k8s restful API 结构分析
k8s的api-server组件负责提供restful api访问端点, 并且将数据持久化到etcd server中. 那么k8s是如何组织它的restful api的?
一, namespaced resources
所谓的namespaced resources,就是这个resource是从属于某个namespace的, 也就是说它不是cluster-scoped的资源. 比如pod, deployment, service都属于namespaced resource. 那么我们看一下如何请求一个namespaced resources.
http://localhost:8080/api/v1/namespaces/default/pods/test-pod
可以看出, 该restful api的组织形式是:
| api | api版本 | namespaces | 所属的namespace | 资源种类 | 所请求的资源名称 |
| api | v1 | namespaces | default | pods | test-pod |
这里api version如果是v1的话,表示这是一个很稳定的版本了, 以后不会有大的修改,并且当前版本所支持的所有特性以后都会兼容. 而如果版本号是v1alpha1, v1beta1之类的,则不保证其稳定性.
二, non-namespaced resources
http://localhost:8080/apis/rbac.authorization.k8s.io/v1/clusterroles/test-clusterrole
这里可以观察到它clusterrole与pod不同, apis表示这是一个非核心api. rbac.authorization.k8s.io指代的是api-group, 另外它没有namespaces字段, 其他与namespaced resources类似.不再赘述.
三, non-resource url
这类资源和pod, clusterrole都不同. 例如
http://localhost:8080/healthz/etcd
这就是用来确认etcd服务是不是健康的.它不属于任何namespace,也不属于任何api版本.
总结, k8s的REST API的设计结构为:
[api/apis] / api-group / api-version / namespaces / namespace-name / resource-kind / resource-name
apis / rbac.authorization.k8s.io / v1 / namespaces / default / roles / test-role
所有的api结构都可以通过访问相关断点来获取信息, 最低一层为api-server的地址, 访问结果如下:
{ "paths": ["/api","/api/v1","/apis","/apis/","/apis/admissionregistration.k8s.io","/apis/admissionregistration.k8s.io/v1beta1","/apis/apiextensions.k8s.io","/apis/apiextensions.k8s.io/v1beta1","/apis/apiregistration.k8s.io","/apis/apiregistration.k8s.io/v1","/apis/apiregistration.k8s.io/v1beta1","/apis/apps","/apis/apps/v1","/apis/apps/v1beta1","/apis/apps/v1beta2","/apis/authentication.k8s.io","/apis/authentication.k8s.io/v1","/apis/authentication.k8s.io/v1beta1","/apis/authorization.k8s.io","/apis/authorization.k8s.io/v1","/apis/authorization.k8s.io/v1beta1","/apis/autoscaling","/apis/autoscaling/v1","/apis/autoscaling/v2beta1","/apis/autoscaling/v2beta2","/apis/batch","/apis/batch/v1","/apis/batch/v1beta1","/apis/certificates.k8s.io","/apis/certificates.k8s.io/v1beta1","/apis/coordination.k8s.io","/apis/coordination.k8s.io/v1beta1","/apis/events.k8s.io","/apis/events.k8s.io/v1beta1","/apis/extensions","/apis/extensions/v1beta1","/apis/networking.k8s.io","/apis/networking.k8s.io/v1","/apis/policy","/apis/policy/v1beta1","/apis/rbac.authorization.k8s.io","/apis/rbac.authorization.k8s.io/v1","/apis/rbac.authorization.k8s.io/v1beta1","/apis/scheduling.k8s.io","/apis/scheduling.k8s.io/v1beta1","/apis/storage.k8s.io","/apis/storage.k8s.io/v1","/apis/storage.k8s.io/v1beta1","/healthz","/healthz/autoregister-completion","/healthz/etcd","/healthz/log","/healthz/ping","/healthz/poststarthook/apiservice-openapi-controller","/healthz/poststarthook/apiservice-registration-controller","/healthz/poststarthook/apiservice-status-available-controller","/healthz/poststarthook/bootstrap-controller","/healthz/poststarthook/ca-registration","/healthz/poststarthook/generic-apiserver-start-informers","/healthz/poststarthook/kube-apiserver-autoregistration","/healthz/poststarthook/rbac/bootstrap-roles","/healthz/poststarthook/scheduling/bootstrap-system-priority-classes","/healthz/poststarthook/start-apiextensions-controllers","/healthz/poststarthook/start-apiextensions-informers","/healthz/poststarthook/start-kube-aggregator-informers","/healthz/poststarthook/start-kube-apiserver-admission-initializer","/healthz/poststarthook/start-kube-apiserver-informers","/logs","/metrics","/openapi/v2","/swagger-2.0.0.json","/swagger-2.0.0.pb-v1","/swagger-2.0.0.pb-v1.gz","/swagger.json","/swaggerapi","/version" ]}
作者:ElNinoT
来源链接:https://www.cnblogs.com/elnino/p/9578017.html
版权声明:
1、JavaClub(https://www.javaclub.cn)以学习交流为目的,由作者投稿、网友推荐和小编整理收藏优秀的IT技术及相关内容,包括但不限于文字、图片、音频、视频、软件、程序等,其均来自互联网,本站不享有版权,版权归原作者所有。
2、本站提供的内容仅用于个人学习、研究或欣赏,以及其他非商业性或非盈利性用途,但同时应遵守著作权法及其他相关法律的规定,不得侵犯相关权利人及本网站的合法权利。
3、本网站内容原作者如不愿意在本网站刊登内容,请及时通知本站(javaclubcn@163.com),我们将第一时间核实后及时予以删除。
