首先,得有一个go项目。 其次,有一个K8s服务在运行,查询其版本:
kubectl version
Client Version: version.Info{... GitVersion:"v1.19.9" ...}
Server Version: version.Info{... GitVersion:"v1.19.9"...}
可以看到版本是1.19.0。因此我们需要下载对应的client-go版本。进入项目的根路径,下面有个go.mod。在terminal里输入如下:
go get k8s.io/client-go/kubernetes@v0.19
go get k8s.io/client-go@v0.19
go mod tidy
这样,这些包就全部引用进来了。
连接的代码如下:
package main
import (
"context"
"crypto/tls"
"fmt"
metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"log"
"net"
"net/http"
"time"
)
var K8sClient *kubernetes.Clientset
func main() {
var tlsConfig = &tls.Config{
InsecureSkipVerify: true, // 忽略证书验证
}
var transport http.RoundTripper = &http.Transport{
DialContext: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).DialContext,
MaxIdleConns: 100,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
TLSClientConfig: tlsConfig,
DisableCompression: true,
}
config := &rest.Config{
Host: "https://<IP>:6443",
//拷贝token里面的值
BearerToken: "eyJhbGciOiJSUzI1NiIsImtpZCI6Ik5nYVFiZFVIdmlUUTlJTDBDc2RSX2prUlI3cHNQOWFHLUE0akIxVWFmODgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZDRybXEiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYTRjYTUyOGMtYWFlNi00MTQ3LTgwNTEtNDAyZDk3NDQ1MTlhIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.DZ91Q-7Wy-uuPb5wi-pMBYXj-gzUCXOhe58q80LUdMZa718gXXPLgXaVfYNFuf4IaI6dyYuGdGGmPsD7pjEHjoSv71GEun1BBNQx7imx0deiXKqZggVG_nRXSaQ0ibFzU-dhQSwqMu1z_5Rgu9-_mSRdW0fI0qwf6DsuE2RgRWc2-bMubNs1zkiVEy4AWQoV4eDYHalQ4PmQxIHAbz6hUodG6btjgU6zt1tZ4n9jzHNjHWSOaPr6mp00hz1meaUAWoKWiI2_bvVr0Nt6La44dCopHQqlJYr39wEI2OFK4hIsYuQ22QldKz607VQuvPwI45aYRYZLV1JG0obBsazk2A",
Transport: transport,
}
c, err := kubernetes.NewForConfig(config)
if err != nil {
log.Fatal(err)
}
K8sClient = c
nodeList, err := K8sClient.CoreV1().Nodes().List(context.TODO(), metaV1.ListOptions{})
if err != nil {
log.Fatal(err)
}
for _, node := range nodeList.Items {
fmt.Printf("%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n",
node.Name,
node.Status.Phase,
node.Status.Addresses,
node.Status.NodeInfo.OSImage,
node.Status.NodeInfo.KubeletVersion,
node.Status.NodeInfo.OperatingSystem,
node.Status.NodeInfo.Architecture,
node.CreationTimestamp,
)
}
}
上面的token如何获取呢:
# 创建sa、绑定角色
[root@Jenkins-master01 ~]# kubectl create serviceaccount dashboard-admin -n kube-system
# 绑定为集群账户
[root@Jenkins-master01 ~]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin #dashboard-admin
# 获取此sa的token值
[root@Jenkins-master01 ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}') | awk '/token:/{print $2}'
# 复制生成的数据到程序里就好了
eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZDQyNWoiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYzQyNDJmODItZDUzNi0xMWVhLWIxOGEtMDAwYzI5M2FkNzkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.DJCDQXqvzc13HFuP56-qtaS1i5p956Q1AsJp9RPBaAMAf7iXgkuRSlB04WaoFKe22oHayrOgvJOmM9AL4glWhTC0Ueh-2_SKlM9qJrTwtVjMcZzh53wZn20Qr1iQYyw2k6kOilSSJjEQ-zKKGwz7CaJRhHN9YJmq8LdmcYDDtTyHJrYy_csddzDrb6WntO5VBPmiEMB7JS5eZFTeQyyQg3X8Q4bFRgXafpadXEz2InxbLYchVrxBV4TnG_HXw8gl0ethKFRCW1pF1DCI8DrEYVoY7NaKtWBEchUXpT88Al5-kRblRPIjxsvSp7x0scw0F-6nXIPabtG8gzPNuFyg5w
另外,提供一个根据上面的token创建kubeconfig文件的方法:
#设置认证信息
[root@Jenkins-master01 ~]# kubectl config set-credentials tf-admin --token=eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZDQyNWoiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYzQyNDJmODItZDUzNi0xMWVhLWIxOGEtMDAwYzI5M2FkNzkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.DJCDQXqvzc13HFuP56-qtaS1i5p956Q1AsJp9RPBaAMAf7iXgkuRSlB04WaoFKe22oHayrOgvJOmM9AL4glWhTC0Ueh-2_SKlM9qJrTwtVjMcZzh53wZn20Qr1iQYyw2k6kOilSSJjEQ-zKKGwz7CaJRhHN9YJmq8LdmcYDDtTyHJrYy_csddzDrb6WntO5VBPmiEMB7JS5eZFTeQyyQg3X8Q4bFRgXafpadXEz2InxbLYchVrxBV4TnG_HXw8gl0ethKFRCW1pF1DCI8DrEYVoY7NaKtWBEchUXpT88Al5-kRblRPIjxsvSp7x0scw0F-6nXIPabtG8gzPNuFyg5w --kubeconfig=tf-admin
User "tf-admin" set.
#设置集群信息
[root@Jenkins-master01 ~]# kubectl config set-cluster tf-cluster --insecure-skip-tls-verify=true --server=https://192.168.1.92:6443 --kubeconfig=tf-admin
Cluster "tf-cluster" set.
#设置上下文信息
[root@Jenkins-master01 ~]# kubectl config set-context tf-system --cluster=tf-cluster --user=tf-admin --kubeconfig=tf-admin
#设置当前配置上下文
[root@Jenkins-master01 ~]# kubectl config use-context tf-system --kubeconfig=tf-admin
#查看生成的配置文件
[root@Jenkins-master01 ~]# cat tf-admin
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://192.168.1.92:6443
name: tf-cluster
contexts:
- context:
cluster: tf-cluster
user: tf-admin
name: tf-system
current-context: tf-system
kind: Config
preferences: {}
users:
- name: tf-admin
user:
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZDQyNWoiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYzQyNDJmODItZDUzNi0xMWVhLWIxOGEtMDAwYzI5M2FkNzkyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.DJCDQXqvzc13HFuP56-qtaS1i5p956Q1AsJp9RPBaAMAf7iXgkuRSlB04WaoFKe22oHayrOgvJOmM9AL4glWhTC0Ueh-2_SKlM9qJrTwtVjMcZzh53wZn20Qr1iQYyw2k6kOilSSJjEQ-zKKGwz7CaJRhHN9YJmq8LdmcYDDtTyHJrYy_csddzDrb6WntO5VBPmiEMB7JS5eZFTeQyyQg3X8Q4bFRgXafpadXEz2InxbLYchVrxBV4TnG_HXw8gl0ethKFRCW1pF1DCI8DrEYVoY7NaKtWBEchUXpT88Al5-kRblRPIjxsvSp7x0scw0F-6nXIPabtG8gzPNuFyg5w
可以看出这个文件完全可以由程序生
