API 접근하기
클러스터 명 확인
vagrant@master:~$ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://192.168.56.10:6443
name: kubernetes
contexts: - context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users: - name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED
vagrant@master:~$ kubectl config view -o jsonpath='{"Cluster name\tServer\n"}{range .clusters[*]}{.name}{"\t"}{.cluster.server}{"\n"}{end}'
Cluster name Server
kubernetes https://192.168.56.10:6443
API 서버 확인
vagrant@master:~$ export CLUSTER_NAME="kubernetes"
vagrant@master:~$ APISERVER=(kubectl config view -o jsonpath="{.clusters[?(@.name==\"CLUSTER_NAME\")].cluster.server}")
vagrant@master:~$ echo $APISERVER
https://192.168.56.10:6443
토큰 보관 시크릿 생성
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: default-token
annotations:
kubernetes.io/service-account.name: default
type: kubernetes.io/service-account-token
EOF
디폴트 토큰 확인
vagrant@master:~$ kubectl describe secret default-token
Name: default-token
Namespace: default
Labels:
Annotations: kubernetes.io/service-account.name: default
kubernetes.io/service-account.uid: ab0a1a8b-0f00-415a-9dfd-0ed06390c531
Type: kubernetes.io/service-account-token
Data
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IklxM3NXZDJtLVF5S0cxVnFVNHZQamVzeC1wWkx6U2V6blkyTXVqRUNaTk0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImFiMGExYThiLTBmMDAtNDE1YS05ZGZkLTBlZDA2MzkwYzUzMSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZmF1bHQifQ.uOD8CNbBvpy-McPIECc3SG77j4e3ybheMthhaKbk-saHAy02QY7dByAOKrHYlNjB6w7Xof-fiFVr0nsNALX2Q5O-jyiTDHPmURec-vC0Qn7W452QvgW3yUIYUaPWgH-MXCLJFlbE8ztD2kFOz0-klIqU_1FM-Udd_NFT-MtDmHOdvOv2Ww7GeGdThCNn_cz9f0z2ks_9D1Qe8D8H7sNQk0LfwWy1vVnqhVcjnz97yNiZ2EdDG3bCFEql7RHhangE14Ab5ohuivOyFbZAYErIh4CciD7lEPHL2BoC31NDdSBFEVl0OBtzVzGYs5tP5cBXknbUuRccP3ARsFXCj3MGtA
ca.crt: 1107 bytes
namespace: 7 bytes
토큰 확인
vagrant@master:~$ TOKEN= echo $TOKEN
eyJhbGciOiJSUzI1NiIsImtpZCI6IklxM3NXZDJtLVF5S0cxVnFVNHZQamVzeC1wWkx6U2V6blkyTXVqRUNaTk0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtdG9rZW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImFiMGExYThiLTBmMDAtNDE1YS05ZGZkLTBlZDA2MzkwYzUzMSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZmF1bHQifQ.uOD8CNbBvpy-McPIECc3SG77j4e3ybheMthhaKbk-saHAy02QY7dByAOKrHYlNjB6w7Xof-fiFVr0nsNALX2Q5O-jyiTDHPmURec-vC0Qn7W452QvgW3yUIYUaPWgH-MXCLJFlbE8ztD2kFOz0-klIqU_1FM-Udd_NFT-MtDmHOdvOv2Ww7GeGdThCNn_cz9f0z2ks_9D1Qe8D8H7sNQk0LfwWy1vVnqhVcjnz97yNiZ2EdDG3bCFEql7RHhangE14Ab5ohuivOyFbZAYErIh4CciD7lEPHL2BoC31NDdSBFEVl0OBtzVzGYs5tP5cBXknbUuRccP3ARsFXCj3MGtA
API 호출
curl -X GET $APISERVER/api --header "Authorization: Bearer $TOKEN" --insecure
API 목록 가져오기
vagrant@master:~$ curl -X GET $APISERVER/apis --header "Authorization: Bearer $TOKEN" --insecure
{
"kind": "APIGroupList",
"apiVersion": "v1",
"groups": [
{
"name": "apiregistration.k8s.io",
"versions": [
{
"groupVersion": "apiregistration.k8s.io/v1",
"version": "v1"
}
],
"preferredVersion": {
"groupVersion": "apiregistration.k8s.io/v1",
"version": "v1"
}
},
{
"name": "apps",
"versions": [
{
"groupVersion": "apps/v1",
"version": "v1"
}
],
...curl -X GET $APISERVER/apis/batch/v1 --header "Authorization: Bearer $TOKEN" --insecure
curl -X GET $APISERVER/apis/batch/v1/jobs --header "Authorization: Bearer $TOKEN" --insecure
curl -X GET $APISERVER/openapi/v2 --header "Authorization: Bearer $TOKEN" --insecure