Launching a pod in a different k8s cluster from a pod running in a different k8s cluster

Question

是否可以从 K8 集群 C 中运行的 pod 中启动名为 B 的 K8s 集群中的 pod。

Answer 1

Yes , run the pod in Cluster C with service account that has the authenitcation and authorization to launch pods in Cluster B , or embed some other credentails in the pod on cluster C that can do the same on cluster B , moreover , the API server of cluster B need to be accessable from pod on cluster C.

The simple way to test is run a pod on C with kubectl installed , and kubeconfig of cluster B , and just run the kubectl command.

It doesnt matter from where ( cluster , pod , container , machine) you are accessing the API server. You just need kubectl/client library with proper credentails.

Answer 2

Yes. It's a hacky way but it's possible.

In addition, the guidelines are generally the same as in this answer:

How I create new namespace in Kubernetes

In a pod in cluster B you can call:

$ kubectl apply -f  <your pod-definition>

Which creates a pod in cluster C, and ~/.kube/config points to cluster C.

You can also set up a role and the whole RBAC and issue a curl from cluster B to cluster B.

$ curl -k -H -X POST -H 'Content-Type: application/json' \
                     -H 'Authorization: Bearer <token>' \
                     https://$KUBERNETES_SERVICE_HOST:6443/api/v1/namespaces/namespace/pods -d '
{
    "apiVersion": "v1",
    "kind": "Pod",
    "metadata": {
        "name": "mypod"
        "namespace": "mynamespace",

    },
    "spec": {
        "containers": [
           {
              ...
           }
        ]
        ...
     }
}'

Or also use a library like client-go or/and kubernetes-client/python .