下载jq
chmod +x jq
mv jq /usr/bin/
启用非安全端口
kubectl proxy --port=8080
查看默认namespace pod列表
curl localhost:8080/api/v1/namespaces/default/pods/ | jq -r '.items[].metadata.name'
HTTPS访问
创建一个namespace
kubectl create ns test
创建role
kubectl create role pods-reader --verb=get,list,watch --resource=pods --namespace=test
创建rolebinding
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: default-role-binding
namespace: test
subjects:
- kind: ServiceAccount
name: default
roleRef:
kind: Role
name: pod-reader
apiGroup: rbac.authorization.k8s.io
创建一个带有curl的测试pod
apiVersion: apps/v1
kind: Deployment
metadata:
name: centos
namespace: test
spe