Kubernetes API-Serverへkubectlではなく、curl(http api)でアクセスをする方法
LinuCエヴァンジェリストの鯨井貴博@opensourcetechです。
今回は、Kubernetesでkubectlコマンドではなく、curl(http api)を使ってアクセスする方法の紹介です。
はじめに
kubernetesでは、Pod(コンテナ)などの状態をkubectlコマンドで取得しますが、
クラスターの内部ではAPI-Serve経由で通信が行われています。
この代わりに、apiのURLを直接指定することで同様のことを実施することが可能です。
認証情報の準備
では、kubectlで情報を取得するときにはどこにある認証情報が使われているかというと、
kubectlを実行するユーザのホームディレクトリにある "config"ファイルの
パラメータが使われます。
・certificate-authority-data
・client-certificate-data
・client-key-data
具体例で示すと、以下です。
kubeuser@kubemaster1:~$ ls $HOME/.kube
cache config http-cache
kubeuser@kubemaster1:~$ cat $HOME/.kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1USXdNVEV4TWpJeE5sb1hEVE14TVRFeU9URXhNakl4Tmxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTnJ0CkZFVFVjbitnZjh3T3RPNFFkdmFhNmtzV1hQSk5nckdGbkUrcGtLU2hEU3ZVYXFOcGEvU3J6Zyt6R2JYZXliRTIKdjh0Z242Z0RWVGcwd24vZXR1YVJZc2N1SDVFcnFTamdUbFpRRUo3THpnR2p2OTM2UzRjVCtXdjYrK3pJL2lKcgpFS0lYRWIyVHFvWkpnZEhKVGNHbCsrdjdBYWwvNUdTZWE0SmhjRit5TXRsWFo5NE1ORko2VHp3YyswTVo2VDhkCnVQNjRlWHgvdEtXeDMrdG8ydElCR01jU3hqZDNhTE04bXRLWVo1SzdNTHRuM2hKR0xxM05nb0psdVRub1lWQm8KbVZYVTIrTDFSYnJSS3RmdmIwRWZRNnUwcnFCazNSN0l5MHJRNkl6a1kyVUoxdUNKNVV5UWRvczhjUXdrRlFWdgpLK1UrV2NEanVwbDVPRDhla1ZzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFa0hmRjJmMTl3dmRYQ3hIdVhWZHVNVHVFWTkKaGU4TXZUQTlValhpTm1HWUZYSDQrZW53WGlLL3FOTEh4WUVhR2RLOTJhWGJmcFlGVG5BSkx6cDA4VzFNSTk3WgpoMFVLUVdsWTl2elhPalZLTjEwZnBkY1A5eThvVk0wSWhtWXdDbk9nZmdpRFdtM1QxL2dWbi9lL09xTWlsMmN4CjFjV2ZBeDlpRjlDVVA0ek5WbkUwUlNLQTI5c09TQS9nMEY2a3N0bTlHVmV3enlIZlZaalZUUVFGdEIxbHJTRFMKeitCQ0RFcERmOEFmejhZOXAwVHNESkFsQm5WempKZEhFcnV3TlUzSmVIUDcwZnB1QUtTYmZpT2J0ajBpVDVKMgpuZ1lhUDJVTitJSzYxUHFCb3ZIT3pNeE0rb0ZLODIyTlkvRXJyaEZGdVBJb1FKbEVGNkRPN0IrVUFGQT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
server: https://k8smaster1:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJWDNtZXU5K0s4UFV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TVRFeU1ERXhNVEl5TVRaYUZ3MHlNakV5TURFeE1USXlNakJhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXRuR3ByOVgxTUtMbVhhc04KUHRLOFUyZTdTNFFqb2V5UXdQSTdTSjVvQktFSGpSZDFkNUFRRXFUajRpbFlpODVydnJDRzZXVC84RW00eFQxdgpIYk1EbWdDMXNxVWVINjF0THpQOElkOEtJUjJyRGZFQk9TL3U4RnlVeUpQZyt5VENOaVJXWTZ5U21sL2NaVVFNClNtbDdXVDJPVmtNdzlCa3ZEcTNjRjMxRFdWVkRHS0l0dENxcEZ3d1B1WHE2N0xoNnhHLzlpK05UYVN0YVlPcU8KY2xORXNxQ1NoMVdVUkNiZWtma0k0OFRkTGdZd0dJL3lVV2xpbGEyRzUzOVRSVkEvc2pJVHpSbHVsZXVJY21hcQpvWGJiTThKTTF0UmF2MkJXRTZGbVY0NnFFdjJvMVBWL1kzZFF3Z054V0JJcWZ5NnVzZ2ZoejVuakd2K3BYUlZqClpHaHpzd0lEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFCNitkSndvZ1pNdDJkVHlFdkp3aXhwcnE1U1Rvb3BmRUdISwo5L1loWWtDbmhKY0FSUGg3VXU5bW1yS3VsVWlka2N2SExRaGlFWEMxRzBLbWUyTkNHdGRJQ0V6cHJtbEExOGlvCmlEU2NVR2RqRnpBNkVqMjZFcUQvaVpkZHkxQWtXVlRZT2owKzRSUWVEWE5xa1FnL3FWNStURGpUb0NRNVdrZ0kKQ2lhU3hlTmxSZXc1WmVlTXo2WjU0bGhvcDNTcWlvaVFnbkM1U3dTbENQOEk3NENLVG9RYXNxcEtPSk5HR2JCMgpwRmtQOEJwWXYxTXlpYVgxKzVBYUhHaGVVR29PcG5VaU5RQ3E0ZktBUW94K04rTEl3OWJRdTBPSCsvVmJOdzRzCkYrcG5SRXZ1WG9zTFY3aVBMQXNNSHpHOUpOczhqcFdMZHR1ekpXSG5MQ0Fhb2lMUGNPVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBdG5HcHI5WDFNS0xtWGFzTlB0SzhVMmU3UzRRam9leVF3UEk3U0o1b0JLRUhqUmQxCmQ1QVFFcVRqNGlsWWk4NXJ2ckNHNldULzhFbTR4VDF2SGJNRG1nQzFzcVVlSDYxdEx6UDhJZDhLSVIyckRmRUIKT1MvdThGeVV5SlBnK3lUQ05pUldZNnlTbWwvY1pVUU1TbWw3V1QyT1ZrTXc5Qmt2RHEzY0YzMURXVlZER0tJdAp0Q3FwRnd3UHVYcTY3TGg2eEcvOWkrTlRhU3RhWU9xT2NsTkVzcUNTaDFXVVJDYmVrZmtJNDhUZExnWXdHSS95ClVXbGlsYTJHNTM5VFJWQS9zaklUelJsdWxldUljbWFxb1hiYk04Sk0xdFJhdjJCV0U2Rm1WNDZxRXYybzFQVi8KWTNkUXdnTnhXQklxZnk2dXNnZmh6NW5qR3YrcFhSVmpaR2h6c3dJREFRQUJBb0lCQUFNdDI5MGFoMWsvblhBSQphUVN0TzJiZ3FkelpBcDN4dDF3RlhJOFpZNHFoRzdhVHNCSlRTbFJvMXllN3ZMVkM5Wkd2RmNxL1hjNWNHb0lsClhlaFFsRUY4dmEzTlBzY2lpSUtJRDE2dnVrZDFjdU9kVFg0bm5heEdrTGttQ29lVnptU1BJWW8vR1piakVMNGEKLzNQVWZyZkJZTmVUK0Nob3YrOHJqR2hFWUlZUDlMaklIZkJYR3JnWXE4VWZ5bndRakJBTVJvbFd0UjEva1NpSQpSOEdGMVVWOXloVnpPV2oxQ0ltWWdPbkJ2STBsZEMrUHVLaUZqNlF6OGVFU1JWaXhic29xUGhsWkFtbk5wTVliCjkvTk5oZmtPSXRGMGdBMGViQXFvZXRxdkZHYkw0RkFqVU9Hak5pNGpESTFFUmNuRWpSOXRLaEhDeWRDa2RhQjQKcFdyZ1dlRUNnWUVBN1VodXAyQkMyWE1zSVlQL0EyaEE4YWFlRHlWUDJ4TGxJN2Z4bThLR2QyeFFmNUR4QzJjVQowT2JTUmNwMnNqN3IyWXk1d2ZrUWJ1THZlR2RXWWpDS0VlNVo5WEJKTXdTYmVGSXBDY0QwUll2b2YwdG4xR2tLCkRkQU1LcXEweHFlc3NmT1hXRmlWVkg4ekNyQ0xBdXlHTW9TYnFvK1VwYlhVZHNMaFV2QndZSWtDZ1lFQXhOWFgKZEVxMGRwbXpJSGZ2ZWEzdVVQRHBIUjAzNkYvOEYwRVZrNjcrMW1TUDFVTTJuSXk0RFJSRzdhSG0relpqSGtiUQpUNnlWNDV4ckdKV2xmRXd4Y25OY1VaQ1Nhblh6azRzNkIwTFFUeU1lYlQ1MmY3S1dsU0s4eThkUldjN0kzcXJCCkF
これらが使われいることは "kubectl config view" というコマンドでも確認出来ますが、
"REDACTED"となっており伏せられています。
kubeuser@kubemaster1:~$ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://k8smaster1:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
つまり、これらを使えばhttp apiを使えるということになります。
注意点としては、そのままコピーするのではなく、Base64エンコーディングして使います。
各情報を、それそれファイルに格納します。
certificate-authority-data → ca.pem
client-certificate-data → client.pem
client-key-data → client-key.pem
kubeuser@kubemaster1:~$ export client=$(grep client-cert $HOME/.kube/config | cu t -d" " -f 6)
kubeuser@kubemaster1:~$ echo $client
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJWDNtZXU5K0s4UFV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TVRFeU1ERXhNVEl5TVRaYUZ3MHlNakV5TURFeE1USXlNakJhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXRuR3ByOVgxTUtMbVhhc04KUHRLOFUyZTdTNFFqb2V5UXdQSTdTSjVvQktFSGpSZDFkNUFRRXFUajRpbFlpODVydnJDRzZXVC84RW00eFQxdgpIYk1EbWdDMXNxVWVINjF0THpQOElkOEtJUjJyRGZFQk9TL3U4RnlVeUpQZyt5VENOaVJXWTZ5U21sL2NaVVFNClNtbDdXVDJPVmtNdzlCa3ZEcTNjRjMxRFdWVkRHS0l0dENxcEZ3d1B1WHE2N0xoNnhHLzlpK05UYVN0YVlPcU8KY2xORXNxQ1NoMVdVUkNiZWtma0k0OFRkTGdZd0dJL3lVV2xpbGEyRzUzOVRSVkEvc2pJVHpSbHVsZXVJY21hcQpvWGJiTThKTTF0UmF2MkJXRTZGbVY0NnFFdjJvMVBWL1kzZFF3Z054V0JJcWZ5NnVzZ2ZoejVuakd2K3BYUlZqClpHaHpzd0lEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFCNitkSndvZ1pNdDJkVHlFdkp3aXhwcnE1U1Rvb3BmRUdISwo5L1loWWtDbmhKY0FSUGg3VXU5bW1yS3VsVWlka2N2SExRaGlFWEMxRzBLbWUyTkNHdGRJQ0V6cHJtbEExOGlvCmlEU2NVR2RqRnpBNkVqMjZFcUQvaVpkZHkxQWtXVlRZT2owKzRSUWVEWE5xa1FnL3FWNStURGpUb0NRNVdrZ0kKQ2lhU3hlTmxSZXc1WmVlTXo2WjU0bGhvcDNTcWlvaVFnbkM1U3dTbENQOEk3NENLVG9RYXNxcEtPSk5HR2JCMgpwRmtQOEJwWXYxTXlpYVgxKzVBYUhHaGVVR29PcG5VaU5RQ3E0ZktBUW94K04rTEl3OWJRdTBPSCsvVmJOdzRzCkYrcG5SRXZ1WG9zTFY3aVBMQXNNSHpHOUpOczhqcFdMZHR1ekpXSG5MQ0Fhb2lMUGNPVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
kubeuser@kubemaster1:~$ echo $client | base64 -d > ./client.pem
kubeuser@kubemaster1:~$ export key=$(grep client-key-data $HOME/.kube/config | cu t -d" " -f 6)
kubeuser@kubemaster1:~$ echo $key
LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBdG5HcHI5WDFNS0xtWGFzTlB0SzhVMmU3UzRRam9leVF3UEk3U0o1b0JLRUhqUmQxCmQ1QVFFcVRqNGlsWWk4NXJ2ckNHNldULzhFbTR4VDF2SGJNRG1nQzFzcVVlSDYxdEx6UDhJZDhLSVIyckRmRUIKT1MvdThGeVV5SlBnK3lUQ05pUldZNnlTbWwvY1pVUU1TbWw3V1QyT1ZrTXc5Qmt2RHEzY0YzMURXVlZER0tJdAp0Q3FwRnd3UHVYcTY3TGg2eEcvOWkrTlRhU3RhWU9xT2NsTkVzcUNTaDFXVVJDYmVrZmtJNDhUZExnWXdHSS95ClVXbGlsYTJHNTM5VFJWQS9zaklUelJsdWxldUljbWFxb1hiYk04Sk0xdFJhdjJCV0U2Rm1WNDZxRXYybzFQVi8KWTNkUXdnTnhXQklxZnk2dXNnZmh6NW5qR3YrcFhSVmpaR2h6c3dJREFRQUJBb0lCQUFNdDI5MGFoMWsvblhBSQphUVN0TzJiZ3FkelpBcDN4dDF3RlhJOFpZNHFoRzdhVHNCSlRTbFJvMXllN3ZMVkM5Wkd2RmNxL1hjNWNHb0lsClhlaFFsRUY4dmEzTlBzY2lpSUtJRDE2dnVrZDFjdU9kVFg0bm5heEdrTGttQ29lVnptU1BJWW8vR1piakVMNGEKLzNQVWZyZkJZTmVUK0Nob3YrOHJqR2hFWUlZUDlMaklIZkJYR3JnWXE4VWZ5bndRakJBTVJvbFd0UjEva1NpSQpSOEdGMVVWOXloVnpPV2oxQ0ltWWdPbkJ2STBsZEMrUHVLaUZqNlF6OGVFU1JWaXhic29xUGhsWkFtbk5wTVliCjkvTk5oZmtPSXRGMGdBMGViQXFvZXRxdkZHYkw0RkFqVU9Hak5pNGpESTFFUmNuRWpSOXRLaEhDeWRDa2RhQjQKcFdyZ1dlRUNnWUVBN1VodXAyQkMyWE1zSVlQL0EyaEE4YWFlRHlWUDJ4TGxJN2Z4bThLR2QyeFFmNUR4QzJjVQowT2JTUmNwMnNqN3IyWXk1d2ZrUWJ1THZlR2RXWWpDS0VlNVo5WEJKTXdTYmVGSXBDY0QwUll2b2YwdG4xR2tLCkRkQU1LcXEweHFlc3NmT1hXRmlWVkg4ekNyQ0xBdXlHTW9TYnFvK1VwYlhVZHNMaFV2QndZSWtDZ1lFQXhOWFgKZEVxMGRwbXpJSGZ2ZWEzdVVQRHBIUjAzNkYvOEYwRVZrNjcrMW1TUDFVTTJuSXk0RFJSRzdhSG0relpqSGtiUQpUNnlWNDV4ckdKV2xmRXd4Y25OY1VaQ1Nhblh6azRzNkIwTFFUeU1lYlQ1MmY3S1dsU0s4eThkUldjN0kzcXJCCkFaM3FpMjBoWlQwV1lyNkUzZXR6ODFnSjBYbElSM2NzQk9jK1Mxc0NnWUVBczMyeUxxeVRoUGdwYnVUeGQvdFoKL1RKRHFFTmFSK2JnTElmTm5UeW1DUnFIUGlnL0hwZ0lXQW56RDlZYXViVDlKZURjOTQxWFQvb2NtZURacUliOQpPcGtwdFk4TjRDamhEa0JnU0wrTVNEdVFVUktTWlV4YnpaME9Sd3hBbVhGbkltbVlsN3pTb1V0aktmZm4vL3M1CmZHZHhkYkVOQ2RrazhmMXpBeEZjZ0xrQ2dZRUFsbkhIZ3JnU3BNK25UTHEreStiM3p0L0RuU0FXK2tKYTRMODcKS2F6SVZMOTUvQXVxY3c5UElaZ00rbFlUd0pCNlE4cm1MdTkvaFArcUQ1bFphZDZtc0k2aDBpbkk3eHdHTnhCawpJdWFiWnRFMTBWTzdxTENzVFlMR2dJNXdqRTd6MHRUNlBpMGY5cjlMbGlDUnVwbFozbkMzS0Joek1Lc2RacG9jCmlBYmk0eDhDZ1lFQXFkUVpaR2xPazlZeEhSbmFnMGpVZEZtS3JoN2JMRE9CMkhtK0VpVitqNDZ5MW9EbTNhQ08KUjVMTjNvMEV3OXFvaVpRYjVHR2hTazdiKzZMSnNFWkFzOHVIYmZXNVlCd3BBVzdETWFVVEROV05oVTZpaXNwVwpDeXBDVm9tcDkrREhmU3BxWVErTHRESERaakRQbkVIKzBhaWtobzdqZ0NQbWxjTUtiZHFHWEdRPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
kubeuser@kubemaster1:~$ echo $key | base64 -d > /../client-key.pem
kubeuser@kubemaster1:~$ export auth=$(grep certificate-authority-data $HOME/.kube/config | cu t -d" " -f 6)
kubeuser@kubemaster1:~$ echo $auth
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1USXdNVEV4TWpJeE5sb1hEVE14TVRFeU9URXhNakl4Tmxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTnJ0CkZFVFVjbitnZjh3T3RPNFFkdmFhNmtzV1hQSk5nckdGbkUrcGtLU2hEU3ZVYXFOcGEvU3J6Zyt6R2JYZXliRTIKdjh0Z242Z0RWVGcwd24vZXR1YVJZc2N1SDVFcnFTamdUbFpRRUo3THpnR2p2OTM2UzRjVCtXdjYrK3pJL2lKcgpFS0lYRWIyVHFvWkpnZEhKVGNHbCsrdjdBYWwvNUdTZWE0SmhjRit5TXRsWFo5NE1ORko2VHp3YyswTVo2VDhkCnVQNjRlWHgvdEtXeDMrdG8ydElCR01jU3hqZDNhTE04bXRLWVo1SzdNTHRuM2hKR0xxM05nb0psdVRub1lWQm8KbVZYVTIrTDFSYnJSS3RmdmIwRWZRNnUwcnFCazNSN0l5MHJRNkl6a1kyVUoxdUNKNVV5UWRvczhjUXdrRlFWdgpLK1UrV2NEanVwbDVPRDhla1ZzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFa0hmRjJmMTl3dmRYQ3hIdVhWZHVNVHVFWTkKaGU4TXZUQTlValhpTm1HWUZYSDQrZW53WGlLL3FOTEh4WUVhR2RLOTJhWGJmcFlGVG5BSkx6cDA4VzFNSTk3WgpoMFVLUVdsWTl2elhPalZLTjEwZnBkY1A5eThvVk0wSWhtWXdDbk9nZmdpRFdtM1QxL2dWbi9lL09xTWlsMmN4CjFjV2ZBeDlpRjlDVVA0ek5WbkUwUlNLQTI5c09TQS9nMEY2a3N0bTlHVmV3enlIZlZaalZUUVFGdEIxbHJTRFMKeitCQ0RFcERmOEFmejhZOXAwVHNESkFsQm5WempKZEhFcnV3TlUzSmVIUDcwZnB1QUtTYmZpT2J0ajBpVDVKMgpuZ1lhUDJVTitJSzYxUHFCb3ZIT3pNeE0rb0ZLODIyTlkvRXJyaEZGdVBJb1FKbEVGNkRPN0IrVUFGQT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
kubeuser@kubemaster1:~$ echo $auth | base64 -d > ./ca.pem
curl実行端末へ各認証ファイルをコピー
続いて、先ほど作成した3ファイルをcurlを実行する端末へコピーします。
※scpなどコピー出来れば方法は何でもOkです。
コピー先の端末にファイルがコピー出来ました。
pi@raspberrypi:~ $ ls *.pem
ca.pem client-key.pem client.pem
また、curl利用時にはAPI-Serverが稼働するMasterノードのホスト名(kubemaster1)を指定するので、
hostsで名前解決が出来るようにします。
pi@raspberrypi:~ $ cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.1.1 raspberrypi
192.168.1.251 k8smaster1
http apiの実行
そして、http apiを実行します。
今回は、curlコマンドを使って"default"というNamespaceにあるPodを確認します。
pi@raspberrypi:~ $ curl --cert ./client.pem --key ./client-key.pem --cacert ca.pem https://k8smaster1:6443/api/v1/namespaces/default/pods
{
"kind": "PodList",
"apiVersion": "v1",
"metadata": {
"selfLink": "/api/v1/namespaces/default/pods",
"resourceVersion": "211537"
},
"items": [
{
"metadata": {
"name": "nginx-6c67f5ff6f-78kmz",
"generateName": "nginx-6c67f5ff6f-",
"namespace": "default",
"selfLink": "/api/v1/namespaces/default/pods/nginx-6c67f5ff6f-78kmz",
"uid": "99983ae0-bee6-47ab-b4f1-5007a2d2d747",
"resourceVersion": "20123",
"creationTimestamp": "2021-12-01T13:41:25Z",
"labels": {
"app": "nginx",
"pod-template-hash": "6c67f5ff6f"
},
"annotations": {
"cni.projectcalico.org/containerID": "134ee4de22750865ebde30d3154a9a84dd375fa680533fb16b1b8b0c9d33d1e4",
"cni.projectcalico.org/podIP": "10.0.225.1/32",
"cni.projectcalico.org/podIPs": "10.0.225.1/32"
},
"ownerReferences": [
{
"apiVersion": "apps/v1",
"kind": "ReplicaSet",
"name": "nginx-6c67f5ff6f",
"uid": "9f0f8799-44ce-4417-9b78-241b99c15b3c",
"controller": true,
"blockOwnerDeletion": true
}
],
"managedFields": [
{
"manager": "kube-controller-manager",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-12-01T13:41:24Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"9f0f8799-44ce-4417-9b78-241b99c15b3c\"}":{".":{},"f:apiVersion":{},"f:blockOwnerDeletion":{},"f:controller":{},"f:kind":{},"f:name":{},"f:uid":{}}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:enableServiceLinks":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}
},
{
"manager": "calico",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-12-01T13:41:35Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:cni.projectcalico.org/containerID":{},"f:cni.projectcalico.org/podIP":{},"f:cni.projectcalico.org/podIPs":{}}}}
},
{
"manager": "kubelet",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-12-01T13:42:09Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:status":{"f:conditions":{"k:{\"type\":\"ContainersReady\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Initialized\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Ready\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}}},"f:containerStatuses":{},"f:hostIP":{},"f:phase":{},"f:podIP":{},"f:podIPs":{".":{},"k:{\"ip\":\"10.0.225.1\"}":{".":{},"f:ip":{}}},"f:startTime":{}}}
}
]
},
"spec": {
"volumes": [
{
"name": "default-token-dvbfd",
"secret": {
"secretName": "default-token-dvbfd",
"defaultMode": 420
}
}
],
"containers": [
{
"name": "nginx",
"image": "nginx:1.21.4",
"resources": {
},
"volumeMounts": [
{
"name": "default-token-dvbfd",
"readOnly": true,
"mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"
}
],
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File",
"imagePullPolicy": "IfNotPresent"
}
],
"restartPolicy": "Always",
"terminationGracePeriodSeconds": 30,
"dnsPolicy": "ClusterFirst",
"serviceAccountName": "default",
"serviceAccount": "default",
"nodeName": "kubeworker2",
"securityContext": {
},
"schedulerName": "default-scheduler",
"tolerations": [
{
