第一讲：如何使用go-client连接k8s_go-client windows docker k8s如何用代码连接

1、创建ServiceAccount账户

vim admin-account.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
1
2
3
4
5
6
7
8

运行：kubectl apply -f admin-account.yaml

2、创建ClusterRoleBinding 关系

vim admin-role.yaml

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
  - kind: ServiceAccount
    name: admin
    namespace: kube-system
1
2
3
4
5
6
7
8
9
10
11
12
13
14

运行：kubectl apply -f admin-role.yaml

3、获取token

1. 执行 kubectl get secret -n kube-system 你会看到 一个 admin开头的 secret
   

2. kubectl describe secret “admin开头的那个secret名称” -n kube-system
   

3. 手工拷贝token里面的值给客户端使用，切记不要多拷空格

4、使用go-client连接k8s

package main

import (
	"crypto/tls"
	"k8s.io/client-go/kubernetes"
	"k8s.io/client-go/rest"
	"log"
	"net"
	"net/http"
	"time"
)
var K8sClient *kubernetes.Clientset
func init() {
	var tlsConfig = &tls.Config{
		InsecureSkipVerify: true, // 忽略证书验证
	}
	var transport http.RoundTripper = &http.Transport{
		DialContext: (&net.Dialer{
			Timeout:   30 * time.Second,
			KeepAlive: 30 * time.Second,
		}).DialContext,
		MaxIdleConns:          100,
		IdleConnTimeout:       90 * time.Second,
		TLSHandshakeTimeout:   10 * time.Second,
		ExpectContinueTimeout: 1 * time.Second,
		TLSClientConfig:       tlsConfig,
		DisableCompression: true,
	}
	config:=&rest.Config{
		Host:"https://192.168.137.180:6443",
		//拷贝token里面的值
		BearerToken:"eyJhbGciOiJSUzI1NiIsImtpZCI6InhEQzJTR0lmT1EybTFTdEpCVVdRZ09RSVZya1hobzV5WGtCUzVDQ2pkV28ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRldm9wcy1hZG1pbi10b2tlbi1ybmY2MiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJkZXZvcHMtYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI3MGZiODM4OS03OTI2LTRkOWYtOGI1Mi0zOWEyYmM0YjM4OTMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6ZGVmYXVsdDpkZXZvcHMtYWRtaW4ifQ.AEiyv2s3VYdAxUpd_n4hFNvFhqwcZMyxOEBIHF6HG0PQkn81xyvFAjmRxs-B_I8KfTC5DYW1JKir0OTicFYyjgg3mcZIP7jeG1DCZBcjek21qw3DJzydJUuT4Z21jJdYoCi2ImUSVTsfpdxWyVJ13xo2pfDCk8AHiIAVahLHZKLo6x-oO6kcPgmIArTpW6uOpfuojD0QkzFn_YWRtzmJizXfirVzTvgK263aiiPnIHrNT8Go558sBTt1AcSOtwh7xtXcQzBa1dL6_JicYdz00Faqj7VuYGX6Nrd4I87Ge5mXwWzH0tT2qH1V5a9aC0jHsyGmyqAmc1EKTF3KeohNkA",
		Transport: transport,
	}
	c,err:=kubernetes.NewForConfig(config)
	if err!=nil{
		log.Fatal(err)
	}
	K8sClient =c
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

有问题请关注【k8s运维开发实战】，小编会及时回复