Home > database >  Kubernetes Raw API resource type
Kubernetes Raw API resource type

Time:10-24

What RBAC role resource type would I use for raw type?

ex. kubectl get --raw "/api/v1/nodes/(your-node-name)/proxy/stats/summary"


kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: k8s-ephemeral-storage-metrics-debug
rules:
  - apiGroups: [""]
    resources: ["*"]
    verbs: ["*"]

or go raw API k8s calls?


content, err := clientset.RESTClient().Get().AbsPath(fmt.Sprintf("/api/v1/nodes/%s/proxy/stats/summary", currentNode)).DoRaw(context.Background())

CodePudding user response:

The API documentation names this operation "Get Connect Proxy Path" and more specifically describes the URL as

GET /api/v1/nodes/{name}/proxy/{path}

The .../proxy/... part is the interesting part. It indicates that you're not using basic CRUD operations on a Node object, but rather accessing some subresource of the Node. The RBAC setup has specific syntax for subresources.

You need to break the URL down into its component parts You can break this down into several component parts:

  (no API group)
        v
GET /api/v1/nodes/{name}/proxy/{path}
            ^^^^^        ^^^^^
           resource   subresource

You then use the resource/subresource name in the RBAC definition

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: k8s-ephemeral-storage-metrics-debug
rules:
  - apiGroups: [""]
    resources: ["node/proxy"]
    verbs: ["get"]

Page link:https//www.codepudding.com/database/585980.html

Prev:Can't capture cmd.Run() stdout, stderr is fine
Next:In which one of the following two codes does memory leak occur? My professor says that its A, but I
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding