Kubernetes API 列表获取

最新推荐文章于 2023-07-13 14:32:45 发布
最新推荐文章于 2023-07-13 14:32:45 发布
阅读量776 收藏 1
点赞数
分类专栏: 微服务 文章标签: kubernetes 容器
原文链接:https://blog.csdn.net/WuLex
版权
文章介绍了如何查看Kubernetes集群中的资源类型,包括Binding、ConfigMap、Pod等,以及如何使用kubectl命令获取API路径。同时,提供了获取所有端点的示例和脚本,以展示如何遍历核心API和非核心API资源。
摘要由CSDN通过智能技术生成

概述

熟悉client-go的同学非常清楚,Kubernetes中的资源是按照GVR定义的,即Group+Version+Resource,那么我们如何知道当前Kubernetes集群中有哪些资源的呢?他们的api路径是什么?

有哪些资源?

k api-resources

lua复制代码NAME                              SHORTNAMES   APIGROUP                       NAMESPACED   KIND
bindings                                                                      true         Binding
componentstatuses                 cs                                          false        ComponentStatus
configmaps                        cm                                          true         ConfigMap
endpoints                         ep                                          true         Endpoints
events                            ev                                          true         Event
limitranges                       limits                                      true         LimitRange
namespaces                        ns                                          false        Namespace
nodes                             no                                          false        Node
persistentvolumeclaims            pvc                                         true         PersistentVolumeClaim
persistentvolumes                 pv                                          false        PersistentVolume
pods                              po                                          true         Pod
podtemplates                                                                  true         PodTemplate
replicationcontrollers            rc                                          true         ReplicationController
resourcequotas                    quota                                       true         ResourceQuota
secrets                                                                       true         Secret
serviceaccounts                   sa                                          true         ServiceAccount
services                          svc                                         true         Service
mutatingwebhookconfigurations                  admissionregistration.k8s.io   false        MutatingWebhookConfiguration
validatingwebhookconfigurations                admissionregistration.k8s.io   false        ValidatingWebhookConfiguration
customresourcedefinitions         crd,crds     apiextensions.k8s.io           false        CustomResourceDefinition
apiservices                                    apiregistration.k8s.io         false        APIService
controllerrevisions                            apps                           true         ControllerRevision
daemonsets                        ds           apps                           true         DaemonSet
deployments                       deploy       apps                           true         Deployment
replicasets                       rs           apps                           true         ReplicaSet
statefulsets                      sts          apps                           true         StatefulSet
auditsinks                                     auditregistration.k8s.io       false        AuditSink
tokenreviews                                   authentication.k8s.io          false        TokenReview
localsubjectaccessreviews                      authorization.k8s.io           true         LocalSubjectAccessReview
selfsubjectaccessreviews                       authorization.k8s.io           false        SelfSubjectAccessReview
selfsubjectrulesreviews                        authorization.k8s.io           false        SelfSubjectRulesReview
subjectaccessreviews                           authorization.k8s.io           false        SubjectAccessReview
horizontalpodautoscalers          hpa          autoscaling                    true         HorizontalPodAutoscaler
cronjobs                          cj           batch                          true         CronJob
jobs                                           batch                          true         Job
certificatesigningrequests        csr          certificates.k8s.io            false        CertificateSigningRequest
leases                                         coordination.k8s.io            true         Lease
endpointslices                                 discovery.k8s.io               true         EndpointSlice
events                            ev           events.k8s.io                  true         Event
ingresses                         ing          extensions                     true         Ingress
flowschemas                                    flowcontrol.apiserver.k8s.io   false        FlowSchema
prioritylevelconfigurations                    flowcontrol.apiserver.k8s.io   false        PriorityLevelConfiguration
ingressclasses                                 networking.k8s.io              false        IngressClass
ingresses                         ing          networking.k8s.io              true         Ingress
networkpolicies                   netpol       networking.k8s.io              true         NetworkPolicy
runtimeclasses                                 node.k8s.io                    false        RuntimeClass
poddisruptionbudgets              pdb          policy                         true         PodDisruptionBudget
podsecuritypolicies               psp          policy                         false        PodSecurityPolicy
clusterrolebindings                            rbac.authorization.k8s.io      false        ClusterRoleBinding
clusterroles                                   rbac.authorization.k8s.io      false        ClusterRole
rolebindings                                   rbac.authorization.k8s.io      true         RoleBinding
roles                                          rbac.authorization.k8s.io      true         Role
priorityclasses                   pc           scheduling.k8s.io              false        PriorityClass
podpresets                                     settings.k8s.io                true         PodPreset
csidrivers                                     storage.k8s.io                 false        CSIDriver
csinodes                                       storage.k8s.io                 false        CSINode
storageclasses                    sc           storage.k8s.io                 false        StorageClass
volumeattachments                              storage.k8s.io                 false        VolumeAttachment