"key": "node.kubernetes.io/not-ready",
"operator": "Exists",
"effect": "NoExecute",
"tolerationSeconds": 300
},
{
"key": "node.kubernetes.io/unreachable",
"operator": "Exists",
"effect": "NoExecute",
"tolerationSeconds": 300
}
],
"priority": 0,
"enableServiceLinks": true
},
"status": {
"phase": "Running",
"conditions": [
{
"type": "Initialized",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T13:41:27Z"
},
{
"type": "Ready",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T13:42:09Z"
},
{
"type": "ContainersReady",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T13:42:09Z"
},
{
"type": "PodScheduled",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T13:41:26Z"
}
],
"hostIP": "192.168.1.254",
"podIP": "10.0.225.1",
"podIPs": [
{
"ip": "10.0.225.1"
}
],
"startTime": "2021-12-01T13:41:27Z",
"containerStatuses": [
{
"name": "nginx",
"state": {
"running": {
"startedAt": "2021-12-01T13:42:07Z"
}
},
"lastState": {
},
"ready": true,
"restartCount": 0,
"image": "nginx:1.21.4",
"imageID": "docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e",
"containerID": "docker://1428691efc36c56269e0dab3f445629293fe854afe0012d43d35344b5c53a848",
"started": true
}
],
"qosClass": "BestEffort"
}
},
{
"metadata": {
"name": "nginx-6c67f5ff6f-f5xnz",
"generateName": "nginx-6c67f5ff6f-",
"namespace": "default",
"selfLink": "/api/v1/namespaces/default/pods/nginx-6c67f5ff6f-f5xnz",
"uid": "b628189b-56a7-40cb-b4f6-507345cab1ca",
"resourceVersion": "22805",
"creationTimestamp": "2021-12-01T13:59:40Z",
"labels": {
"app": "nginx",
"pod-template-hash": "6c67f5ff6f"
},
"annotations": {
"cni.projectcalico.org/containerID": "e8875265feb7b5d5bb43932ebeb26e29589f0f3fb7e9328a46f8a6eb188d9bb7",
"cni.projectcalico.org/podIP": "10.0.42.1/32",
"cni.projectcalico.org/podIPs": "10.0.42.1/32"
},
"ownerReferences": [
{
"apiVersion": "apps/v1",
"kind": "ReplicaSet",
"name": "nginx-6c67f5ff6f",
"uid": "9f0f8799-44ce-4417-9b78-241b99c15b3c",
"controller": true,
"blockOwnerDeletion": true
}
],
"managedFields": [
{
"manager": "kube-controller-manager",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-12-01T13:59:40Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"9f0f8799-44ce-4417-9b78-241b99c15b3c\"}":{".":{},"f:apiVersion":{},"f:blockOwnerDeletion":{},"f:controller":{},"f:kind":{},"f:name":{},"f:uid":{}}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:enableServiceLinks":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}
},
{
"manager": "calico",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-12-01T13:59:56Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:cni.projectcalico.org/containerID":{},"f:cni.projectcalico.org/podIP":{},"f:cni.projectcalico.org/podIPs":{}}}}
},
{
"manager": "kubelet",
"operation": "Update",
"apiVersion": "v1",
"time": "2021-12-01T14:00:36Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:status":{"f:conditions":{"k:{\"type\":\"ContainersReady\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Initialized\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Ready\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}}},"f:containerStatuses":{},"f:hostIP":{},"f:phase":{},"f:podIP":{},"f:podIPs":{".":{},"k:{\"ip\":\"10.0.42.1\"}":{".":{},"f:ip":{}}},"f:startTime":{}}}
}
]
},
"spec": {
"volumes": [
{
"name": "default-token-dvbfd",
"secret": {
"secretName": "default-token-dvbfd",
"defaultMode": 420
}
}
],
"containers": [
{
"name": "nginx",
