stackoom
  简体   繁体   中英

Access kubernetes cluster API from Nodejs

 原文  2022-01-28 18:24:19       node.js/ kubernetes

Question

I have a client side react app that was scaffolded out of Create React App. This is deployed in Kubernetes cluster and is exposed to internet.

Now, I would like to access REST API from this API. This REST API is deployed to the same cluster but exposed only to the cluster (not internet).

My question is If I add Nodejs server layer for my client side react app and deploy to the same cluster, will I be able to access the REST API without being exposed to internet?

Or, should I go with exposing REST API to internet?

1 answers

solution1
 0  2022-01-28 20:59:28

Not sure I follow exactly. However you can access the k8s API from a node.js server deployed in a POD, it will get the same permissions as the POD.

I have something similar to this, an express application running in the pod that provides a REST API for a REACT app, calling the REST API looks up the specific k8s API I need for the APP. We routinely prototype these REST -> k8sAPIs with NodeRed as well.

Hope this helps, an example below. (full disclosure, hacker not programmer;-)

example....

const axios = require("axios");
const k8s = require("@kubernetes/client-node");


const kc = new k8s.KubeConfig();
kc.loadFromDefault();


async function getnskey(user) {
//Match username from gitlab with ns-map/namespace key and return   
    const k8sApi = kc.makeApiClient(k8s.CoreV1Api);

    const response = await k8sApi.readNamespacedConfigMap('ns-map', 'epicmgrsrv')

    let userns;
    
    let userlist = response.body.data;

    if ( userlist.hasOwnProperty(user)) {
        userns = userlist[user];
    }

    const response2 = await k8sApi.readNamespacedSecret('mgrsrvkey', userns)

    //let key = Buffer.from(response2.body.data["key"], 'base64').toString();

    const nskey = {
        userns: userns,
        nskey: response2.body.data["key"],
    };

    return nskey;
}

app.get("/user", (req, res) => {
    console.log("getting user data!");
//    console.log(JSON.stringify(req.headers));


    if (typeof(req.headers.authorization) !== undefined && req.headers.authorization.length > 10 ) {
        axios.get("https://api.github.com/user" , {
            headers: {
                Authorization: req.headers.authorization,
            },
        }).then((response) => {
            getnskey(response.data.login)
            .then(nskey => {

                const user = {
                    name: response.data.login,
                    userns: nskey.userns,
                    nskey: nskey.nskey,
                }
                console.log(user);
                res.send(user)
            })
        });
    } else {
        console.log("no authorization");
    }


    });

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Redis connect ECONNREFUSED in NodeJS in Kubernetes cluster How to use kubernetes api client from inside pod in nodejs NodeJs api container crashing in kubernetes Unable to access local certificate on kubernetes cluster kubernetes cluster secure entry point for api app nodejs in kubernetes cluster dont stay runing - CrashLoopBackOff Does it make sense to use NodeJS cluster package with Kubernetes? how to test nodejs application which is deployed as a pod on kubernetes cluster? What API client is recommended for Kubernetes for NodeJS? Read Kubernetes configMap , nodeJS/express API application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM