Kubernetes APIs
Description
Kubernetes APIs are resource-based (RESTful) programming interfaces provided through HTTP. It supports query, creation, update, and deletion of various cluster resources using standard HTTP request methods (POST, PUT, PATCH, DELETE, and GET).
CCE allows you to use native Kubernetes APIs in the following ways:
- Calling Kubernetes APIs Through the Cluster API Server. It is suitable for API calls on scale thanks to its direct connection to the API Server. This is a recommended option.
- Calling Kubernetes APIs Through API Gateway. It applies to small-scale API calls. API gateway flow control may be triggered when APIs are called on scale.
Calling Kubernetes APIs Through the Cluster API Server
You can use the API server of a Kubernetes cluster to call Kubernetes-native APIs.
- Obtain the cluster certificate and API server.
- Method 1: Obtain the certificate by calling the API for obtaining the cluster certificate, save the returned information to the kubeconfig.json file, and extract the certificate, private key, and API server information. The commands are as follows:
# Obtain the CA certificate of the cluster and save it as ca.crt. cat ./kubeconfig.json |grep certificate-authority-data | awk -F '"' '{print $4}' | base64 -d > ./ca.crt # Obtain the client certificate and save it as client.crt. cat ./kubeconfig.json |grep client-certificate-data | awk -F '"' '{print $4}' | base64 -d > ./client.crt # Obtain the client private key and save it as client.key. cat ./kubeconfig.json |grep client-key-data | awk -F '"' '{print $4}' | base64 -d > ./client.key # Obtain the API server. cat ./kubeconfig.json |grep server | awk -F '"' '{print $4}'
- Method 2: Obtain the API server IP address (private or public network address) on the Overview page of the CCE console and download the certificate (ca.crt, client.crt, and client.key files).
- Method 1: Obtain the certificate by calling the API for obtaining the cluster certificate, save the returned information to the kubeconfig.json file, and extract the certificate, private key, and API server information. The commands are as follows:
- Call Kubernetes-native APIs using the cluster certificate.
For example, run the curl command to call an API to view the pod information. The following is an example:
curl --cacert ./ca.crt --cert ./client.crt --key ./client.key https://192.168.0.198:5443/api/v1/namespaces/default/pods/
Specifically:
- ./ca.crt, ./client.crt, and ./client.key specify that the certificate files in the current path are used. Replace them with the actual file paths.
- 192.168.0.198:5443 is the IP address of the cluster API server.
- /api/v1/namespaces/default/pods/ specifies the URI of the cluster API for viewing pod information in the default namespace. For more cluster APIs, see Kubernetes API.
Calling Kubernetes APIs Through API Gateway
You can call Kubernetes-native APIs through API Gateway using the URL in the format of https://{clusterid}.Endpoint/uri. In the URL, {clusterid} indicates the cluster ID, and uri indicates the resource path, that is, the path for API access.
Parameter |
Description |
---|---|
{clusterid} |
Cluster ID. After a cluster is created, call the API for obtaining a cluster in a specified project to obtain the cluster ID. |
Endpoint |
Entry (URL) for a web service, which can be obtained from Endpoints. |
uri |
Access path of an API for performing an operation. Obtain the value from the URI of the API. For details, see Kubernetes API. |
- Obtain the token of the region where the cluster is located. For details about how to obtain the token, see Obtaining a Token.
- Obtain the cluster ID using either of the following methods:
- Method 1: Obtain the cluster UID by calling the API for obtaining cluster information.
- Method 2: Obtain the cluster ID on the Overview page of the CCE console.
- Determine the requested URL based on the URL format https://{clusterid}.Endpoint/uri.
- {clusterid}: Obtain the value by using 2.
- Endpoint: Obtain the endpoint from Regions and Endpoints.
For example, the endpoint of CCE in the AP-Singapore region is cce.ap-southeast-3.myhuaweicloud.com.
- uri: Set this parameter based on the API to be called. For example, if you want to create a Deployment, the request method is POST and the API URI is /apis/apps/v1/namespaces/{namespace}/deployments, where {namespace} indicates the cluster namespace name. In this example, the value is default.
For more APIs, see Kubernetes APIs.
Combine the preceding parameters following the URL format https://{clusterid}.Endpoint/uri.
The following is an example of the URL for calling the API to view information about all pods:https://07da5*****.cce.ap-southeast-3.myhuaweicloud.com/apis/apps/v1/namespaces/default/deployments
- Use the request method specified by the API and set the request header parameters. If parameters in the body need to be added, add the structure corresponding to the API by referring to Kubernetes APIs.
Example curl command to call the API for creating a Deployment using POST and adding the corresponding body:
In this example, the nginx.json file is used to create a Deployment named nginx. The Deployment uses the nginx:latest image and contains two pods. Each pod occupies 100m CPU and 200 MiB memory.
curl --location --request POST 'https://07da5*****.cce.ap-southeast-3.myhuaweicloud.com/apis/apps/v1/namespaces/default/deployments' \ --header 'Content-Type: application/json' \ --header 'X-Auth-Token: MIIWvw******' \ --data @nginx.json
Header parameters contained in the request are as follows:Table 2 Request header parameters Parameter
Mandatory
Type
Description
Content-Type
Yes
String
Message body type (format), for example, application/json.
X-Auth-Token
Yes
String
Requests for calling an API can be authenticated using either a token or AK/SK. If token-based authentication is used, this parameter is mandatory and must be set to a user token. For details, see Obtaining a Token.
nginx.json is located in the current directory and contains the following content:
{ "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "name": "nginx" }, "spec": { "replicas": 2, "selector": { "matchLabels": { "app": "nginx" } }, "template": { "metadata": { "labels": { "app": "nginx" } }, "spec": { "containers": [ { "image": "nginx:latest", "name": "container-0", "resources": { "limits": { "cpu": "100m", "memory": "200Mi" }, "requests": { "cpu": "100m", "memory": "200Mi" } } } ], "imagePullSecrets": [ { "name": "default-secret" } ] } } } }
Related Documents
- Accessing a Cluster Using Kubernetes APIs
- Kubernetes official SDKs (including Go, Python, and Java)
Language
Client Library
Sample Program
C
dotnet
Go
Haskell
Java
JavaScript
Perl
Python
Ruby
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot