client directly, just put the
try/catchin yourMainmethod)