...
| 코드 블럭 |
|---|
# kubectl get secrets -n kube-system admin-user-secret -o jsonpath={.data.token} | base64 --decode
eyJhbGciOiJSUzI1NiIsImtpZCI6ImlVbmVfYWR4VE1kMlJneHBMZFBVcUlqUFBpNFBLcTFfQVgwNFBIUEhOU0kifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbi11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiODNkYWI4MzYtNzgyNy00OWY0LWI1OGYtOTk5YzAwNWYwNTcxIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmFkbWluLXVzZXIifQ.abULPEcgNFdGd5ix92wuN4G7s_gKwom3MeLap7wl2uLJATCi6mNaA-9F949mQAURJHbKm2oeAdZPabq91qCuxx4EY4b9z8Dd_kLVjdlrFVWiRIW0crvw9io_NljEtUfhOUA_j4LrzVZdx8_ZcirUNm2tBhx4dxJjuaIMW0yyqAwlXxmeeigfx_8bNMOfFSZJOY5zOHlrl3RYc254VZ75i9qAsYUZDVLIDZhyFQBuU8cpPPuyhsU_TurfrgiO9iRZDRcSZ88XK3JgUEqv2uSMwmTB45DCXfG7U4lpAD7dCr311N6TDgVq8pppQamDSKYFdhA_wqKKr-bbXNyvxxbMyA |
1.7 토큰 변수설정
| 코드 블럭 |
|---|
# export bearertoken=eyJhbGciOiJSUzI1NiIsImtpZCI6ImlVbmVfYWR4VE1kMlJneHBMZFBVcUlqUFBpNFBLcTFfQVgwNFBIUEhOU0kifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbi11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiODNkYWI4MzYtNzgyNy00OWY0LWI1OGYtOTk5YzAwNWYwNTcxIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmFkbWluLXVzZXIifQ.abULPEcgNFdGd5ix92wuN4G7s_gKwom3MeLap7wl2uLJATCi6mNaA-9F949mQAURJHbKm2oeAdZPabq91qCuxx4EY4b9z8Dd_kLVjdlrFVWiRIW0crvw9io_NljEtUfhOUA_j4LrzVZdx8_ZcirUNm2tBhx4dxJjuaIMW0yyqAwlXxmeeigfx_8bNMOfFSZJOY5zOHlrl3RYc254VZ75i9qAsYUZDVLIDZhyFQBuU8cpPPuyhsU_TurfrgiO9iRZDRcSZ88XK3JgUEqv2uSMwmTB45DCXfG7U4lpAD7dCr311N6TDgVq8pppQamDSKYFdhA_wqKKr-bbXNyvxxbMyA |
...
1.8 예제
1.8.1 nginx 파드 생성
| 코드 블럭 |
|---|
### 1. kubectl 명령어 사용 # kubectl run --image nginx nginx-pod --dry-run=client -o json | jq -c {"kind":"Pod","apiVersion":"v1","metadata":{"name":"nginx-pod","creationTimestamp":null,"labels":{"run":"nginx-pod"}},"spec":{"containers":[{"name":"nginx-pod","image":"nginx","resources":{}}],"restartPolicy":"Always","dnsPolicy":"ClusterFirst"},"status":{}} }} ### 2. 일반적인 호출 # curl --cacert /etc/kubernetes/pki/ca.crt -X POST -H 'Content-Type: application/json' -H "Authorization: Bearer $bearertoken" https://192.168.1.10:6443/api/v1/namespaces/default/pods --data '{"kind":"Pod","apiVersion":"v1","metadata":{"name":"nginx-pod","creationTimestamp":null,"labels":{"run":"nginx-pod"}},"spec":{"containers":[{"name":"nginx-pod","image":"nginx","resources":{}}],"restartPolicy":"Always","dnsPolicy":"ClusterFirst"},"status":{}}' ### 3. curl 7.61.0 이상버전에서의 호출 # curl --cacert ca.crt --oauth2-bearer "$bearertoken" -X POST -H 'Content-Type: application/json' https://192.168.110.111:6443/api/v1/namespaces/default/pods --data '{"kind":"Pod","apiVersion":"v1","metadata":{"name":"nginx-pod","creationTimestamp":null,"labels":{"run":"nginx-pod"}},"spec":{"containers":[{"name":"nginx-pod","image":"nginx","resources":{}}],"restartPolicy":"Always","dnsPolicy":"ClusterFirst"},"status":{}}' ### 실습 CentOS 환경 기본 curl 버전 [root@m-k8s pki]# curl --version curl 7.29.0 (x86_64-redhat-linux-gnu) |
1.8.2 nginx 파드 생성2
a.json 파일 생성 후 json 내용 삽입
...
| 코드 블럭 |
|---|
curl --cacert ca.crt --oauth2-bearer "$bearertoken" -X DELETE https://192.168.110.111:6443/apis/apps/v1/namespaces/default/deployments/nginx-deployment |
참고 사이트) https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2425/