Using the Karmada API

Karmada API Description

Karmada API is the application that serves Karmada functionality through a RESTful interface and stores the state of Karmada. Federated resources can be obtained, created, updated, and deleted via HTTP calls (POST, PUT, PATCH, DELETE, and GET) to the API. For details, see Karmada API.

UCS can call Karmada API through API Gateway.

Calling Karmada API Through API Gateway

Karmada API can be called through API Gateway. The URL format is https://{Fleet name}.fleet.ucs.{Region}-dev.myhuaweicloud.com/{URI}.

**Table 1** URL parameters
Parameter	Description
{Fleet name}	Fleet name, which can be obtained from the basic fleet information on the console.
{Region}	URL of the region that the service belongs to, which can be obtained from Endpoints. Example: The region of CN North-Beijing4 is cn-north-4.
{URI}	Access path of an API for performing a specified operation. Obtain the value from the URI of the API. For details, see Karmada API. Example: Set this parameter based on the API to be called. For example, if you want to view details about a Deployment, the request method is GET and the API URI is apis/apps/v1/{namespaces}/default/deployments. {namespace} indicates the cluster namespace name. In this example, the value is default.

Log in to the UCS console and click the name of the target fleet to go to its details page. Then, click kubectl in Fleet Info.
Select a project, VPC, master node subnet, and validity period as prompted and click Download to download the kubectl configuration file.
The name of the downloaded file is kubeconfig.json.

If the kubeconfig.json file is leaked, your clusters may be attacked. Keep it secure.

The validity period of the kubectl configuration file can be set as required. The options are 5 years, 1 year, 6 months, 30 days, and 15 days to 1 day. The minimum value is 1 day.
Install and configure kubectl on the executor.
1. Copy kubectl and its configuration file to the /home directory on the executor in the selected VPC and subnet.
2. Log in to your executor and configure kubectl.
  cd /home
  
  chmod +x kubectl
  
  mv -f kubectl /usr/local/bin
  
  mkdir -p $HOME/.kube
  
  mv -f kubeconfig.json $HOME/.kube/config
Determine the requested URL based on the URL format.
- {Fleet name} indicates the fleet name, which can be obtained from the basic fleet information on the console.
- {Region} indicates the URL of the region that the service belongs to, which can be obtained from Endpoints.
- {URL} Access path of an API for performing an operation on resources. Obtain the value from the URI of the API. For details, see Karmada API.
The following is an example URL for calling the API to view information about all Deployments in the federation:
```
https://r******.fleet.ucs.cn-north-4-dev.myhuaweicloud.com/apis/apps/v1/namespaces/default/deployments
```

Obtain the bearer token corresponding to the request for creating an Admin Role.

Save the following content to the admin-role.yaml file:

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

Run the kubectl apply -f admin-role.yaml command to create the service account and permissions.
Run the kubectl create token admin --namespace kube-system command to obtain the bearer token of the service account.
Set the environment variable token to the bearer token obtained in the previous step.

Use the request method specified by the API and set the request header parameters. If parameters in the body need to be added, add the structure corresponding to the API by referring to Karmada API.

Example curl command to call the API for creating a Deployment using POST and adding the corresponding body:

In this example, the nginx.json file is used to create a Deployment named nginx. The Deployment uses the nginx:latest image and contains two pods. Each pod occupies 100m CPU and 200 MiB memory. After the Deployment is created, you can refer to the preceding steps to obtain the URI of PropagationPolicy from Karmada API and create a distribution policy.

curl --location --request POST 'https://r*****.fleet.ucs.cn-north-4-dev.myhuaweicloud.com/apis/apps/v1/deployments' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer $token' \
--data @nginx.json

The following table lists the header parameters contained in the request.

**Table 2** Parameters in the request header
Parameter	Mandatory	Data Type	Description
Content-Type	Yes	String	Message body type (format), for example, application/json.
Authorization	Yes	String	For details about how to obtain the bearer token, see 5.

The content of the nginx.json file is as follows:

{
    "apiVersion": "apps/v1",
    "kind": "Deployment",
    "metadata": {
        "name": "nginx"
    },
    "spec": {
        "replicas": 2,
        "selector": {
            "matchLabels": {
                "app": "nginx"
            }
        },
        "template": {
            "metadata": {
                "labels": {
                    "app": "nginx"
                }
            },
            "spec": {
                "containers": [
                    {
                        "image": "nginx:latest",
                        "name": "container-0",
                        "resources": {
                            "limits": {
                                "cpu": "100m",
                                "memory": "200Mi"
                            },
                            "requests": {
                                "cpu": "100m",
                                "memory": "200Mi"
                            }
                        }
                    }
                ],
                "imagePullSecrets": [
                    {
                        "name": "default-secret"
                    }
                ]
            }
        }
    }
}

Previous topic: Updating a Permission Policy

Next topic: Appendix

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot