本文介绍了如何使用curl命令行工具直接访问Kubernetes的apiServer,通过在本地端口运行apiServer并查看命令日志获取API URL,然后利用curl进行Kubernetes集群的操作。
首先,运行kubectl proxy命令让apiServer在本地端口运行:
ubuntu@perf-calico-0:~$ kubectl proxy --port=8080 &
[1] 19016
Starting to serve on 127.0.0.1:8080
用-v参数可以查看某个kubectl命令的详细日志,从而找到某个api的http方法url:
ubuntu@perf-calico-0:~$ kbctl apply -f np -v 7
I1222 03:47:46.382302 30513 loader.go:375] Config loaded from file: /home/ubuntu/.kube/config
I1222 03:47:46.596496 30513 round_trippers.go:420] POST https://10.117.9.237:6443/apis/networking.k8s.io/v1/namespaces/default/networkpolicies
I1222 03:47:46.596523 30513 round_trippers.go:427] Request Headers:
I1222 03:47:46.596535 30513 round_trippers.go:431] User-Agent: kubectl/v1.18.12 (linux/amd64) kubernetes/7cd5e90
I1222 03:47:46.596550 30513 round_trippers.go:431] Accept: application/json
I1222 03:47:46.596563 30513 round_trippers.go:431] Content-Type: application/json
I1222 03:47:46.604439 30513 round_trippers.go:446] Response Status: 201 Created in 7 milliseconds
networkpolicy.networking.k8s.io/web-allow-external created
I1222 03:47:46.605635 30513 apply.go:393] Running apply post-processor function
ubuntu@perf-calico-0:~$ kbctl delete -f np -v 7
I1222 03:47:57.716249 30702 loader.go:375] Config loaded from file: /home/ubuntu/.kube/config
I1222 03:47:57.726138 30702 round_trippers.go:420] DELETE https://10.117.9.237:6443/apis/networking.k8s.io/v1/namespaces/default/networkpolicies/web-allow-external
I1222 03:47:57.726206 30702 round_trippers.go:427] Request Headers:
I1222 03:47:57.726229 30702 round_trippers.go:431] Accept: application/json
I1222 03:47:57.726247 30702 round_trippers.go:431] User-Agent: kubectl/v1.18.12 (linux/amd64) kubernetes/7cd5e90
I1222 03:47:57.726266 30702 round_trippers.go:431] Content-Type: application/json
I1222 03:47:57.743853 30702 round_trippers.go:446] Response Status: 200 OK in 17 milliseconds
networkpolicy.networking.k8s.io "web-allow-external" deleted
用curl访问之前得到的API URL,直接通过APIServer对Kubernetes进行操作。访问kubectl proxy打开的本地端口也可以:
ubuntu@perf-calico-0:~$ curl -k -X POST -H 'Content-Type: application/yaml' --data "$(cat np.yml)" \
"http://localhost:8080/apis/networking.k8s.io/v1/namespaces/default/networkpolicies"
{
"kind": "NetworkPolicy",
"apiVersion": "networking.k8s.io/v1",
"metadata": {
"name": "perf.noisy-0",
"namespace": "default",
"selfLink": "/apis/networking.k8s.io/v1/namespaces/default/networkpolicies/perf.noisy-0",
"uid": "3635ec29-0e07-4422-907e-af00154495b1",
"resourceVersion": "1371620",
"generation": 1,
"creationTimestamp": "2020-12-22T03:40:44Z",
"managedFields": [
{
"manager": "curl",
"operation": "Update",
"apiVersion": "networking.k8s.io/v1",
"time": "2020-12-22T03:40:44Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:spec":{"f:egress":{},"f:podSelector":{"f:matchLabels":{".":{},"f:app":{}}},"f:policyTypes":{}}}
}
]
},
"spec": {
"podSelector": {
"matchLabels": {
"app": "scale-1"
}
},
"egress": [
{
"ports": [
{
"protocol": "TCP",
"port": 666
}
],
"to": [
{
"podSelector": {
"matchLabels": {
"app": "scale-0"
}
}
}
]
}
],
"policyTypes": [
"Ingress",
"Egress"
]
}
}
ubuntu@perf-calico-0:~$ curl -k -X DELETE 'http://localhost:8080/apis/networking.k8s.io/v1/namespaces/default/networkpolicies/perf.noisy-0'
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Success",
"details": {
"name": "perf.noisy-0",
"group": "networking.k8s.io",
"kind": "networkpolicies",
"uid": "3635ec29-0e07-4422-907e-af00154495b1"
}
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
