k8s学习第16天

最新推荐文章于 2024-07-23 22:45:14 发布
最新推荐文章于 2024-07-23 22:45:14 发布
阅读量37 收藏
点赞数
分类专栏: k8s 文章标签: kubernetes 学习 linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_34893654/article/details/130411149
版权

API SEVER

Api Server的核心功能是提供k8s各类资源对象的增删改查以及watch等http  rest 接口,相当于集群内各个功能模块直接数据交互和通信的中心枢纽,,是整个系统的数据总线和数据中心。除此之外,他还是集群管理的API入口,是资源配额控制的入口,提供完备的集群安全机制。

使用kubectl和 api server交互,并使用curl工具验证

kubectl proxy --port=8079

查看api server的版本信息:

curl http://localhost:8080/api/

{
  "kind": "APIVersions",
  "versions": [
    "v1"
  ],
  "serverAddressByClientCIDRs": [
    {
      "clientCIDR": "0.0.0.0/0",
      "serverAddress": "172.16.2.220:6443"
    }
  ]
}

可见只有v1版本,我们只要使用v1版本即可

查看目前支持的资源对象种类

[root@scms01 day12]# curl http://localhost:8079/api/v1
{
  "kind": "APIResourceList",
  "groupVersion": "v1",
  "resources": [
    {
      "name": "bindings",
      "singularName": "",
      "namespaced": true,
      "kind": "Binding",
      "verbs": [
        "create"
      ]
    },
    {
      "name": "componentstatuses",
      "singularName": "",
      "namespaced": false,
      "kind": "ComponentStatus",
      "verbs": [
        "get",
        "list"
      ],
      "shortNames": [
        "cs"
      ]
    },
    {
      "name": "configmaps",
      "singularName": "",
      "namespaced": true,
      "kind": "ConfigMap",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "cm"
      ],
      "storageVersionHash": "qFsyl6wFWjQ="
    },
    {
      "name": "endpoints",
      "singularName": "",
      "namespaced": true,
      "kind": "Endpoints",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "ep"
      ],
      "storageVersionHash": "fWeeMqaN/OA="
    },
    {
      "name": "events",
      "singularName": "",
      "namespaced": true,
      "kind": "Event",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "ev"
      ],
      "storageVersionHash": "r2yiGXH7wu8="
    },
    {
      "name": "limitranges",
      "singularName": "",
      "namespaced": true,
      "kind": "LimitRange",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "limits"
      ],
      "storageVersionHash": "EBKMFVe6cwo="
    },
    {
      "name": "namespaces",
      "singularName": "",
      "namespaced": false,
      "kind": "Namespace",
      "verbs": [
        "create",
        "delete",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "ns"
      ],
      "storageVersionHash": "Q3oi5N2YM8M="
    },
    {
      "name": "namespaces/finalize",
      "singularName": "",
      "namespaced": false,
      "kind": "Namespace",
      "verbs": [
        "update"
      ]
    },
    {
      "name": "namespaces/status",
      "singularName": "",
      "namespaced": false,
      "kind": "Namespace",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "nodes",
      "singularName": "",
      "namespaced": false,
      "kind": "Node",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "no"
      ],
      "storageVersionHash": "XwShjMxG9Fs="
    },
    {
      "name": "nodes/proxy",
      "singularName": "",
      "namespaced": false,
      "kind": "NodeProxyOptions",
      "verbs": [
        "create",
        "delete",
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "nodes/status",
      "singularName": "",
      "namespaced": false,
      "kind": "Node",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "persistentvolumeclaims",
      "singularName": "",
      "namespaced": true,
      "kind": "PersistentVolumeClaim",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "pvc"
      ],
      "storageVersionHash": "QWTyNDq0dC4="
    },
    {
      "name": "persistentvolumeclaims/status",
      "singularName": "",
      "namespaced": true,
      "kind": "PersistentVolumeClaim",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "persistentvolumes",
      "singularName": "",
      "namespaced": false,
      "kind": "PersistentVolume",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "pv"
      ],
      "storageVersionHash": "HN/zwEC+JgM="
    },
    {
      "name": "persistentvolumes/status",
      "singularName": "",
      "namespaced": false,
      "kind": "PersistentVolume",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "pods",
      "singularName": "",
      "namespaced": true,
      "kind": "Pod",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "po"
      ],
      "categories": [
        "all"
      ],
      "storageVersionHash": "xPOwRZ+Yhw8="
    },
    {
      "name": "pods/attach",
      "singularName": "",
      "namespaced": true,
      "kind": "PodAttachOptions",
      "verbs": [
        "create",
        "get"
      ]
    },
    {
      "name": "pods/binding",
      "singularName": "",
      "namespaced": true,
      "kind": "Binding",
      "verbs": [
        "create"
      ]
    },
    {
      "name": "pods/ephemeralcontainers",
      "singularName": "",
      "namespaced": true,
      "kind": "Pod",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "pods/eviction",
      "singularName": "",
      "namespaced": true,
      "group": "policy",
      "version": "v1",
      "kind": "Eviction",
      "verbs": [
        "create"
      ]
    },
    {
      "name": "pods/exec",
      "singularName": "",
      "namespaced": true,
      "kind": "PodExecOptions",
      "verbs": [
        "create",
        "get"
      ]
    },
    {
      "name": "pods/log",
      "singularName": "",
      "namespaced": true,
      "kind": "Pod",
      "verbs": [
        "get"
      ]
    },
    {
      "name": "pods/portforward",
      "singularName": "",
      "namespaced": true,
      "kind": "PodPortForwardOptions",
      "verbs": [
        "create",
        "get"
      ]
    },
    {
      "name": "pods/proxy",
      "singularName": "",
      "namespaced": true,
      "kind": "PodProxyOptions",
      "verbs": [
        "create",
        "delete",
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "pods/status",
      "singularName": "",
      "namespaced": true,
      "kind": "Pod",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "podtemplates",
      "singularName": "",
      "namespaced": true,
      "kind": "PodTemplate",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "storageVersionHash": "LIXB2x4IFpk="
    },
    {
      "name": "replicationcontrollers",
      "singularName": "",
      "namespaced": true,
      "kind": "ReplicationController",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "rc"
      ],
      "categories": [
        "all"
      ],
      "storageVersionHash": "Jond2If31h0="
    },
    {
      "name": "replicationcontrollers/scale",
      "singularName": "",
      "namespaced": true,
      "group": "autoscaling",
      "version": "v1",
      "kind": "Scale",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "replicationcontrollers/status",
      "singularName": "",
      "namespaced": true,
      "kind": "ReplicationController",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "resourcequotas",
      "singularName": "",
      "namespaced": true,
      "kind": "ResourceQuota",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "quota"
      ],
      "storageVersionHash": "8uhSgffRX6w="
    },
    {
      "name": "resourcequotas/status",
      "singularName": "",
      "namespaced": true,
      "kind": "ResourceQuota",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "secrets",
      "singularName": "",
      "namespaced": true,
      "kind": "Secret",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "storageVersionHash": "S6u1pOWzb84="
    },
    {
      "name": "serviceaccounts",
      "singularName": "",
      "namespaced": true,
      "kind": "ServiceAccount",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "sa"
      ],
      "storageVersionHash": "pbx9ZvyFpBE="
    },
    {
      "name": "serviceaccounts/token",
      "singularName": "",
      "namespaced": true,
      "group": "authentication.k8s.io",
      "version": "v1",
      "kind": "TokenRequest",
      "verbs": [
        "create"
      ]
    },
    {
      "name": "services",
      "singularName": "",
      "namespaced": true,
      "kind": "Service",
      "verbs": [
        "create",
        "delete",
        "deletecollection",
        "get",
        "list",
        "patch",
        "update",
        "watch"
      ],
      "shortNames": [
        "svc"
      ],
      "categories": [
        "all"
      ],
      "storageVersionHash": "0/CO1lhkEBI="
    },
    {
      "name": "services/proxy",
      "singularName": "",
      "namespaced": true,
      "kind": "ServiceProxyOptions",
      "verbs": [
        "create",
        "delete",
        "get",
        "patch",
        "update"
      ]
    },
    {
      "name": "services/status",
      "singularName": "",
      "namespaced": true,
      "kind": "Service",
      "verbs": [
        "get",
        "patch",
        "update"
      ]
    }
  ]
}

查看集群的信息:

根据以上的输出,我们用curl命令,分别返回集群中的pod列表、service列表、RC列表等。

//返回service信息
curl http://localhost:8079/api/v1/services

//返回pod信息
curl http://localhost:8079/api/v1/pods

//返回rc列表
curl http://localhost:8079/api/v1/replicationcontrollers
{
  "kind": "ReplicationControllerList",
  "apiVersion": "v1",
  "metadata": {
    "resourceVersion": "4415496"
  },
  "items": []
}

 限制暴露的接口

如果我们只想在外部暴露部分REST接口,可以再master或其他结点上运行kubectl proxy 进程来实现,比如

[root@scms01 day12]# kubectl proxy --port=8078 --reject-paths="^/api/v1/replicationcontrollers"
Starting to serve on 127.0.0.1:8078

然后再请求被限制的接口:

[root@scms01 day12]# curl http://localhost:8078/api/v1/replicationcontrollers
Forbidden

发现是被禁止了

qq_34893654
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
k8s学习第一
Binbinhb的博客
06-15 1061
学习K8s第一
k8s学习pod第二
qq_34893654的博客
04-10 114
容器内获取pod信息,k8s在成功创建pod之后,会为pod和容器设置一些额外的信息,例如Pod级别的Pod的名称,Pod IP、Node IP、Label、Annotaitons、容器级别的资源限制等。在很多场景下,这些信息对容器内的应用来说,都很有用,如使用Pod名称做为日志记录的一个字段用于标识日志来源。为了在容器内获取pod级别的这些信息,k8s提供了Downward API的机制来将PodHe容器的某些元数据信息注入容器中,供容器使用。
k8s学习第15
qq_34893654的博客
04-25 39
外部的集群:数据库、缓存服务等其他k8s集群的某个服务---metadata:spec:ports:port: 80---#把外面的服务包装成一个endpointmetadata:#配置外面的访问IP和端口subsets:- address:ports:- port: 80。
k8s学习第18
qq_34893654的博客
04-28 43
我们看到了--config参数配置的路径,打开这个路径可以配相关启动参数,然后重启。
k8s学习
Yuan_xii的博客
09-10 1558
K8S学习之路 1.介绍 1.1单机部署 1.2.虚拟化部署 类似window上安装多个linux虚拟机,在虚拟机中部署程序,使得程序之间不会互相影响 1.3.容器化部署 共享了操作系统,保证每个系统拥有自己的文件系统,CPU,内存,进程空间;运行应用程序所需要的资源被容器包装,并和底层基础架构解耦;容器化的应用程序可以跨云服务商,跨linux操作系统发行版进行部署; 1.3.2.存在问题 一个容器故障停机了,怎样让另外一个容器立刻启动去替补停机的容器; 当并发访问量变大的时候,怎么样做到横向扩展容器数量
K3s部署及研究
Januea的博客
07-22 683
K3s部署及研究
K8s-控制器
最新发布
l6xy6的博客
07-23 433
2.编辑RS控制器:kubectl -n lxy edit rs nginx-rs (有些是无法修改)获取当前rs资源的Yaml: kubectl -n lxy get rs nginx-rs -oyaml。1.对yaml修改副本数,修改资源配置:kubectl apply -f rs-nginx.yml。2.控制器可以帮助用户监控,并保证节点上运行定义好的pod副本数。3.pod超过或低于用户期望,控制器会创建、删除pod副本数量。作用:1.pod类型资源删除,不会重建。
K8S第一节:什么是K8S
chililopp的博客
07-23 843
kuberbetes这词是起源于希腊语,是舵手的意思,因为k与s之间一共有8个字母,所以大家习惯称呼为K8s;它的logo是一个舵,而舵是用来操控船的;而船不就是docker吗?​当使用docker或containerd作为容器运行时,如果运行大量的容器服务,此时管理这些容器就会很麻烦,而K8S就是这么一个对容器进行统一管理的开源容器编排平台,支持自动部署、扩展和容器化应用程序;
