kubernetes_asyncio icon indicating copy to clipboard operation
kubernetes_asyncio copied to clipboard

Published 20 hours ago verified publisher icon tomplus

add Azure (with AD) support

Open tomplus opened this issue 5 years ago • 5 comments

The latest version of https://github.com/kubernetes-client/python supports Azure AKS integrated with Azure Active Directory (https://github.com/kubernetes-client/python-base/pull/77).

tomplus avatar Jul 28 '18 23:07 tomplus

The official library uses adel - AD library for python which is currently synchronous (https://github.com/AzureAD/azure-activedirectory-library-for-python/issues/93). First we should extend this library, find a replacement or implement some basic behavior here.

tomplus avatar Aug 31 '18 21:08 tomplus

For the record, ADAL Python (and its cousin MSAL Python) supports token cache behavior. It allows you to reuse a token so that most of the time you don't actually need to send out any network call.

rayluo avatar Apr 04 '19 22:04 rayluo

I'm afraid is not enough to build full asynchronous applications.

tomplus avatar Jun 06 '20 14:06 tomplus

To clarify:

  • The MSAL's token cache I mentioned earlier, is NOT about asynchronous in itself. But, given that tokens are already cached, actual authentication/authorization requests would become very infrequent by its nature. For example, an access token would typically be valid for 1 hour. That hints, an app utilizing an access token to its fullest, would only need to send out auth request once per hour. Such a low load does not necessitate an asynchronous architecture.

  • Since I left the comment one year ago, MSAL supports customized http client recently. This feature is still NOT directly about asynchronous in itself. But, it may theoretically make it possible to plug in an async http client.

rayluo avatar Jun 06 '20 19:06 rayluo

The second option sounds good to me. Thanks for clarifying possibilities.

tomplus avatar Jun 06 '20 20:06 tomplus