"image": "nginx:1.21.4",
"resources": {
},
"volumeMounts": [
{
"name": "default-token-dvbfd",
"readOnly": true,
"mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"
}
],
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File",
"imagePullPolicy": "IfNotPresent"
}
],
"restartPolicy": "Always",
"terminationGracePeriodSeconds": 30,
"dnsPolicy": "ClusterFirst",
"serviceAccountName": "default",
"serviceAccount": "default",
"nodeName": "kubeworker",
"securityContext": {
},
"schedulerName": "default-scheduler",
"tolerations": [
{
"key": "node.kubernetes.io/not-ready",
"operator": "Exists",
"effect": "NoExecute",
"tolerationSeconds": 300
},
{
"key": "node.kubernetes.io/unreachable",
"operator": "Exists",
"effect": "NoExecute",
"tolerationSeconds": 300
}
],
"priority": 0,
"enableServiceLinks": true
},
"status": {
"phase": "Running",
"conditions": [
{
"type": "Initialized",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T13:59:43Z"
},
{
"type": "Ready",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T14:00:36Z"
},
{
"type": "ContainersReady",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T14:00:36Z"
},
{
"type": "PodScheduled",
"status": "True",
"lastProbeTime": null,
"lastTransitionTime": "2021-12-01T13:59:41Z"
}
],
"hostIP": "192.168.1.253",
"podIP": "10.0.42.1",
"podIPs": [
{
"ip": "10.0.42.1"
}
],
"startTime": "2021-12-01T13:59:43Z",
"containerStatuses": [
{
"name": "nginx",
"state": {
"running": {
"startedAt": "2021-12-01T14:00:35Z"
}
},
"lastState": {
},
"ready": true,
"restartCount": 0,
"image": "nginx:1.21.4",
"imageID": "docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e",
"containerID": "docker://a234cfed8a6d736123eb46ffab92aa8ac25eb0bf719ff9b01a2877925c1d01f5",
"started": true
}
],
"qosClass": "BestEffort"
}
}
]
}少し長いので確認するのが大変ですが、
kubectl describeでPodを確認したときの出力が近いかなと思います。
kubeuser@kubemaster1:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6c67f5ff6f-78kmz 1/1 Running 0 21h
nginx-6c67f5ff6f-f5xnz 1/1 Running 0 21h
kubeuser@kubemaster1:~$ kubectl describe pod nginx-6c67f5ff6f-78kmz nginx-6c67f5ff6f-f5xnz
Name: nginx-6c67f5ff6f-78kmz
Namespace: default
Priority: 0
Node: kubeworker2/192.168.1.254
Start Time: Wed, 01 Dec 2021 13:41:27 +0000
Labels: app=nginx
pod-template-hash=6c67f5ff6f
Annotations: cni.projectcalico.org/containerID: 134ee4de22750865ebde30d3154a9a84dd375fa680533fb16b1b8b0c9d33d1e4
cni.projectcalico.org/podIP: 10.0.225.1/32
cni.projectcalico.org/podIPs: 10.0.225.1/32
Status: Running
IP: 10.0.225.1
IPs:
IP: 10.0.225.1
Controlled By: ReplicaSet/nginx-6c67f5ff6f
Containers:
nginx:
Container ID: docker://1428691efc36c56269e0dab3f445629293fe854afe0012d43d35344b5c53a848
Image: nginx:1.21.4
Image ID: docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
Port: <none>
Host Port: <none>
State: Running
Started: Wed, 01 Dec 2021 13:42:07 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-dvbfd (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-dvbfd:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-dvbfd
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events: <none>
Name: nginx-6c67f5ff6f-f5xnz
Namespace: default
Priority: 0
Node: kubeworker/192.168.1.253
Start Time: Wed, 01 Dec 2021 13:59:43 +0000
Labels: app=nginx
pod-template-hash=6c67f5ff6f
Annotations: cni.projectcalico.org/containerID: e8875265feb7b5d5bb43932ebeb26e29589f0f3fb7e9328a46f8a6eb188d9bb7
cni.projectcalico.org/podIP: 10.0.42.1/32
