I am running a KubernetesPodOperator as below:
with DAG(DAG_NAME, default_args=default_args, schedule_interval=None) as dag:
start_task = DummyOperator(task_id='start_task')
k8s_task = KubernetesPodOperator(namespace=namespace,
image="python:3.6",
cmds=["python","-c"],
arguments=["print('hello world')"],
labels={"foo": "bar"},
name="airflow-test-pod",
task_id="passing-task",
in_cluster=False,
config_file='/include/.kube/config',
is_delete_operator_pod=True,
get_logs=True,
dag=dag
)
The config_file is copied from my local machine using - .kube/config:/opt/airflow/include/.kube/config in the webserver service section of the docker-compose.
However, when I run the task, I get a failure with the following stacktrace:
Reason: Forbidden
HTTP response headers: HTTPHeaderDict({'Audit-Id': 'ba9f64ae-c40b-4c66-8ce8-a0b546667468', 'Cache-Control': 'no-cache, private', 'Content-Type': 'application/json', 'X-Content-Type-Options': 'nosniff', 'X-Kubernetes-Pf-Flowschema-Uid': 'be9df35b-0e2e-4c70-9b35-14be91d563e0', 'X-Kubernetes-Pf-Prioritylevel-Uid': '2ccf40a9-54c8-47b4-8e83-d87415d5fc9a', 'Date': 'Fri, 25 Mar 2022 10:30:28 GMT', 'Content-Length': '375'})
HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"pods \"***-test-pod.facbe86a27ac400ab37506ea73ac45d5\" is forbidden: User \"system:anonymous\" cannot patch resource \"pods\" in API group \"\" in the namespace \"default\"","reason":"Forbidden","details":{"name":"***-test-pod.facbe86a27ac400ab37506ea73ac45d5","kind":"pods"},"code":403}
I have tried checking other questions, but none seems to be helping. Anyone know what I am doing wrong? TIA