快速获取所有端点

kubectl get --raw /

{
  "paths": [
    "/api",
    "/api/v1",
    "/apis",
    "/apis/",
    "/apis/admissionregistration.k8s.io",
    "/apis/admissionregistration.k8s.io/v1",
    "/apis/admissionregistration.k8s.io/v1beta1",
    "/apis/apiextensions.k8s.io",
    "/apis/apiextensions.k8s.io/v1",
    "/apis/apiextensions.k8s.io/v1beta1",
    "/apis/apiregistration.k8s.io",
    "/apis/apiregistration.k8s.io/v1",
    "/apis/apiregistration.k8s.io/v1beta1",
    "/apis/apps",
    "/apis/apps/v1",
    "/apis/auditregistration.k8s.io",
    "/apis/auditregistration.k8s.io/v1alpha1",
    "/apis/authentication.k8s.io",
    "/apis/authentication.k8s.io/v1",
    "/apis/authentication.k8s.io/v1beta1",
    "/apis/authorization.k8s.io",
    "/apis/authorization.k8s.io/v1",
    "/apis/authorization.k8s.io/v1beta1",
    "/apis/autoscaling",
    "/apis/autoscaling/v1",
    "/apis/autoscaling/v2beta1",
    "/apis/autoscaling/v2beta2",
    "/apis/batch",
    "/apis/batch/v1",
    "/apis/batch/v1beta1",
    "/apis/batch/v2alpha1",
    "/apis/certificates.k8s.io",
    "/apis/certificates.k8s.io/v1beta1",
    "/apis/coordination.k8s.io",
    "/apis/coordination.k8s.io/v1",
    "/apis/coordination.k8s.io/v1beta1",
    "/apis/discovery.k8s.io",
    "/apis/discovery.k8s.io/v1beta1",
    "/apis/events.k8s.io",
    "/apis/events.k8s.io/v1beta1",
    "/apis/extensions",
    "/apis/extensions/v1beta1",
    "/apis/flowcontrol.apiserver.k8s.io",
    "/apis/flowcontrol.apiserver.k8s.io/v1alpha1",
    "/apis/networking.k8s.io",
    "/apis/networking.k8s.io/v1",
    "/apis/networking.k8s.io/v1beta1",
    "/apis/node.k8s.io",
    "/apis/node.k8s.io/v1alpha1",
    "/apis/node.k8s.io/v1beta1",
    "/apis/policy",
    "/apis/policy/v1beta1",
    "/apis/rbac.authorization.k8s.io",
    "/apis/rbac.authorization.k8s.io/v1",
    "/apis/rbac.authorization.k8s.io/v1alpha1",
    "/apis/rbac.authorization.k8s.io/v1beta1",
    "/apis/scheduling.k8s.io",
    "/apis/scheduling.k8s.io/v1",
    "/apis/scheduling.k8s.io/v1alpha1",
    "/apis/scheduling.k8s.io/v1beta1",
    "/apis/settings.k8s.io",
    "/apis/settings.k8s.io/v1alpha1",
    "/apis/storage.k8s.io",
    "/apis/storage.k8s.io/v1",
    "/apis/storage.k8s.io/v1alpha1",
    "/apis/storage.k8s.io/v1beta1",
    "/healthz",
    "/healthz/autoregister-completion",
    "/healthz/etcd",
    "/healthz/log",
    "/healthz/ping",
    "/healthz/poststarthook/apiserver/bootstrap-system-flowcontrol-configuration",
    "/healthz/poststarthook/apiservice-openapi-controller",
    "/healthz/poststarthook/apiservice-registration-controller",
    "/healthz/poststarthook/apiservice-status-available-controller",
    "/healthz/poststarthook/bootstrap-controller",
    "/healthz/poststarthook/crd-informer-synced",
    "/healthz/poststarthook/generic-apiserver-start-informers",
    "/healthz/poststarthook/kube-apiserver-autoregistration",
    "/healthz/poststarthook/rbac/bootstrap-roles",
    "/healthz/poststarthook/scheduling/bootstrap-system-priority-classes",
    "/healthz/poststarthook/start-apiextensions-controllers",
    "/healthz/poststarthook/start-apiextensions-informers",
    "/healthz/poststarthook/start-cluster-authentication-info-controller",
    "/healthz/poststarthook/start-kube-aggregator-informers",
    "/healthz/poststarthook/start-kube-apiserver-admission-initializer",
    "/livez",
    "/livez/autoregister-completion",
    "/livez/etcd",
    "/livez/log",
    "/livez/ping",
    "/livez/poststarthook/apiserver/bootstrap-system-flowcontrol-configuration",
    "/livez/poststarthook/apiservice-openapi-controller",
    "/livez/poststarthook/apiservice-registration-controller",
    "/livez/poststarthook/apiservice-status-available-controller",
    "/livez/poststarthook/bootstrap-controller",
    "/livez/poststarthook/crd-informer-synced",
    "/livez/poststarthook/generic-apiserver-start-informers",
    "/livez/poststarthook/kube-apiserver-autoregistration",
    "/livez/poststarthook/rbac/bootstrap-roles",
    "/livez/poststarthook/scheduling/bootstrap-system-priority-classes",
    "/livez/poststarthook/start-apiextensions-controllers",
    "/livez/poststarthook/start-apiextensions-informers",
    "/livez/poststarthook/start-cluster-authentication-info-controller",
    "/livez/poststarthook/start-kube-aggregator-informers",
    "/livez/poststarthook/start-kube-apiserver-admission-initializer",
    "/logs",
    "/metrics",
    "/openapi/v2",
    "/readyz",
    "/readyz/autoregister-completion",
    "/readyz/etcd",
    "/readyz/informer-sync",
    "/readyz/log",
    "/readyz/ping",
    "/readyz/poststarthook/apiserver/bootstrap-system-flowcontrol-configuration",
    "/readyz/poststarthook/apiservice-openapi-controller",
    "/readyz/poststarthook/apiservice-registration-controller",
    "/readyz/poststarthook/apiservice-status-available-controller",
    "/readyz/poststarthook/bootstrap-controller",
    "/readyz/poststarthook/crd-informer-synced",
    "/readyz/poststarthook/generic-apiserver-start-informers",
    "/readyz/poststarthook/kube-apiserver-autoregistration",
    "/readyz/poststarthook/rbac/bootstrap-roles",
    "/readyz/poststarthook/scheduling/bootstrap-system-priority-classes",
    "/readyz/poststarthook/start-apiextensions-controllers",
    "/readyz/poststarthook/start-apiextensions-informers",
    "/readyz/poststarthook/start-cluster-authentication-info-controller",
    "/readyz/poststarthook/start-kube-aggregator-informers",
    "/readyz/poststarthook/start-kube-apiserver-admission-initializer",
    "/readyz/shutdown",
    "/version"
  ]
}

API路径获取步骤

开启proxy

kubectl proxy --port=8080

样例

curl -s http://localhost:8080/api/v1
curl -s http://localhost:8080/api/v1/pods
curl -s http://localhost:8080/apis/apps/v1
curl -s http://localhost:8080/apis/apps/v1/statefulsets
curl -s http://localhost:8080/api/v1/pods\?watch\=yes

快速:执行脚本

#!/bin/bash
SERVER="localhost:8080"
# do core resources first, which are at a separate api location
api="core"
CORES=$(curl -s $SERVER/api/v1 | jq -r --arg api "$api" '.resources | .[] | .name ')

for resource in $CORES; do
    if [[ ! $resource =~ .*/.* ]]; then
        uri=$SERVER/api/v1/$resource
        echo $uri
    fi
done

# now do non-core resources
APIS=$(curl -s $SERVER/apis | jq -r '[.groups | .[].name] | join(" ")')

for api in $APIS; do
    version=$(curl -s $SERVER/apis/$api | jq -r '.preferredVersion.version')
    RESOURCES=$(curl -s $SERVER/apis/$api/$version | jq -r --arg api "$api" '.resources | .[] | .name ')
    for resource in $RESOURCES; do
        if [[ ! $resource =~ .*/.* ]]; then
            uri=$SERVER/apis/$api/$version/$resource
            echo $uri
        fi
    done
done

改编自 stackoverflow答案

k8s v1.18 结果

localhost:8080/api/v1/bindings
localhost:8080/api/v1/componentstatuses
localhost:8080/api/v1/configmaps
localhost:8080/api/v1/endpoints
localhost:8080/api/v1/events
localhost:8080/api/v1/limitranges
localhost:8080/api/v1/namespaces
localhost:8080/api/v1/nodes
localhost:8080/api/v1/persistentvolumeclaims
localhost:8080/api/v1/persistentvolumes
localhost:8080/api/v1/pods
localhost:8080/api/v1/podtemplates
localhost:8080/api/v1/replicationcontrollers
localhost:8080/api/v1/resourcequotas
localhost:8080/api/v1/secrets
localhost:8080/api/v1/serviceaccounts
localhost:8080/api/v1/services
localhost:8080/apis/apiregistration.k8s.io/v1/apiservices
localhost:8080/apis/extensions/v1beta1/ingresses
localhost:8080/apis/apps/v1/controllerrevisions
localhost:8080/apis/apps/v1/daemonsets
localhost:8080/apis/apps/v1/deployments
localhost:8080/apis/apps/v1/replicasets
localhost:8080/apis/apps/v1/statefulsets
localhost:8080/apis/events.k8s.io/v1beta1/events
localhost:8080/apis/authentication.k8s.io/v1/tokenreviews
localhost:8080/apis/authorization.k8s.io/v1/localsubjectaccessreviews
localhost:8080/apis/authorization.k8s.io/v1/selfsubjectaccessreviews
localhost:8080/apis/authorization.k8s.io/v1/selfsubjectrulesreviews
localhost:8080/apis/authorization.k8s.io/v1/subjectaccessreviews
localhost:8080/apis/autoscaling/v1/horizontalpodautoscalers
localhost:8080/apis/batch/v1/jobs
localhost:8080/apis/certificates.k8s.io/v1beta1/certificatesigningrequests
localhost:8080/apis/networking.k8s.io/v1/networkpolicies
localhost:8080/apis/policy/v1beta1/poddisruptionbudgets
localhost:8080/apis/policy/v1beta1/podsecuritypolicies
localhost:8080/apis/rbac.authorization.k8s.io/v1/clusterrolebindings
localhost:8080/apis/rbac.authorization.k8s.io/v1/clusterroles
localhost:8080/apis/rbac.authorization.k8s.io/v1/rolebindings
localhost:8080/apis/rbac.authorization.k8s.io/v1/roles
localhost:8080/apis/settings.k8s.io/v1alpha1/podpresets
localhost:8080/apis/storage.k8s.io/v1/csidrivers
localhost:8080/apis/storage.k8s.io/v1/csinodes
localhost:8080/apis/storage.k8s.io/v1/storageclasses
localhost:8080/apis/storage.k8s.io/v1/volumeattachments
localhost:8080/apis/admissionregistration.k8s.io/v1/mutatingwebhookconfigurations
localhost:8080/apis/admissionregistration.k8s.io/v1/validatingwebhookconfigurations
localhost:8080/apis/apiextensions.k8s.io/v1/customresourcedefinitions
localhost:8080/apis/scheduling.k8s.io/v1/priorityclasses
localhost:8080/apis/coordination.k8s.io/v1/leases
localhost:8080/apis/auditregistration.k8s.io/v1alpha1/auditsinks
localhost:8080/apis/node.k8s.io/v1beta1/runtimeclasses
localhost:8080/apis/discovery.k8s.io/v1beta1/endpointslices
localhost:8080/apis/flowcontrol.apiserver.k8s.io/v1alpha1/flowschemas
localhost:8080/apis/flowcontrol.apiserver.k8s.io/v1alpha1/prioritylevelconfigurations
【原创】k8s源码分析-----kubectl(1)api.RESTMapper
月牙寂
04-18 1万+
  本文QQ空间链接:http://user.qzone.qq.com/29185807/blog/1460961715 本文csdn博文链接:http://blog.csdn.net/screscent/article/details/51179485 源码为k8s v1.1.1稳定版本   api. RESTMapper是kube-apiserver和kubectl的基础,在讲解ku...
Kubernetes基础:CLI与Restful API:节点信息获取
知行合一 止于至善
09-04 2998
使用CLI方式可以通过kubectl对Kubernetes进行操作,同时也使用Restful API直接进行操作。这篇文章介绍一下两种方式下节点信息的获取
python 通过k8s API采集k8s 集群信息
HD0do的博客
11-22 1064
【代码】python 通过k8s API采集k8s 集群信息。
使用Restful API访问k8s集群
whz-emm的博客
10-29 1045
创建命名空间 或者使用已有的命令空间 kubectl create ns myns 创建serviceaccount 名称为mysc,命名空间为myns kubectl create serviceaccount mysc -n myns 使用RBAC赋权 创建Role 定义访问资源的权限,rules参考使用 RBAC 鉴权 | Kubernetes apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: nam.
k8s的api
weixin_30363981的博客
06-29 328
一、namespaced resources 所谓的namespaced resources,就是这个resource是从属于某个namespace的, 比如pod, deployment, service都属于namespaced resource. http://localhost:8080/api/v1/namespaces/default/pods/test-pod 可以看出,...
kubernetes api微服务开发之访问api server
安心Smile的博客
05-05 1104
[kubernetes api微服务开发之访问api server](http://www.appblog.cn/2019/07/11/kubernetes%20api%E5%BE%AE%E6%9C%8D%E5%8A%A1%E5%BC%80%E5%8F%91%E4%B9%8B%E8%AE%BF%E9%97%AEapi%20server/)
Kubernetes--API Server
GaoChuang_的博客
11-06 1347
一、Kubernetes API Server功能 Kubernetes API Server的核心功能是提供Kubernetes各类资源对象(如Pod、RC、Server等)的增、删、改、查及watch等HTTP REST接口,成为集群内各个功能模块之间数据交互和通信中心枢纽,是整个系统的数据总线和数据中心。除此之外,它还是集群管理的API入口,是资源配额控制的入口,提供了完备的集群安全机制。 二、Kubernetes API Server核心原理 通过curl 命令访问 API...
kubernetes-resources-reference:该工具根据Kubernetes API定义创建DocBook文档
04-15
用于创建Kubernetes API文档的工具。 访问网站 在以下位置获取印刷书籍: 美国: : 英国: : DE: : FR: : ES: : IT: : JP: : CA: https : //www.amazon.ca/dp/B086G11WY1 用法 网络输出 ...
python访问k8s的api_python3的kubernetes api 使用
weixin_30356433的博客
01-14 932
一、认证github:https://github.com/kubernetes-client/python1、kubeconfig文件认证首先引入SDK支持库。然后将 ~/.kube 的config文件的内容复制到本地目录,保存为文件kubeconfig.yaml,然后运行下面的python代码。#使用from kubernetes import client, configconfig.kub...
