python icon indicating copy to clipboard operation
python copied to clipboard
verified publisher icon kubernetes-client

empty pod name leads to list pods for read namespaced pod endpoint

Open pratikmallya opened this issue 8 months ago • 2 comments

What happened (please include outputs or screenshots):

When calling read_namespace_pod method with an empty string, we accidentally hit the list pods endpoint. This can cause unexpected behavior, such as OOMKills, if the number of pods in the cluster is very large.

What you expected to happen: If an empty string is given, the client should always throw a 404

How to reproduce it (as minimally and precisely as possible): set the log level of urllib3 to DEBUG

>>> logger = logging.getLogger("urllib3")
>>> logger.setLevel(logging.DEBUG)

then call the read_namespaced_pod method with an empty string. The log line looks like:

{"timestamp": "2025-04-07T06:16:11.008466+0000", "levelname": "debug", "filename": "connectionpool.py", "thread_name": "MainThread", "process": 602125, "lineno": 547, "message": "https://172.20.0.1:443 \"GET /api/v1/namespaces/dbt-cloud/pods/ HTTP/1.1\" 200 None",}

Anything else we need to know?:

Environment:

  • Kubernetes version (kubectl version):
  • OS (e.g., MacOS 10.13.6):
  • Python version (python --version)
  • Python client version (pip list | grep kubernetes): 29.0.0

pratikmallya avatar Apr 07 '25 13:04 pratikmallya

this works as expected, the k8s API server returns the list of pods for the following API request:

GET https://server_IP/api/v1/namespaces/default/pods

yliaog avatar Apr 09 '25 20:04 yliaog

https://github.com/ForkInABlender/py_integrations/blob/main/golang/kubernetes_within_python3.py

here.....

ForkInABlender avatar May 08 '25 03:05 ForkInABlender

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Aug 06 '25 04:08 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar Sep 05 '25 04:09 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-triage-robot avatar Oct 05 '25 04:10 k8s-triage-robot

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

k8s-ci-robot avatar Oct 05 '25 04:10 k8s-ci-robot