我在Google Kubernetes Engine集群上部署了Java应用程序。如何使该应用程序以编程方式应用Yaml?相当于
kubectl apply -f deployment.yaml
我遇到了这个客户端库,但是找不到说明如何实现它的文档的一部分。 https://github.com/googleapis/google-api-java-client-services/tree/master/clients/google-api-services-container/v1
编辑:
感谢纪尧姆和米奇的指针。我尝试了Kubernetes Java Client library,但得到了“禁止”。请参见下面的代码并做出响应:
@RequestMapping(value = "/list-pods", method = GET, produces = TEXT_PLAIN_VALUE)
public String listPods() throws Exception {
KubeConfig.registerAuthenticator(new GCPAuthenticator());
final CoreV1Api api = new CoreV1Api(Config.defaultClient());
V1PodList list = api.listPodForAllNamespaces(null, null, null, null, null, null, null, null, null);
StringBuilder builder = new StringBuilder("Pods: \n\n");
for (V1Pod item : list.getItems()) builder.append(item.getMetadata().getName());
return builder.toString();
}
这是引发的异常:
2020-04-10 07:52:46.655 ERROR 1 --- [nio-8080-exec-7] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is io.kubernetes.client.ApiException: Forbidden] with root cause
io.kubernetes.client.ApiException: Forbidden
at io.kubernetes.client.ApiClient.handleResponse(ApiClient.java:886) ~[client-java-5.0.0.jar!/:na]
at io.kubernetes.client.ApiClient.execute(ApiClient.java:802) ~[client-java-5.0.0.jar!/:na]
at io.kubernetes.client.apis.CoreV1Api.listPodForAllNamespacesWithHttpInfo(CoreV1Api.java:18720) ~[client-java-api-5.0.0.jar!/:na]
at io.kubernetes.client.apis.CoreV1Api.listPodForAllNamespaces(CoreV1Api.java:18698) ~[client-java-api-5.0.0.jar!/:na]
at com.ngserve.clapps.ws.WS.listPods(WS.java:53) ~[classes!/:0.0.1-SNAPSHOT]
答案 0 :(得分:0)
我终于按照FL3SH的建议配置了必需的rbac使其工作了。 https://kubernetes.io/docs/reference/access-authn-authz/rbac/