英文:
How can a Java application running in a GKE cluster programatically apply a yaml file?
问题
以下是翻译好的内容:
我在Google Kubernetes Engine集群上部署了一个Java应用程序。如何使这个应用程序以编程方式应用一个YAML文件?类似于以下命令:
kubectl apply -f deployment.yaml
我找到了这个客户端库,但找不到文档中显示如何实现的部分。链接
编辑:
感谢Guillaume和Mickey提供的指引。我尝试了Kubernetes Java客户端库,但出现了“Forbidden”错误。以下是代码和响应:
@RequestMapping(value = "/list-pods", method = GET, produces = TEXT_PLAIN_VALUE)
public String listPods() throws Exception {
KubeConfig.registerAuthenticator(new GCPAuthenticator());
final CoreV1Api api = new CoreV1Api(Config.defaultClient());
V1PodList list = api.listPodForAllNamespaces(null, null, null, null, null, null, null, null, null);
StringBuilder builder = new StringBuilder("Pods: \n\n");
for (V1Pod item : list.getItems()) builder.append(item.getMetadata().getName());
return builder.toString();
}
这是抛出的异常:
2020-04-10 07:52:46.655 ERROR 1 --- [nio-8080-exec-7] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is io.kubernetes.client.ApiException: Forbidden] with root cause
io.kubernetes.client.ApiException: Forbidden
at io.kubernetes.client.ApiClient.handleResponse(ApiClient.java:886) ~[client-java-5.0.0.jar!/:na]
at io.kubernetes.client.ApiClient.execute(ApiClient.java:802) ~[client-java-5.0.0.jar!/:na]
at io.kubernetes.client.apis.CoreV1Api.listPodForAllNamespacesWithHttpInfo(CoreV1Api.java:18720) ~[client-java-api-5.0.0.jar!/:na]
at io.kubernetes.client.apis.CoreV1Api.listPodForAllNamespaces(CoreV1Api.java:18698) ~[client-java-api-5.0.0.jar!/:na]
at com.ngserve.clapps.ws.WS.listPods(WS.java:53) ~[classes!/:0.0.1-SNAPSHOT]
英文:
I have a Java application deployed on a Google Kubernetes Engine cluster. How can I make this application programmatically apply a yaml? Something equivalent to
kubectl apply -f deployment.yaml
I came across this client library but can't find a part of the documentation that shows how to achieve it. https://github.com/googleapis/google-api-java-client-services/tree/master/clients/google-api-services-container/v1
Edit:
Thanks Guillaume and Mickey for the pointers. I tried the Kubernetes Java Client library but got 'Forbidden'. See the code below and response:
@RequestMapping(value = "/list-pods", method = GET, produces = TEXT_PLAIN_VALUE)
public String listPods() throws Exception {
KubeConfig.registerAuthenticator(new GCPAuthenticator());
final CoreV1Api api = new CoreV1Api(Config.defaultClient());
V1PodList list = api.listPodForAllNamespaces(null, null, null, null, null, null, null, null, null);
StringBuilder builder = new StringBuilder("Pods: \n\n");
for (V1Pod item : list.getItems()) builder.append(item.getMetadata().getName());
return builder.toString();
}
This is the exception that was thrown:
2020-04-10 07:52:46.655 ERROR 1 --- [nio-8080-exec-7] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is io.kubernetes.client.ApiException: Forbidden] with root cause
io.kubernetes.client.ApiException: Forbidden
at io.kubernetes.client.ApiClient.handleResponse(ApiClient.java:886) ~[client-java-5.0.0.jar!/:na]
at io.kubernetes.client.ApiClient.execute(ApiClient.java:802) ~[client-java-5.0.0.jar!/:na]
at io.kubernetes.client.apis.CoreV1Api.listPodForAllNamespacesWithHttpInfo(CoreV1Api.java:18720) ~[client-java-api-5.0.0.jar!/:na]
at io.kubernetes.client.apis.CoreV1Api.listPodForAllNamespaces(CoreV1Api.java:18698) ~[client-java-api-5.0.0.jar!/:na]
at com.ngserve.clapps.ws.WS.listPods(WS.java:53) ~[classes!/:0.0.1-SNAPSHOT]
答案1
得分: 0
我最终通过按照FL3SH的建议配置所需的rbac,使其正常运行。https://kubernetes.io/docs/reference/access-authn-authz/rbac/
英文:
I finally got it to work by configuring the necessary rbac as FL3SH suggested. https://kubernetes.io/docs/reference/access-authn-authz/rbac/
专注分享java语言的经验与见解,让所有开发者获益!
评论