The token will be stored at /var/run/secrets/kubernetes.io/serviceaccount/token in container. (See here)
Three ways to use:
- By code: Kubernetes Python library
- With kubectl binary: it will use the token automatically as your credentials. So we can do
kubectl get powithin the pod - curl: eg:
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
API_ENDPOINT=$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT_HTTPS
curl --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
-H 'Authentification: Bearer $TOKEN' \
https://$API_ENDPOINT/v1/api/pods