在Google Container Engine上访问Kubernetes API
[英]Accessing Kubernetes API on Google Container Engine
问题描述
According to Kubernetes API docs it is possible to create/list/delete pods, replication controllers and services: 
根据Kubernetes API文档,可以创建/列出/删除Pod,复制控制器和服务:
http://kubernetes.io/third_party/swagger-ui/#!/v1beta1 http://kubernetes.io/third_party/swagger-ui/#!/v1beta1
However in the Google Container Engine documentation they don't seem to expose this API. 但是,在Google Container Engine文档中,它们似乎没有公开此API。 The only resources you can manage through a REST API are clusters. 可以通过REST API管理的唯一资源是群集。 Pods, replication controllers and services have to be managed using gcloud. 必须使用gcloud管理Pod,复制控制器和服务。
Is it possible to access the Kubernetes API when using Google Container Engine? 使用Google Container Engine时是否可以访问Kubernetes API?
2 个解决方案
解决方案1
4 2016-09-18 01:57:23
I created a blog post just for this topic. 我为此主题创建了一个博客文章 。 It includes a video walkthrough of the code and demo. 它包括代码和演示的视频演练。 Essentially, you can get the Kubernetes credentials from the Google Container Engine API. 本质上,您可以从Google Container Engine API获取Kubernetes凭据。 Here is how to do it in golang: 这是在golang中的操作方法:
func newKubernetesClient(clstr *container.Cluster) (*kubernetes.Clientset, error) {
cert, err := base64.StdEncoding.DecodeString(clstr.MasterAuth.ClientCertificate)
if err != nil {
return nil, err
}
key, err := base64.StdEncoding.DecodeString(clstr.MasterAuth.ClientKey)
if err != nil {
return nil, err
}
ca, err := base64.StdEncoding.DecodeString(clstr.MasterAuth.ClusterCaCertificate)
if err != nil {
return nil, err
}
config := &rest.Config{
Host: clstr.Endpoint,
TLSClientConfig: rest.TLSClientConfig{CertData: cert, KeyData: key, CAData: ca},
Username: clstr.MasterAuth.Username,
Password: clstr.MasterAuth.Password,
// Insecure: true,
}
kbrnts, err := kubernetes.NewForConfig(config)
if err != nil {
return nil, err
}
return kbrnts, nil
}
解决方案2
1 已采纳 2015-02-24 16:02:13
Once you launch your container cluster on Google Container Engine, you will have a master running the kubernetes API on a VM in your GCP project. 在Google Container Engine上启动容器集群后,您将拥有一个在GCP项目中的VM上运行kubernetes API的主服务器。 If you run gcloud preview container clusters list you will see the endpoint at which the kubernetes API is available as well as the http basic auth credentials needed to access it. 如果运行gcloud preview container clusters list您将看到kubernetes API可用的端点以及访问它的http基本身份验证凭据。
gcloud comes bundled with a recent version of kubectl and the ability to execute it for any container cluster you have launched with Google Container Engine. gcloud与最新版本的kubectl捆绑在一起,并且可以对您使用Google Container Engine启动的任何容器集群执行该命令。 To list pods, for instance, you can run gcloud preview container kubectl list pods . 例如,要列出Pod,可以运行gcloud preview container kubectl list pods 。
https://cloud.google.com/sdk/gcloud/reference/preview/container/kubectl describes the gcloud preview container kubectl command and what flags it accepts. https://cloud.google.com/sdk/gcloud/reference/preview/container/kubectl描述了gcloud preview container kubectl命令及其接受的标志。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.