创建cronjob用户和命名空间

1. 创建命名空间

   # 注意命名规则
   kubectl create namespace cyj-schedule
   

2. yaml创建用户

   createaccount.yaml
   
   apiVersion: v1
   kind: ServiceAccount
   metadata:
     name: schedule
     namespace: cyj-schedule
   
   

3. 用户关联管理员权限

   kind: ClusterRoleBinding
   apiVersion: rbac.authorization.k8s.io/v1
   metadata:
     name: schedule
     namespace: cyj-schedule
   subjects:
   - kind: ServiceAccount
     name: schedule
     namespace: cyj-schedule
   roleRef:
     kind: ClusterRole
     name: cluster-admin
     apiGroup: rbac.authorization.k8s.io
   

4. 获取秘钥token

   kubectl -n caiyunjian get sa
   
   kubectl -n cyj-schedule get sa schedule -o yaml
   
   

   kubectl apply -f createaccount.yaml
   

5. token转换

   kubectl get secret schedule-token-vxzl7 -n cyj-schedule -o jsonpath={".data.token"}| base64 -d
   

6. 本地验证

   curl -k -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InhqaFlsWV95RWJfaXMyVTZIRUUzeE5Ib1BBVENFX2lacmxkVFpYM09VWG8ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjeWotc2NoZWR1bGUiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoic2NoZWR1bGUtdG9rZW4tdnh6bDciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoic2NoZWR1bGUiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJhMzY5MTJiYS05NDkyLTQ5ZWUtOTAxYS02NGYyOTZkOGZlY2QiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6Y3lqLXNjaGVkdWxlOnNjaGVkdWxlIn0.BPT4XCK2Eos9lNj3prcTPKnAO56G21nt9Xr0Vjh7mFs1HUU2B9xgjiE2Nk6U0NMZlZIIln924ZEzezdaDQYu5e03vT55_wImbQLOdIgEuqWOD9fV2TydNg214tMcS2PEEIHvh5whJRzrUzlJXyipHmNmHHA99KUyVJVduCJj5-eXJS2FeoOWkUHDd1zPeKe0Z-2BbSJkcgBbcQh1TKp4MvtOvZca0ZGk_H9uuLQ_9EI5ENdszDTisUaMVkXemArF_19AkBS4U1HHKj6CDSbLDD5D_Fc8nNbkHYlm4NTqb259dBUgo0fzsm1LOlecpW1T92J52PWiCmlIu4h7kNV7LQ' https://127.0.0.1:6443/api
   
   

7. fabric8远程调用

   public static void main(String[] args) {
           String master = "https://182.44.3.11:6443/";
           if (args.length == 1) {
               master = args[0];
           }
   
           log("Using master with url ", master);
           String base64Token = "eyJhbGciOiJSUzI1NiIsImtpZCI6InhqaFlsWV95RWJfaXMyVTZIRUUzeE5Ib1BBVENFX2lacmxkVFpYM09VWG8ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJjeWotc2NoZWR1bGUiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoic2NoZWR1bGUtdG9rZW4tdnh6bDciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoic2NoZWR1bGUiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJhMzY5MTJiYS05NDkyLTQ5ZWUtOTAxYS02NGYyOTZkOGZlY2QiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6Y3lqLXNjaGVkdWxlOnNjaGVkdWxlIn0.BPT4XCK2Eos9lNj3prcTPKnAO56G21nt9Xr0Vjh7mFs1HUU2B9xgjiE2Nk6U0NMZlZIIln924ZEzezdaDQYu5e03vT55_wImbQLOdIgEuqWOD9fV2TydNg214tMcS2PEEIHvh5whJRzrUzlJXyipHmNmHHA99KUyVJVduCJj5-eXJS2FeoOWkUHDd1zPeKe0Z-2BbSJkcgBbcQh1TKp4MvtOvZca0ZGk_H9uuLQ_9EI5ENdszDTisUaMVkXemArF_19AkBS4U1HHKj6CDSbLDD5D_Fc8nNbkHYlm4NTqb259dBUgo0fzsm1LOlecpW1T92J52PWiCmlIu4h7kNV7LQ";
           Config config = new ConfigBuilder()
                   .withTrustCerts(true)
                   .withMasterUrl(master)
                   .withNamespace("cyj-schedule")
                   .withOauthToken(base64Token)
                   .build();
           try (final KubernetesClient client = new KubernetesClientBuilder().withConfig(config).build()) {
               final String namespace = client.getNamespace();
               log("nameSpace:", namespace);
               CronJob cronJob1 = new CronJobBuilder()
                       .withApiVersion("batch/v1")
                       .withNewMetadata()
                       .withName("cyj.shedule.timezone")
                       .withLabels(Collections.singletonMap("foo", "bar"))
                       .endMetadata()
                       .withNewSpec()
                       // 时区
                       .withTimeZone("Asia/Shanghai")
                       .endSpec()
                       .withNewSpec()
                       .withSchedule("* * * * ?")
                       .withNewJobTemplate()
                       .withNewSpec()
                       .withNewTemplate()
                       .withNewSpec()
                       .addNewContainer()
                       .withName("schedule-task")
                       .withImage("busybox")
                       .withArgs("/bin/sh", "-c", "date; echo Hello xcg 9:45;")
                       .endContainer()
                       .withRestartPolicy("OnFailure")
                       .endSpec()
                       .endTemplate()
                       .endSpec()
                       .endJobTemplate()
                       .endSpec()
                       .build();
   
               log("Creating cron job from object");
   
               // 新增 k8s cronjob
               try {
                   cronJob1 = client.batch().v1().cronjobs().inNamespace(namespace).create(cronJob1);
                   log("cronjob info", cronJob1.toString());
               } catch (Exception e) {
                   e.printStackTrace();
                   // log("create cronjob failed", e.printStackTrace());
               }
   
           } catch (KubernetesClientException exception) {
               log("An error occured while processing cronjobs:", exception.getMessage());
           }
       }