通过io.kubernetes:client-java调用kubernetes的api接口

1.引入依赖

        <dependency>
            <groupId>io.kubernetes</groupId>
            <artifactId>client-java</artifactId>
            <version>15.0.1</version>
        </dependency>

 

2.代码实现

@Service
public class K8sApiService {

    @PostConstruct
    public void initClient() throws IOException, URISyntaxException {
        //这种方式是通过证书的方式调用
        //ClientBuilder builder = new ClientBuilder();
        //String token = new String(Files.readAllBytes(Paths.get("C:\\Users\\xdd\\Downloads\\token")), Charset.defaultCharset());
        //builder.setCertificateAuthority(Files.readAllBytes(Paths.get("C:\\Users\\xdd\\Downloads\\ca.crt")));
        //builder.setAuthentication(new AccessTokenAuthentication(token));
        //ApiClient apiClient = builder.build();
        //URI uri = new URI("https", (String) null, "10.10.10.1", 6443, (String) null, (String) null, (String) null);
        //apiClient.setBasePath(uri.toString());
        
        //这种方式需要创建ServiceAccount使用
        ApiClient apiClient = ClientBuilder.cluster().build();
        Configuration.setDefaultApiClient(apiClient);
    }
    
    public void api() {
        CoreV1Api v1Api = new CoreV1Api();
        
        //CoreV1Api有许多接口，需要自己去看官方文档和源码食用
        V1PodList v1PodList=v1Api.listNamespacedPod("my-ns",null,null,null,null,"team=pero,user=xdd",null,null,null,60,false);

    }
    
}

 

3.将项目代码打包成镜像 pero-xdd:no1，在k8s集群容器化部署

 

4.相关yaml

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: k8s-api-cr
  labels:
    app: k8s-api
rules:
- apiGroups:
  - ''
  resources: #需要操作的k8s资源类型
  - services
  - pods
  - configmaps
  verbs: #需要做的相关操作
  - create
  - list
  - delete
  - deletecollection
  - get
  - update
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: k8s-api-sa
  namespace: my-ns
  labels:
    app: k8s-api
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: k8s-api-crb
  labels:
    app: k8s-api
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: k8s-api-cr
subjects:
- kind: ServiceAccount
  name: k8s-api-sa
  namespace: my-ns
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    team: "pero"
	user: "xdd"
  name: k8s-api-deploy
  namespace: my-ns
spec:
  replicas: 1
  selector:
    matchLabels:
	  name: k8s-api-deploy
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      labels:
        name: k8s-api-deploy
    spec:
	  # 关键，需要配置有对应操作权限的serviceAccount
      serviceAccountName: k8s-api-sa
      containers:
      - image: pero-xdd:no1
        imagePullPolicy: Always
        name: container-0
        ports:
        - containerPort: 8080
          name: http-c-0-p-0
          protocol: TCP
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      terminationGracePeriodSeconds: 30

 

5.其他

使用fabric8.kubernetes.client时，如果配置了timeout参数，需要给ClusterRole配置watch权限。 

 

 

参考连接：

1.[k8s官方接口文档，可以手动改版本，选择自己需要的]

https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/

2.[k8s中文版文档官网]

https://kubernetes.io/zh-cn/docs/home/

3.[字段选择器（field-selector）标签选择器（labels-selector）和筛选 Kubernetes 资源]

https://blog.csdn.net/fly910905/article/details/102572878/