版本确定：

k8s 1.14
kubernetes python包: 10.0.1
pip install kubernetes

1 使用~/.kube/config文件，然后执行代码:

这种方式是使用配置文件的方式

from kubernetes import client, config
# Configs can be set in Configuration class directly or using helper utility
config.load_kube_config()
v1 = client.CoreV1Api()
print("Listing pods with their IPs:")
ret = v1.list_pod_for_all_namespaces(watch=False)
for i in ret.items:
    print("%s\t%s\t%s" % (i.status.pod_ip, i.metadata.namespace, i.metadata.name))

2 使用基于RABC的访问控制

可以首先创建一个叫做admin-user的账号且绑定admin-cluster这个角色(注意第7行的三个破折号要写上)
配置文件:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

创建好了叫做admin-user账号且绑定cluset-admin角色之后就开始查询token

kubectl describe secret ** -n kube-system

代码:
在如下代码中6443就是apiserver的安全端口，非安全端口是8080

class ClientKubernetes(object):

    def __init__(self):
        """
        method one:   copy ~/.kube/config to local~/.kube then do the following

        config.load_kube_config()
        self.client = client.CoreV1Api()

        method two:  as you can see in below
        """
        ApiToken = "***"
        configuration = client.Configuration()
        setattr(configuration, 'verify_ssl', False)
        client.Configuration.set_default(configuration)
        configuration.host = "https://ip:6443"
        # configuration.verify_ssl = False
        # configuration.debug = True
        configuration.api_key = {"authorization": "Bearer " + ApiToken}
        client.Configuration.set_default(configuration)
        self.clientInstance = client.CoreV1Api(client.ApiClient(configuration))
        self.clientIngress = client.ExtensionsV1beta1Api()
        self.apis_api = client.AppsV1Api()

参考: https://blog.csdn.net/jinguangliu/article/details/89284287