docker hub
github
Kubernetes - curl访问k8s https
2022-05-09
获取ca证书
kubectl get secret $(kubectl get secrets | grep default-token | awk '{print $1}') -o jsonpath="{['data']['ca\.crt']}" | base64 --decode > /tmp/ca.crt
创建serviceaccount,将该账号加入到 cluster-admin 角色并获取token
kubectl create serviceaccount curl-user -n kube-system
kubectl create clusterrolebinding curl-user-binding --clusterrole=cluster-admin --serviceaccount=kube-system:curl-user -n kube-system
TOKEN=$(kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep curl-user | awk '{print $1}') | grep token:|awk '{print $2}')
请求apiserver
curl --cacert ca.crt -H "Authorization: Bearer $TOKEN" https://k8s-api:6443
kubectl方式
kubectl get --raw https://192.168.110.220:8443/metrics
kubectl get --raw /apis/metrics.k8s.io/v1beta1/nodes
标题:Kubernetes - curl访问k8s https
地址:https://blog.njqhome.com:8443/articles/2022/05/02/1651506171279.html