from kubernetes import config, client
##注意需要使用kubernetes 版本 19及以上。 https://github.com/kubernetes-client/python/issues/1723
## 使用的时候修改k8s https 认证文件
config.load_kube_config(config_file=r"k8s https配置文件路径")
apps_v1_api = client.AppsV1Api()
networking_v1_api = client.NetworkingV1Api()
def patch_secretName_byNamespace(target_secretName, namespace):
# 获取某个namespace下ingress
ingress_result = networking_v1_api.list_namespaced_ingress(namespace=namespace, pretty='true')
_update_ingress_secretName(ingress_result, target_secretName)
def patch_secretName_all(target_secretName):
# 获取所有ingress
ingress_result = networking_v1_api.list_ingress_for_all_namespaces(pretty='true')
_update_ingress_secretName(ingress_result, target_secretName)
def _update_ingress_secretName(ingress_result, target_secretName):
for ingress in ingress_result.items:
if ingress.spec.tls is None or len(ingress.spec.tls) <= 0:
continue
for tls in ingress.spec.tls:
if tls.secret_name and tls.secret_name != target_secretName:
tls.secret_name = target_secretName
# print(ingress)
# 执行更新操作。
ingress_name = ingress.metadata.name
ingress_namespace = ingress.metadata.namespace
result = networking_v1_api.patch_namespaced_ingress(ingress_name, ingress_namespace, ingress)
print(result)
# result = networking_v1_api.patch_namespaced_ingress(ingress_name, ingress_namespace, ingress_instance)
if __name__ == '__main__':
import time
start = time.time()
patch_secretName_all("k8s 保密字典证书名称")
print(f"耗时:{time.time() - start}")
k8s 批量修改https证书 Python脚本。
安装依赖:pip install kubernetes==29.0.0
主要使用kubernetes pythonapi。 注意修改k8s 配置文件路径及 secretName值。