学无先后,达者为师

网站首页 编程语言 正文

使用postman访问k8s api

作者:LG_985938339 更新时间: 2022-05-11 编程语言

使用postman访问k8s api

创建Service Account账号,这是用来给运行在Pod里的进程用的,或者用postman调用也是一样。

[root@k8s-node1 ~]# kubectl create sa admin
serviceaccount/admin created

获取Token

[root@k8s-node1 ~]# kubectl get sa admin -ojson
{
    "apiVersion": "v1",
    "kind": "ServiceAccount",
    "metadata": {
        "creationTimestamp": "2021-12-31T14:08:33Z",
        "name": "admin",
        "namespace": "default",
        "resourceVersion": "531295",
        "selfLink": "/api/v1/namespaces/default/serviceaccounts/admin",
        "uid": "0c663c2b-cfb6-419a-91f8-1c84671f9d3f"
    },
    "secrets": [
        {
            "name": "admin-token-kll46"
        }
    ]
}
[root@k8s-node1 ~]# kubectl describe secret admin-token-kll46
Name:         admin-token-kll46
Namespace:    default
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin
              kubernetes.io/service-account.uid: 0c663c2b-cfb6-419a-91f8-1c84671f9d3f

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  7 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IkRXQVJ4SjVxMjliMHp0WU1uZlBsNHVhQUxnU0ZCMnZaUDZNVHdSbVNWbVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImFkbWluLXRva2VuLWtsbDQ2Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMGM2NjNjMmItY2ZiNi00MTlhLTkxZjgtMWM4NDY3MWY5ZDNmIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmRlZmF1bHQ6YWRtaW4ifQ.d7xXtvFm2eSvE-h_iTqFAIylEqfXnAUX5o4V49DoDbWnfkRhmIMYXlVIYAvs4G_bsjan1MzGxfVc6wFsZBhoJkrreHupz-zYhL9Ls1bjuPOYTGH1q25V_ECDl71SrYlpqIaH2XxB-G-xap1toBI0UiWQoH4PBNl672l5sWbD6DMjXr4OYkX8i710Rxb--xJ9rEBECYewPD48mItQorpgat8hP1csjQs0q__bFnFp3HeMHw65OopFbtbIypbhIooootzbksm092h5t7CLP_mECVvgof3JdtegY3r2EU3-ryr_zzOT3LtOCqB_hMX5RRAad-vrVBuMvm7x9r7phVAXGw

给Service Account绑定角色权限为cluster-admin,可以对任何资源执行任何操作

[root@k8s-node1 ~]# kubectl create rolebinding apiadmin --clusterrole cluster-admin --serviceaccount default:admin
rolebinding.rbac.authorization.k8s.io/apiadmin created

给postman设置一个全局变量apiserverToken,token为刚才上面describe secret打印出来的token。
在这里插入图片描述

将postman的ssl验证设置为off
在这里插入图片描述
接下来输入需要访问的api地址,Authorization里面选择 Bearer Token,token输入刚才创建的变量名,就能够成功访问k8s的api 了
在这里插入图片描述

原文链接:https://blog.csdn.net/weixin_44228698/article/details/122264315

相关推荐

栏目分类
最近更新
Copyright © 2025   AB教程网    免责声明
本站部分资源收集于互联网、用户投稿,其版权归原作者所有,内容以共享、参考、学习为主,不存在任何商业目的。如有侵权请与本站联系,情况属实将予以删除!
本站由    提供CDN加速