基于kubernetes Api拉取deployment service
经纬的博客
09-21 2113
由于现有工作的需要,需要对python以及kubernetes的使用更为熟悉,所有尝试利用Python完成kubernetes的一系列操作。 此脚本是利用调用kubernetesApi接口完成对deployment,与service的拉取,从而实现对该yaml的一个备份处理。 # !/usr/bin/env python3 # -*- coding: utf-8 -*- ''' 可实现拉取kub...
在K8S集群内部搭建获取集群信息的服务
尹曦的博客
07-13 348
【代码】在K8S集群内部搭建获取集群信息的服务。
K8S API接口汇总
热门推荐
Shallow的博客
02-28 2万+
一、资源对象 首先附上官方API参考文档 官方api文档 1. namespace 增(创建)POST请求: 创建namespace: /api/v1/namespaces 删(删除) DELETE请求: 删除namespace: /api/v1/namespaces/{name} 改(修改)PUT请求: 替换指定的命名空间: /api/v1/namespaces/{name} 替...
k8s查找所有pod_kubernetes – kubectl命令获取在k8s主节点上运行的pod列表
weixin_39792686的博客
12-21 2577
是否有可能从kubectl获取在matser上运行的pod列表?我试过这个kubectl get pods -o wide --sort-by="{.spec.nodeName}"但这并没有说节点是主节点还是工作节点最佳答案 如the overview中所述:A Pod always runs on a 07001.A Node is a worker machine in Kubernete...
K8S API访问
叫什么好呢
04-19 2098
获取k8s api 信息:curl localhost:8080/api获取K8S server api 支持资源对象的种类:curl localhost:8080/api/v1获取集群pod列表:curl localhost:8080/api/v1/pods获取service列表:curl localhost:8080/api/v1/services获取RC:curl localhost:808...
k8s之API接口访问
xingdiango的博客
03-29 7237
API(Application Programming Interface,应用程序接口): 是一些预先定义的接口(如函数、HTTP接口),或指软件系统不同组成部分衔接的约定。K8s也提供API接口,提供这个接口的是管理节点的apiserver组件,apiserver服务负责提供HTTP API,以便用户、其他组件相互通信。所以这个的错误的信息代表的意思是,pod用namespace默认的serviceaccout是没有权限访问K8s的 API group的。这步如果没有做就会报错。
k8s servelList(服务列表) 卡死不同步问题分析
czk740960212的专栏
03-03 876
k8s servelList(服务列表) 卡死不同步,调用到历史下线的pod ip
如何访问kubelet API接口
丰年留客的专栏
01-11 948
如何访问kubelet的API接口。
【GO】K8s 管理系统项目11[API部分--Service]
Q先生
01-03 1188
【GO】K8s 管理系统项目[API部分--Service]
使用kubectl api在K8S集群内动态指定主节点实现故障转移
wangxi83的博客
03-18 2213
前言 我们在部署服务的时候,有很多服务是master-slave模式,这些服务可能有自己的故障切换逻辑。 我们知道,我们可以通过一个负载均衡器能够指向master服务,当故障发生的时候,在slave切换到master以后,负载均衡也能能切换到新的master上面。但是,这无疑会增加部署成本 那么,在K8S(或K3S)里面怎么最低成本的实现呢? 假设我有一个服务叫“OrgManager”服务,这是一个典型的master-slave主备模式的服务,它有一个能够获取当前集群主备信息的接口。 今天我们就以动态切换O
获取 Kubernetes API 服务器的 CA 证书
最新发布
10-15
获取 Kubernetes API 服务器的 CA (证书颁发机构) 证书是为了验证集群的身份并确保通信的安全。在 Kubernetes 集群中,通常会有一个公共 CA 根证书,用于签发服务账户、节点和服务的证书。以下是获取 CA 证书的一般步骤: 1. **通过Kubectl**: 如果你使用的是 kubectl 工具,你可以从本地配置文件 `.kube/config` 中获取。运行命令 `kubectl config view`,在 `clusters` 节点下找到对应的 `certificate-authority-data` 字段,它包含了 CA 的 Base64 编码内容。 ```sh kubectl config view -o json | jq '.clusters[].cluster.certificate-authority-data' ``` 2. **直接下载**: 也可以在 Kubernetes 控制台的 UI 界面找到。登录到集群管理界面(通常是通过浏览器访问 `https://<master-ip>:6443`),找到 "Certificates" 或类似选项,通常可以下载根CA证书。 3. **文件存储**: 证书通常存储在 `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt` 这样的路径中。如果需要手动访问,可以根据这个路径去查看或者复制。 请注意,获取 CA 证书之前确保你有相应的权限,并且操作应在安全环境下进行,以防证书泄露。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值