cni.projectcalico.org/podIPs: 10.0.42.1/32
Status: Running
IP: 10.0.42.1
IPs:
IP: 10.0.42.1
Controlled By: ReplicaSet/nginx-6c67f5ff6f
Containers:
nginx:
Container ID: docker://a234cfed8a6d736123eb46ffab92aa8ac25eb0bf719ff9b01a2877925c1d01f5
Image: nginx:1.21.4
Image ID: docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
Port: <none>
Host Port: <none>
State: Running
Started: Wed, 01 Dec 2021 14:00:35 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-dvbfd (ro)
Conditions:
Type Status
Initializedその他、リソースをcurlで確認する
deploymentをcurlで確認します。
しかし、実行時に使用するapiのURLが分からないことがありますが、
"--v=6"というオプションを付けて"kubectl get"をすれば分かります。
kubeuser@kubemaster1:~$ kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 2/2 2 2 21h
kubeuser@kubemaster1:~$ kubectl get deployments nginx --v=6
I1202 11:46:59.853871 1497329 loader.go:375] Config loaded from file: /home/kubeuser/.kube/config
I1202 11:47:00.213735 1497329 round_trippers.go:443] GET https://k8smaster1:6443/apis/apps/v1/namespaces/default/deployments/nginx 200 OK in 345 milliseconds
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 2/2 2 2 22h
では、次はcurlで。
pi@raspberrypi:~ $ curl --cert ./client.pem --key ./client-key.pem --cacert ca.pem https://k8smaster1:6443/apis/apps/v1/namespaces/default/deployments/nginx
{
"kind": "Deployment",
"apiVersion": "apps/v1",
"metadata": {
"name": "nginx",
"namespace": "default",
"selfLink": "/apis/apps/v1/namespaces/default/deployments/nginx",
"uid": "048f0f15-07e6-41fb-8327-76a0cbd91353",
"resourceVersion": "26603",
"generation": 3,
"creationTimestamp": "2021-12-01T13:41:24Z",
"labels": {
"app": "nginx"
},
"annotations": {
"deployment.kubernetes.io/revision": "1",
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"apps/v1\",\"kind\":\"Deployment\",\"metadata\":{\"annotations\":{\"deployment.kubernetes.io/revision\":\"1\"},\"generation\":1,\"labels\":{\"app\":\"nginx\"},\"managedFields\":[{\"apiVersion\":\"apps/v1\",\"fieldsType\":\"FieldsV1\",\"fieldsV1\":{\"f:metadata\":{\"f:labels\":{\".\":{},\"f:app\":{}}},\"f:spec\":{\"f:progressDeadlineSeconds\":{},\"f:replicas\":{},\"f:revisionHistoryLimit\":{},\"f:selector\":{\"f:matchLabels\":{\".\":{},\"f:app\":{}}},\"f:strategy\":{\"f:rollingUpdate\":{\".\":{},\"f:maxSurge\":{},\"f:maxUnavailable\":{}},\"f:type\":{}},\"f:template\":{\"f:metadata\":{\"f:labels\":{\".\":{},\"f:app\":{}}},\"f:spec\":{\"f:containers\":{\"k:{\\\"name\\\":\\\"nginx\\\"}\":{\".\":{},\"f:image\":{},\"f:imagePullPolicy\":{},\"f:name\":{},\"f:resources\":{},\"f:terminationMessagePath\":{},\"f:terminationMessagePolicy\":{}}},\"f:dnsPolicy\":{},\"f:restartPolicy\":{},\"f:schedulerName\":{},\"f:securityContext\":{},\"f:terminationGracePeriodSeconds\":{}}}}},\"manager\":\"kubectl\",\"operation\":\"Update\",\"time\":\"2021-12-01T13:41:24Z\"},{\"apiVersion\":\"apps/v1\",\"fieldsType\":\"FieldsV1\",\"fieldsV1\":{\"f:metadata\":{\"f:annotations\":{\".\":{},\"f:deployment.kubernetes.io/revision\":{}}},\"f:status\":{\"f:availableReplicas\":{},\"f:conditions\":{\".\":{},\"k:{\\\"type\\\":\\\"Available\\\"}\":{\".\":{},\"f:lastTransitionTime\":{},\"f:lastUpdateTime\":{},\"f:message\":{},\"f:reason\":{},\"f:status\":{},\"f:type\":{}},\"k:{\\\"type\\\":\\\"Progressing\\\"}\":{\".