Java api 操作 kubernetes
Java api 操作 kubernetes
一、api接口访问方式
授权方式
调用k8s使用rest api形式一个是安全的地址https:127.0.0.1:6443,这个地址需要有认证权限的,可以是token方式或者是证书,这个也是我一开始使用的方式,无奈没有办法知道token什么时候过期,但是目前实验只要K8s正常启动一直没有换token也还是可以使用
查看kubernetes的token
不授权方式
第二个方式是不安全的地址http😕/127.0.0.1:8008,就是说可以不用认证权限就可以直接访问K8s了,因为真的不知道token什么时候过期,2是k8s不稳定老是重装我就得需要换token
输入如下命令:
vim /etc/kubernetes/manifests/kube-apiserver.yaml在下图的地方添加以下,写好以后保存退出,他就会重启稍微等一下我们就可以访问一下地址
- --enable-swagger-ui=true
- --insecure-bind-address=0.0.0.0
- --insecure-port=8008
我们就可以访问了
二、Java api 操作 k8s
<dependency>
<groupId>io.kubernetes</groupId>
<artifactId>client-java</artifactId>
<version>12.0.0</version>
<scope>compile</scope>
</dependency>k8s初始化
private static ApiClient getApiClient(){
String master = "https://127.0.0.1:6443";
String oauthToken = "eyJhbGciOiJSUzI1NiIsImtpZCI6InNRRi1VVFpmUE9nQ3VNc25kcVFXV29nVGZWN0hJX1N5WndHX1p4STc2a3cifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrOHMtdG9rZW4tN3pmajIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpYdC5uYW1lIjoiazhzIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNWVlZjQ0MDQtYWY5OS00NDE4LTk2YTctZWFmYzlkNDJhNmYxIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOms4cyJ9.npRtUn7_AM0yPmdHdwN76CKlNOkc8sWJcOuhCKHT-o58oRvg5_kDfCIZyfhV0UjepkLhq1xzP_mHbbUu8_u5SnTbpFhqslOoKywXsI17oDOIQk44nXyRkrGzsM4xNKN9kov4fzSpQqhHNGfXIMA1D0WGD2nZzh2CMklVhVzbWDDnLGgzhzBr9WNDuyBVXlJc40Tz_B0aTurxZ1yZ2P34VSK_vXW8mWWZxfCSRSf6L2vyHfKwhA4ogoqopHANwOpE0O1Fz8q50kclcyxc9a-GD3nPzYISLnGbDAsuKD4qEAi6QhnXVDdUEf9XYvzTvkBeTvL8g4YSGZrQ";
ApiClient apiClient = new ClientBuilder()
//设置 k8s 服务所在 ip地址
.setBasePath(master)
//是否开启 ssl 验证
.setVerifyingSsl(false)
//插入访问 连接用的 Token
.setAuthentication(new AccessTokenAuthentication(oauthToken))
.build();
io.kubernetes.client.openapi.Configuration.setDefaultApiClient(apiClient);
return apiClient;
}创建命名空间
@RequestMapping("/create/namespace")
public Map<String, String> testNamespace(V1Namespace namespace){
Map<String, String> message = new HashMap<>();
//初始化k8s
ApiClient apiClient = getApiClient();
CoreV1Api coreV1Api = new CoreV1Api(apiClient);
try {
V1Namespace result = coreV1Api.createNamespace(namespace, null, null, null);
message.put("success", "应用命名空间创建成功!");
} catch (ApiException e) {
if (e.getCode() == 409) {
message.put("error", "命名空间已重复!");
}
if (e.getCode() == 200) {
message.put("success", "应用命名空间创建成功!");
}
if (e.getCode() == 201) {
message.put("error", "命名空间已重复!");
}
if (e.getCode() == 401) {
message.put("error", "无权限操作!");
}
message.put("error", "应用命名空间创建失败!");
}
return message;
}创建命名空间的参数值
{
"apiVersion":"v1",
"kind":"Namespace",
"metadata":{"name":"test-namespace","labels":{"name":"test-namespace"}}
}
创建Deployment应用
@Data
@AllArgsConstructor
@NoArgsConstructor
public class DeploymentDTO {
private String metadata_name;
private String metadata_namespace;
private String labels_workLayer;
private Integer spec_replicas;
private String containers_name;
private String containers_image;
private String containers_imagePullPolicy;
private String remark;
}@PostMapping("/create/deployments")
public Map<String, String> createDeployments(@RequestBody DeploymentDTO deploymentDTO){
Map<String, String> messages = new HashMap<>();
// 赋值操作
V1Deployment deployment = new V1Deployment();
deployment.setApiVersion("apps/v1");
deployment.kind("Deployment");
// 赋值metadata
V1ObjectMeta objectMeta = new V1ObjectMeta();
objectMeta.name(deploymentDTO.getMetadata_name());
objectMeta.namespace(deploymentDTO.getMetadata_namespace());
Map<String, String> labels = new HashMap<>();
labels.put("app","nginx");
objectMeta.labels(labels);
// 赋值spec
V1DeploymentSpec deploymentSpec = new V1DeploymentSpec();
//赋值spec-selector
V1LabelSelector selector = new V1LabelSelector();
Map<String, String> matchLabels = new HashMap<>();
matchLabels.put("app","nginx");
selector.matchLabels(matchLabels);
//赋值template
V1PodTemplateSpec templateSpec = new V1PodTemplateSpec();
V1ObjectMeta metadata = new V1ObjectMeta();
metadata.labels(labels);
templateSpec.metadata(metadata);
// spec-Template下的Spec
