Kubernetes 이야기

kubernetes apiserver 를 통해 Cluster 정보 조회 본문

Kubernetes/일반

kubernetes apiserver 를 통해 Cluster 정보 조회

kmaster 2023. 12. 25. 23:43
반응형

 

인증 설정방법

 

0) 접근하는 API 서버 설정

KUBE_SERVER=$(kubectl config view -o jsonpath='{.clusters[0].cluster.server}')

 

1) x.509 인증 방식으로 apiserver 접근 시 호출방법

curl --cert <path-to-cert-file> --key <path-to-key-file> --cacert <path-to-ca-file> \
$KUBE_SERVER/api/v1/pods

 

2) token 정보를 활용하여 apiserver 접근 시 호출방법

curl --insecure --header "Authorization: Bearer $KUBE_TOKEN" $KUBE_SERVER/api/v1/pods

 

 

API 사용예제

 

- 모든 pod list 호출방법

curl -k --cert 111.cert --key 111.key --cacert 111.ca \
-X GET https://$KUBE_SERVER/api/v1/pods

 

- namespace안에  pod list 호출방법

$KUBE_SERVER/api/v1/namespaces/$NAMESPACE/pods

 

- 모든 deployment list 호출방법

$KUBE_SERVER/api/v1/deployments

 

- Update

$ curl $KUBE_SERVER/api/v1/namespaces/default/deployments/sleep \
  --cacert 111.ca \
  --cert 111.cert \
  --key 111.key \
  -X PUT \
  -H 'Content-Type: application/yaml' \
  -d '---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: sleep
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sleep
  template:
    metadata:
      labels:
        app: sleep
    spec:
      containers:
      - name: sleep
        image: curlimages/curl
        command: ["/bin/sleep", "730d"] 
'

 

- Patch

$ curl $KUBE_SERVER/api/v1/namespaces/default/deployments/sleep \
  --cacert 111.ca \
  --cert 111.cert \
  --key 111.key \
  -X PATCH \
  -H 'Content-Type: application/merge-patch+json' \
  -d '{
  "spec": {
    "template": {
      "spec": {
        "containers": [
          {
            "name": "sleep",
            "image": "curlimages/curl",
            "command": ["/bin/sleep", "1d"]
          }
        ]
      }
    }
  }
}'

 

- DELETE

$ curl $KUBE_SERVER/api/v1/namespaces/default/deployments/sleep \
  --cacert 111.ca \
  --cert 111.cert \
  --key 111.key \
  - X DELETE

 

- CRD

curl -k -X GET https://<kubernetes-api-server>/apis/<group>/<version>/<resource-plural>

 

- Raw Mode

kubectl get --raw /api/v1/

 

- openapi 사양 ( swagger 구문으로 표현 )

kubectl get --raw /openapi/v2  > k8s-openapi-v2.json

 

 

- openapi v3 사양

/openapi/v3/<group>/<version>?hash=<HASH>

[example]
kubectl get --raw /openapi/v3/apis/apps/v1  > k8s-openapi-v3.json

 

반응형
Comments