Kubernetes API相关知识
Kubernetes集群中,所有组件需要操作集群资源时都通过调用kube-apiserver提供的RESTful接口来实现。kube-apiserver进一步和etcd交互,完成资源信息的更新。
Kubernetes中的资源本质上是一个API对象,这个对象的期望状态被APIServer保存在etcd中,然后提供RESTful接口用于更新这些对象。
与kube-apiserver的交互方式可以是直接交互,也可以是通过kubectl或client-go的方式。
准备工作
使用kind准备一个Kubernetes集群
Curl方式访问API
准备工作
kube-apiserver提供的是双向TLS认证的HTTPS服务,所以这里xshell开启一个命令行窗口,通过kubectl代理暴露API Server服务
[root@test ~]# kubectl proxy --port=8080
Starting to serve on 127.0.0.1:8080
在另一个命令行窗口进行测试
[root@test ~]# curl localhost:8080/version
{
"major": "1",
"minor": "21",
"gitVersion": "v1.21.14",
"gitCommit": "0f77da5bd4809927e15d1658fb4aa8f13ad890a5",
"gitTreeState": "clean",
"buildDate": "2022-10-26T15:31:07Z",
"goVersion": "go1.16.15",
"compiler": "gc",
"platform": "linux/amd64"
}
创建nginx-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deploy
namespace: default
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
资源创建
curl执行命令
curl -X POST -H \
'Content-Type: application/yaml' \
--data-binary '@nginx-deploy.yaml' \
http://localhost:8080/apis/apps/v1/namespaces/default/deployments
返回参数
{
"kind": "Deployment",
"apiVersion": "apps/v1",
"metadata": {
"name": "nginx-deploy",
"namespace": "default",
"uid": "d6cf96bb-c831-4efd-9e30-3983edb4ceb4",
"resourceVersion": "1347583",
"generation": 1,
"creationTimestamp": "2023-04-15T10:00:41Z",
"managedFields": [
{
"manager": "curl",
"operation": "Update",
"apiVersion": "apps/v1",
"time": "2023-04-15T10:00:41Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:spec":{"f:progressDeadlineSeconds":{},"f:replicas":{},"f:revisionHistoryLimit":{},"f:selector":{},"f:strategy":{"f:rollingUpdate":{".":{},"f:maxSurge":{},"f:maxUnavailable":{}},"f:type":{}},"f:template":{"f:metadata":{"f:labels":{".":{},"f:app":{}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:ports":{".":{},"k:{\"containerPort\":80,\"protocol\":\"TCP\"}":{".":{},"f:containerPort":{},"f:protocol":{}}},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}}}
}
]
},
"spec": {
"replicas": 3,
"selector": {
"matchLabels": {
"app": "nginx"
}
},
"template": {
"metadata": {
"creationTimestamp": null,
"labels": {
"app": "nginx"
}
},
"spec": {
"containers": [
{
"name": "nginx",
"image": "nginx:1.14.2",
"ports": [
{
"containerPort": 80,
"protocol": "TCP"
}
],
"resources": {
},
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File",
"imagePullPolicy": "IfNotPresent"
}
],
"restartPolicy": "Always",
"terminationGracePeriodSeconds": 30,
"dnsPolicy": "ClusterFirst",
"securityContext": {
},
"schedulerName": "default-scheduler"
}
},
"strategy": {
"type": "RollingUpdate",
"rollingUpdate": {
"maxUnavailable": "25%",
"maxSurge": "25%"
}
},
"revisionHistoryLimit": 10,
"progressDeadlineSeconds": 600
},
"status": {
}
}
查看资源对象,已成功创建
[root@test ch3]# kubectl get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deploy 3/3 3 3 2m15s
资源删除
curl执行命令
curl -X DELETE -H 'Content-Type: application/yaml' \
--data 'gracePeriodSeconds:0 orphanDependents: false' \
http://localhost:8080/apis/apps/v1/namespaces/default/deployments/nginx-deploy
返回参数
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Success",
"details": {
"name": "nginx-deploy",
"group": "apps",
"kind": "deployments",
"uid": "d6cf96bb-c831-4efd-9e30-3983edb4ceb4"
}
}
查看资源对象,已成功删除
[root@test ch3]# kubectl get deploy
No resources found in default namespace.
kubectl raw方式访问API
kubectl raw方式默认使用kubeconfig中的连接信息
[root@test ch3]# kubectl get --raw /version
{
"major": "1",
"minor": "21",
"gitVersion": "v1.21.14",
"gitCommit": "0f77da5bd4809927e15d1658fb4aa8f13ad890a5",
"gitTreeState": "clean",
"buildDate": "2022-10-26T15:31:07Z",
"goVersion": "go1.16.15",
"compiler": "gc",
"platform": "linux/amd64"
}
资源查询
查询Pod信息
kubectl get --raw /apis/apps/v1/namespaces/default/deployments/nginx-deploy
GV & GVK & GVR
- GV: API Group & Version
- API Group 是相关 API 功能的集合
- 每个 Group 拥有一或多个 Versions
- GVK: Group Version Kind
- 每个 GV 都包含 N 个 api 类型,称之为 Kinds,不同 Version 同一个 Kinds 可能不同
- GVR: Group Version Resource
- Resource 是 Kind 的对象标识,一般来 Kind 和 Resource 是 1:1 的,但是有时候存在 1:n 的关系,不过对于 Operator 来说都是 1:1 的关系
举例说明:
apiVersion: apps/v1 # 这个是 GV,G 是 apps,V 是 v1
kind: Deployment # 这个就是 Kind
sepc: # 加上下放的 spec 就是 Resource了
...
根据 GVK K8s 就能找到你到底要创建什么类型的资源,根据你定义的 Spec 创建好资源之后就成为了 Resource,也就是 GVR。GVK/GVR 就是 K8s 资源的坐标,是创建/删除/修改/读取资源的基础
每个人都有潜在的能量,只是很容易被习惯所掩盖,被时间所迷离,被惰性所消磨~