Ensure k8s config compatibility with kubernetes==12 python client + support proxies

[chadlwilson]

This PR makes two changes related to the way the Kubernetes python client is configured:

1. Fixes behaviour with Kubernetes python client v12 (fixes kubernetes lib 12.0.0 breaks authentication mechanism# #72)
2. Adds support for use behind TLS passthrough forward proxies via standard OS env vars, similar to kubectl (fixes Support accessing K8S API server via HTTPS_PROXY env vars #64)

Kubernetes Python client v12 compatibility

The Kubernetes python client v12 seems to have somehow changed the way the default configuration works; such that if you create a Configuration() object you don't get the default configuration by default.

See kubernetes-client/python#1284 and kubernetes-client/python@b4d11b0#diff-59aff6ce4d28aa662f8b411b9d0dfe4f3e949c32a5edaf8e08905b58e7a41ee3L69-R71

Since we don't actually try to customise the ApiClient or the Configuration at all, it seems we are better to let the client handle creating with defaults that we have previously loaded.

Previously the script would fail on Kubernetes Python Client v12

• at modify_k8s_autoscaler if enabled
• at cordon|taint nodes depending on your TAINT_NODES setting (after waiting for node counts to match)

Notable is that it would get past node count matching; probably because that code didn't construct a manual configuration.

e.g

2020-10-26 00:26:29,033 ERROR    Encountered an error when adding taint/ cordoning node ip-xx-yy-zz.ap-southeast-1.compute.internal
2020-10-26 00:26:29,033 ERROR    HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /api/v1/nodes/ip-xx-yy-zz.ap-southeast-1.compute.internal (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x11281c828>: Failed to establish a new connection: [Errno 61] Connection refused'))

Changes tested with both Kubernetes client v10 and v12.

HTTPS_PROXY/HTTP_PROXY support

Adds support for standard OS-level env vars to set the proxy on the default configuration loaded from either the in-cluster or standard kube config.

This will only work for TLS passthrough proxies; since the client validates the certificates. Tested with mitmproxy against a real cluster.

[codecov]

Codecov Report

Merging #73 into master will increase coverage by 2.80%.
The diff coverage is 38.88%.

@@            Coverage Diff             @@
##           master      #73      +/-   ##
==========================================
+ Coverage   32.84%   35.65%   +2.80%     
==========================================
  Files           9        9              
  Lines         618      603      -15     
==========================================
+ Hits          203      215      +12     
+ Misses        415      388      -27     

Impacted Files	Coverage Δ
eksrollup/cli.py	0.00% <0.00%> (ø)
eksrollup/lib/k8s.py	47.91% <43.75%> (+12.76%)	⬆️
eksrollup/lib/aws.py	56.41% <0.00%> (-1.05%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c346bac...5694dfb. Read the comment docs.

[chadlwilson]

Removed these because they are duplicated by requirements.txt; both of which are installed to run tests in the Makefile; making it easier to switch versions when running unit tests.

[crhuber]

@chadlwilson Thanks for the contribution

[chadlwilson]

You're welcome - thanks for keeping on top of the PRs @crhuber !