k8s+containerd(kvm版)
weixin_62799021的博客
07-22 584
k8sKubernetes)是由Gogle开源的容器编排引擎,可以用来管理容器化的应用程序和服务,kk8s提供了自动重启、自动重建、自动修复提高集群的可用性,以下概念稍微了解即可,看一看直接实操,
K8s 核心组件——API Server
谦虚使人发胖的博客
07-23 721
Kubernetes API Server(API Server)是 Kubernetes 的核心组件之一,负责暴露 Kubernetes API 给用户和客户端,接收和处理来自客户端的请求,并将其存储到 etcd 中。Kubernetes API Server 主要作用是提供 Kubernetes 各类资源对象(如 Pod、Deployment、Service等)的增、删、改、查及 Watch 等 HTTP REST 接口,是集群内各个功能模块直接数据交互和通信的中心枢纽,是整个系统的数据总线和数据中心。
k8s中部署Jenkins、SonarQube、StorageClass部署流程
虫虫的博客
07-23 757
k8s中部署Jenkins、SonarQube、StorageClass部署流程
k8s 公共服务
怨行客
07-23 104
修改named.conf。修改第13行和第21行下面是 named.rfc1912 修改位置,在最后所以用cp -p 复制文件,保留权限nslookup 回车,server是看哪个dns 在起作用dns服务器要配置给所有公共服务节点和 k8s 节点就在网络文件加个DNS2就行了,网络还要重启。
K8S实战进阶
xinxiaoyu_的博客
07-19 1050
官网文档:https://kubernetes.io/zh-cn/docs/reference/using-api/REST API 是 Kubernetes 系统的重要部分,组件之间的所有操作和通信均由 API Server 处理的 REST AP I调用,大多数情况下, API 定义和实现都符合标准的 HTTP REST 格式,可以通过kubectl命令管理工具或其他命令行工具来执行。控制管理器开启–horizontal-pod-autoscaler-use-rest-clients。
最新版kubeadm搭建k8s(已成功搭建)
weixin_45565886的博客
07-20 682
最新版kubeadm搭建k8s(已成功搭建)
k8s云原生技术栈(脑图)
晴空的博客
07-23 373
Kubernetes (K8s) 是一种开源的容器编排引擎,用于自动化应用程序容器的部署、扩展和操作。它由Google设计并捐赠给Cloud Native Computing Foundation(CNCF)进行维护。Kubernetes 提供了一个强大的平台,用于构建和管理容器化应用程序的解决方案。
Helm部署k8s应用
misakivv的博客
07-23 425
Helm部署k8s应用
windows 安装 kubectl 并连接到 k8s 集群【图文教程】
甘蓝的专栏
07-19 780
还不会在windows上连接到k8s集群?
[k8s源码]7.indexer
weixin_45396500的博客
07-23 439
比如,下面代码是创建一个名叫library的结构体的代码,可以看到这里indexer也是type Indexers map[string]IndexFunc,然后这里也定义了type IndexFunc func(Book) []string,那么就可以将indexer定义为“author”:authorIndexFunc,查看index.go的源码,可以看到类似的type定义。这里创建的就是indexer(索引器),加入的“namespace”和“NodeName”就是索引index。
K8S 部署jaeger-operator,与其演示项目hotrod
lhf2112的博客
07-20 829
因为这里只是demo的需要所以采用了all-in-one的方式部署,生产环境建议朋友们采用可靠的持久化部署方式。j为什么没有选择jaeger-kubernetes呢?因为它是有些过时的,从其主页上我们可以看到此项目处于已经归档且久未更新的状态。
微博在线机器学习平台的K8S实战与挑战
"微博在线机器学习平台的K8S实践" 这篇技术分享主要探讨了微博如何利用KubernetesK8S)解决在线机器学习平台的算力问题。在2019年的云栖大会上,来自新浪微博的工程师袁定平分享了微博AI业务的发展趋势以及他们在...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值