V1PodSpec podSpec = new V1PodSpec();
// spec-Template-spec-container
List<V1Container> listContainer = new ArrayList<>();
V1Container container = new V1Container();
container.setName(deploymentDTO.getContainers_name());
container.setImage(deploymentDTO.getContainers_image());
container.setImagePullPolicy(deploymentDTO.getContainers_imagePullPolicy());
// spec-Template-spec-container-ports
List<V1ContainerPort> ports = new ArrayList<>();
V1ContainerPort v1ContainerPort = new V1ContainerPort();
v1ContainerPort.setContainerPort(88);
container.setPorts(ports);
listContainer.add(container);
podSpec.setContainers(listContainer);
templateSpec.setSpec(podSpec);
deploymentSpec.setReplicas(deploymentDTO.getSpec_replicas());
deploymentSpec.setTemplate(templateSpec);
deploymentSpec.setSelector(selector);
deployment.setMetadata(objectMeta);
deployment.setSpec(deploymentSpec);
ApiClient client = getApiClient();
AppsV1Api apiInstance = new AppsV1Api(client);
try {
V1Deployment result = apiInstance.createNamespacedDeployment(objectMeta.getNamespace(), deployment, null, null, null);
messages.put("success", "工作负载创建成功!");
} catch (ApiException e) {
if (e.getCode() == 409) {
messages.put("error", "工作负载创建已重复!");
} else if (e.getCode() == 200) {
messages.put("success", "工作负载创建成功!");
} else if (e.getCode() == 201) {
messages.put("error", "工作负载创建已重复!");
} else if (e.getCode() == 401) {
messages.put("error", "无权限操作!");
} else {
messages.put("error", "工作负载创建失败!");
}
}
return messages;
}创建Deployment的参数值
{
"metadata_name":"nginx-deployment",
"metadata_namespace":"test-hl2",
"labels_workLayer":"svc",
"spec_replicas":3,
"containers_name":"ngninx-test",
"containers_image":"nginx:latest",
"containers_imagePullPolicy":"IfNotPresent",
"remark":"测试项目"
}
创建Service服务
@Data
@AllArgsConstructor
@NoArgsConstructor
public class ServiceDTO {
private String metadata_name;
private String metadata_namespace;
private String labels_workLayer;
private String spec_type;
private Integer spec_ports_port;
private Integer spec_ports_targetPort;
private String spec_ports_protocol;
}@PostMapping("/create/service")
public Map<String, String> createService(@RequestBody ServiceDTO serviceDTO) {
Map<String, String> message = new HashMap<>();
ApiClient client = getApiClient();
CoreV1Api apiInstance = new CoreV1Api(client);
//赋值
V1Service body = new V1Service();
body.setApiVersion("v1");
body.setKind("Service");
V1ObjectMeta objectMeta = new V1ObjectMeta();
objectMeta.setName(serviceDTO.getMetadata_name());
objectMeta.setNamespace(serviceDTO.getMetadata_namespace());
//赋值spec
V1ServiceSpec serviceSpec = new V1ServiceSpec();
//spec-type
serviceSpec.setType(serviceDTO.getSpec_type());
//spec-ports
List<V1ServicePort> servicePorts = new ArrayList<>();
V1ServicePort servicePort = new V1ServicePort();
servicePort.setPort(serviceDTO.getSpec_ports_port());
servicePort.setProtocol(serviceDTO.getSpec_ports_protocol());
servicePort.setTargetPort(new IntOrString(serviceDTO.getSpec_ports_targetPort()));
servicePorts.add(servicePort);
serviceSpec.ports(servicePorts);
// spec-selector
Map<String, String> selector = new HashMap<>();
selector.put("app","nginx");
serviceSpec.setSelector(selector);
body.setMetadata(objectMeta);
body.setSpec(serviceSpec);
try {
V1Service result = apiInstance.createNamespacedService(serviceDTO.getMetadata_namespace(), body, null, null, null);
message.put("success", "工作负载服务创建成功!");
} catch (ApiException e) {
if (e.getCode() == 409) {
message.put("error", "工作负载服务创建已重复!");
} else if (e.getCode() == 200) {
message.put("success", "工作负载服务创建成功!");
} else if (e.getCode() == 201) {
message.put("error", "工作负载服务创建已重复!");
} else if (e.getCode() == 401) {
message.put("error", "无权限操作!");
} else if (e.getCode() == 400) {
message.put("error", "后台参数错误!");
} else if (e.getCode() == 400) {
message.put("error", "没有命名空间或没有Deployment!");
} else {
message.put("error", "工作负载服务创建失败!");
}
}
return message;
}
}
版权说明 : 本文为转载文章, 版权归原作者所有 版权申明
原文链接 : https://blog.csdn.net/weixin_43296313/article/details/123187862
内容来源于网络,如有侵权,请联系作者删除!