\":{},\"f:lastTransitionTime\":{},\"f:lastUpdateTime\":{},\"f:message\":{},\"f:reason\":{},\"f:status\":{},\"f:type\":{}}},\"f:observedGeneration\":{},\"f:readyReplicas\":{},\"f:replicas\":{},\"f:updatedReplicas\":{}}},\"manager\":\"kube-controller-manager\",\"operation\":\"Update\",\"time\":\"2021-12-01T13:42:09Z\"}],\"name\":\"nginx\",\"namespace\":\"default\"},\"spec\":{\"progressDeadlineSeconds\":600,\"replicas\":2,\"revisionHistoryLimit\":10,\"selector\":{\"matchLabels\":{\"app\":\"nginx\"}},\"strategy\":{\"rollingUpdate\":{\"maxSurge\":\"25%\",\"maxUnavailable\":\"25%\"},\"type\":\"RollingUpdate\"},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app\":\"nginx\"}},\"spec\":{\"containers\":[{\"image\":\"nginx:1.21.4\",\"imagePullPolicy\":\"IfNotPresent\",\"name\":\"nginx\",\"resources\":{},\"terminationMessagePath\":\"/dev/termination-log\",\"terminationMessagePolicy\":\"File\"}],\"dnsPolicy\":\"ClusterFirst\",\"restartPolicy\":\"Always\",\"schedulerName\":\"default-scheduler\",\"securityContext\":{},\"terminationGracePeriodSeconds\":30}}}}\n"
},
"managedFields": [
{
"manager": "kubectl",
"operation": "Update",
"apiVersion": "apps/v1",
"time": "2021-12-01T14:26:35Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:annotations":{"f:kubectl.kubernetes.io/last-applied-configuration":{}},"f:labels":{".":{},"f:app":{}}},"f:spec":{"f:progressDeadlineSeconds":{},"f:replicas":{},"f:revisionHistoryLimit":{},"f:selector":{"f:matchLabels":{".":{},"f:app":{}}},"f:strategy":{"f:rollingUpdate":{".":{},"f:maxSurge":{},"f:maxUnavailable":{}},"f:type":{}},"f:template":{"f:metadata":{"f:labels":{".":{},"f:app":{}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}}}
},
{
"manager": "kube-controller-manager",
"operation": "Update",
"apiVersion": "apps/v1",
"time": "2021-12-01T14:26:40Z",
"fieldsType": "FieldsV1",
"fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:deployment.kubernetes.io/revision":{}}},"f:status":{"f:availableReplicas":{},"f:conditions":{".":{},"k:{\"type\":\"Available\"}":{".":{},"f:lastTransitionTime":{},"f:lastUpdateTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Progressing\"}":{".":{},"f:lastTransitionTime":{},"f:lastUpdateTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}}},"f:observedGeneration":{},"f:readyReplicas":{},"f:replicas":{},"f:updatedReplicas":{}}}
}
]
},
"spec": {
"replicas": 2,
"selector": {
"matchLabels": {
"app": "nginx"
}
},
"template": {
"metadata": {
"creationTimestamp": null,
"labels": {
"app": "nginx"
}
},
"spec": {
"containers": [
{
"name": "nginx",
"image": "nginx:1.21.4",
"resources": {
},
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File",
"imagePullPolicy": "IfNotPresent"
}
],
"restartPolicy": "Always",
"terminationGracePeriodSeconds": 30,
"dnsPolicy": "ClusterFirst",
"securityContext": {
},
"schedulerName": "default-scheduler"
}
},
"strategy": {
"type": "RollingUpdate",
"rollingUpdate": {
"maxUnavailable": "25%",
"maxSurge": "25%"
}
},
"revisionHistoryLimit": 10,
"progressDeadlineSeconds": 600
},
"status": {
"observedGeneration": 3,
"replicas": 2,
"updatedReplicas": 2,
"readyReplicas": 2,
"availableReplicas": 2,
"conditions": [
{
"type": "Progressing",
"status": "True",
"lastUpdateTime": "2021-12-01T13:42:09Z",
"lastTransitionTime": "2021-12-01T13:41:24Z",
"reason": "NewReplicaSetAvailable",
"message": "ReplicaSet \"nginx-6c67f5ff6f\" has successfully progressed."
},
{
"type": "Available",
"status": "True",
"lastUpdateTime": "2021-12-01T14:00:39Z",
}
おわりに
curlでhttp apiを指定して取得する情報は慣れないと見づらいですが、
kubectlコマンドと同じことが出来る方法があるというのはいいですね♪
この記事が気に入ったらサポートをしてみませんか?