kubernetes-client
Unable to load kube config within an AWS Lambda
What happened (please include outputs or screenshots): I like to execute this code snippet within a lambda
"""
Creates a deployment using AppsV1Api from file nginx-deployment.yaml.
"""
from os import path
import yaml
from kubernetes import client, config
def handler(event, context):
# Configs can be set in Configuration class directly or using helper
# utility. If no argument provided, the config will be loaded from
# default location.
config.load_kube_config()
with open(path.join(path.dirname(__file__), "yaml_dir/nginx-deployment.yaml")) as f:
dep = yaml.safe_load(f)
k8s_apps_v1 = client.AppsV1Api()
resp = k8s_apps_v1.create_namespaced_deployment(
body=dep, namespace="default")
print(f"Deployment created. Status='{resp.metadata.name}'")
What you expected to happen: I expect load_kube_config() to work
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?: I like to know how to create a Kubernetes deployment from within a Lambda Environment:
- Kubernetes version (
kubectl version): - OS (e.g., MacOS 10.13.6):
- Python version (
python --version) - Python client version (
pip list | grep kubernetes)
@yliaog: This request has been marked as needing help from a contributor.
Guidelines
Please ensure that the issue body includes answers to the following questions:
- Why are we solving this issue?
- To address this issue, are there any code changes? If there are code changes, what needs to be done in the code and what places can the assignee treat as reference points?
- Does this issue have zero to low barrier of entry?
- How can the assignee reach out to you for help?
For more details on the requirements of such an issue, please see here and ensure that they are met.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.
In response to this:
/help
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
To clarify, I'm deploying an AWS Lambda function with the goal of testing whether the Kubernetes Python client can function properly within the Lambda environment and EKS.
Lambda runtimes are minimal by design—they include only the language runtime and a few AWS-provided libraries. Unless you use Lambda Layers or custom runtimes, you're limited in what system-level tools and packages are available. There are also strict size constraints (on layers, deployment packages, and the /tmp file system). As a result, typical Linux utilities and system packages are not present.
One of the main challenges is loading the Kubernetes configuration. In a standard environment, you might run commands like:
aws eks update-kubeconfig --region my-region --name my-cluster
kubectl config set-context my-context --cluster=my-cluster --user=my-user
However, these are not available in Lambda. Here's a simplified version of the code I'm testing:
from os import path
import yaml
from kubernetes import client, config
def handler(event, context):
# Attempts to load kubeconfig from the default location
config.load_kube_config()
This approach fails because the expected kubeconfig file and supporting tools are missing or inaccessible in the Lambda environment.
This is really a bummer for me. Hope someone can advise.
I've been trying out a particular approach using eks-token package with additional massaging of returned token format, and it works. I thought I should touch base with someone here to understand if there are any standard practice when it comes to AWS Lambda execution.