Obtaining a Cluster Certificate
Function
This API is used to obtain a certificate of a specified cluster.
Constraints
This API is applicable to clusters of v1.13 and later.
URI
POST /api/v3/projects/{project_id}/clusters/{cluster_id}/clustercert
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. For details about how to obtain the value, see How to Obtain Parameters in the API URI. |
cluster_id |
Yes |
String |
Cluster ID. For details about how to obtain the value, see How to Obtain Parameters in the API URI. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
Content-Type |
Yes |
String |
Message body type (format). |
X-Auth-Token |
Yes |
String |
Requests for calling an API can be authenticated using either a token or AK/SK. If token-based authentication is used, this parameter is mandatory and must be set to a user token. For details, see Obtaining a User Token. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
duration |
Yes |
Integer |
Validity period of the cluster certificate, in days. Min: 1. Max: 10950 (30 x 365, assuming there are always 365 days for a year, ignoring leap years). Value -1 means the maximum value, 30 years. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
Port-ID |
String |
Port ID of the cluster master node |
Parameter |
Type |
Description |
---|---|---|
kind |
String |
API type. The value is fixed at Config and cannot be changed. |
apiVersion |
String |
API version. The value is fixed at v1. |
preferences |
Object |
This field is not used currently and is left unspecified by default. |
clusters |
Array of Clusters objects |
Cluster list |
users |
Array of Users objects |
Certificate information and client key information of a specified user |
contexts |
Array of Contexts objects |
Context list |
current-context |
String |
Current context. If publicIp (VM EIP) exists, the value is external. If publicIp does not exist, the value is internal. |
Parameter |
Type |
Description |
---|---|---|
name |
String |
Cluster name.
|
cluster |
ClusterCert object |
Cluster information |
Parameter |
Type |
Description |
---|---|---|
server |
String |
Server IP address |
certificate-authority-data |
String |
Certificate authorization data |
insecure-skip-tls-verify |
Boolean |
Whether to skip the server certificate verification. If the cluster type is externalCluster, the value is true. |
Parameter |
Type |
Description |
---|---|---|
name |
String |
The value is fixed at user. |
user |
User object |
Certificate information and client key information of a specified user |
Parameter |
Type |
Description |
---|---|---|
client-certificate-data |
String |
Client certificate |
client-key-data |
String |
PEM encoding data from the TLS client key file |
Parameter |
Type |
Description |
---|---|---|
name |
String |
Context name.
|
context |
Context object |
Context information |
Example Requests
Applying for a cluster access certificate valid for 30 days
{ "duration" : 30 }
Example Responses
Status code: 200
The certificate of the specified cluster is successfully obtained. For details about the certificate file format, see the Kubernetes v1.Config structure.
{ "kind" : "Config", "apiVersion" : "v1", "preferences" : { }, "clusters" : [ { "name" : "internalCluster", "cluster" : { "server" : "https://192.168.1.7:5443", "certificate-authority-data" : "Q2VydGlmaWNhdGU6******FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" } } ], "users" : [ { "name" : "user", "user" : { "client-certificate-data" : "LS0tLS1CRUdJTiBDR******QVRFLS0tLS0K", "client-key-data" : "LS0tLS1CRUdJTi******BLRVktLS0tLQo=" } } ], "contexts" : [ { "name" : "internal", "context" : { "cluster" : "internalCluster", "user" : "user" } } ], "current-context" : "internal" }
Status Codes
Status Code |
Description |
---|---|
200 |
The certificate of the specified cluster is successfully obtained. For details about the certificate file format, see the Kubernetes v1.Config structure. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot