linux cpu占用率如何看
284
2022-09-11
k8s源码学习 client-go源码结构和客户端对象
Kubernetes系统使用client-go作为Go语言的官方编程式交互客户端库,提供对Kubernetes API Server服务的交互访问。Kubernetes的源码中已经集成了client-go的源码,无须单独下载。client-go源码路径为vendor/k8s.io/client-go,client-go项目github地址:tree vendor/k8s.io/client-go -L 1vendor/k8s.io/client-go├── LICENSE├── applyconfigurations├── discovery├── dynamic├── informers├── kubernetes├── listers├── metadata├── pkg├── plugin├── rest├── restmapper├── scale├── testing├── third_party├── tools├── transport└── util
Client客户端对象
client-go支持4种Client客户端对象与Kubernetes API Server交互的方式,交互对象如图:
RESTClient是最基础的客户端。RESTClient对HTTP Request进行了封装,实现了RESTful风格的API。ClientSet、DynamicClient及DiscoveryClient客户端都是基于RESTClient实现的。
ClientSet在RESTClient的基础上封装了对Resource和Version的管理方法。每一个Resource可以理解为一个客户端,而ClientSet则是多个客户端的集合,每一个Resource和Version都以函数的方式暴露给开发者。ClientSet只能够处理Kubernetes内置资源,它是通过client-gen代码生成器自动生成的。
DynamicClient与ClientSet最大的不同之处是,ClientSet仅能访问Kubernetes自带的资源(即Client集合内的资源),不能直接访问CRD自定义资源。DynamicClient能够处理Kubernetes中的所有资源对象,包括Kubernetes内置资源与CRD自定义资源。
DiscoveryClient发现客户端,用于发现kube-apiserver所支持的资源组、资源版本、资源信息(即Group、Versions、Resources)。
以上4种客户端:RESTClient、ClientSet、DynamicClient、DiscoveryClient都可以通过kubeconfig配置信息连接到指定的Kubernetes API Server
kubeconfig配置管理
kubeconfig用于管理访问kube-apiserver的配置信息,同时也支持访问多kube-apiserver的配置管理,可以在不同的环境下管理不同的kube-apiserver集群配置,不同的业务线也可以拥有不同的集群。Kubernetes的其他组件都使用kubeconfig配置信息来连接kube-apiserver组件,例如当kubectl访问kube-apiserver时,会默认加载kubeconfig配置信息。
kubeconfig中存储了集群、用户、命名空间和身份验证等信息,在默认的情况下,kubeconfig存放在$HOME/.kube/config路径下。Kubeconfig配置信息如下,以minikube为例:
cat ${HOME}/.kube/configapiVersion: v1clusters:- cluster: name: docker-desktop- cluster: certificate-authority: /Users/daixuan/.minikube/ca.crt extensions: - extension: last-update: Sat, 26 Mar 2022 10:49:23 CST provider: minikube.sigs.k8s.io version: v1.25.2 name: cluster_info server: name: minikubecontexts:- context: cluster: docker-desktop user: docker-desktop name: docker-desktop- context: cluster: docker-desktop user: docker-desktop name: docker-for-desktop- context: cluster: minikube extensions: - extension: last-update: Sat, 26 Mar 2022 10:49:23 CST provider: minikube.sigs.k8s.io version: v1.25.2 name: context_info namespace: default user: minikube name: minikubecurrent-context: minikubekind: Configpreferences: {}users:- name: docker-desktop user: client-certificate-data: LS0tLS1CR****** client-key-data: LS0tLS1CRUdJT****- name: minikube user: client-certificate: /Users/daixuan/.minikube/profiles/minikube/client.crt client-key: /Users/daixuan/.minikube/profiles/minikube/client.key
kubeconfig配置信息通常包含3个部分,分别介绍如下。
● clusters :定义Kubernetes集群信息,例如kube-apiserver的服务地址及集群的证书信息等。
● users :定义Kubernetes集群用户身份验证的客户端凭据,例如client-certificate、client-key、token及username/password等。
● contexts :定义Kubernetes集群用户信息和命名空间等,用于将请求发送到指定的集群。
client-go会读取kubeconfig配置信息并生成config对象,用于与kube-apiserver通信,代码示例如下:
package main import ("k8s.io/client-go/tools/clientcmd" )func main() {config, err := clientcmd.BuildConfigFromFlags("", "/root/.kube/config")if err != nil {panic (err)...}
在上述代码中,clientcmd.BuildConfigFromFlags函数会读取kubeconfig配置信息并实例化rest.Config对象。其中kubeconfig最核心的功能是管理多个访问kube-apiserver集群的配置信息,将多个配置信息合并(merge)成一份,在合并的过程中会解决多个配置文件字段冲突的问题。该过程由Load函数完成,可分为两步:
第1步,加载kubeconfig配置信息;
第2步,合并多个kubeconfig配置信息。
加载kubeconfig信息
加载代码示例如下: vendor/k8s.io/client-go/tools/clientcmd/loader.go
func (rules *ClientConfigLoadingRules) Load() (*clientcmdapi.Config, error) { if len(rules.ExplicitPath) > 0 { kubeConfigFiles = append(kubeConfigFiles, rules.ExplicitPath) } else { kubeConfigFiles = append(kubeConfigFiles, rules.Precedence...) }}
有两种方式可以获取kubeconfig配置信息路径:第1种,文件路径(即rules.ExplicitPath);第2种,环境变量(通过KUBECONFIG变量,即rules.Precedence,可指定多个路径)。最后将配置信息汇总到kubeConfigFiles中。这两种方式都通过LoadFromFile函数读取数据并把读取到的数据反序列化到Config对象中。代码示例如下:
代码路径:vendor/k8s.io/client-go/tools/clientcmd/loader.go
// Load takes a byte slice and deserializes the contents into Config object.// Encapsulates deserialization without assuming the source is a file.func Load(data []byte) (*clientcmdapi.Config, error) { config := clientcmdapi.NewConfig() // if there's no data in a file, return the default object instead of failing (DecodeInto reject empty input) if len(data) == 0 { return config, nil } decoded, _, err := clientcmdlatest.Codec.Decode(data, &schema.GroupVersionKind{Version: clientcmdlatest.Version, Kind: "Config"}, config) if err != nil { return nil, err } return decoded.(*clientcmdapi.Config), nil}
合并多个kubeconfig配置信息
有两份kubeconfig配置信息,集群分别为cow-cluster和pig-cluster,经过合并后,最终得到一份多集群的配置信息,代码示例如下:
代码路径:vendor/k8s.io/client-go/tools/clientcmd/loader.go
config := clientcmdapi.NewConfig()mergo.Merge(config, mapConfig, mergo.WithOverride)mergo.Merge(config, nonMapConfig, mergo.WithOverride)
mergo.MergeWithOverwrite函数将src字段填充到dst结构中,私有字段除外,非空的dst字段将被覆盖。另外,dst和src必须拥有有效的相同类型结构。合并过程举例如下:
src dst mergesrc: T {X: "two", Z: Z{A: "three", B: 4}} dest: {X: "One", Y:5, Z{A: "four", B: 6}}merge后: T {X: "two", Y:5, Z{A: "three", B: 4}}
RESTClient客户端
RESTClient是最基础的客户端。其他的ClientSet、DynamicClient及DiscoveryClient都是基于RESTClient实现的。RESTClient对HTTP Request进行了封装,实现了RESTful风格的API。它具有很高的灵活性,数据不依赖于方法和资源,因此RESTClient能够处理多种类型的调用,返回不同的数据格式。
类似于kubectl命令,通过RESTClient列出所有运行的Pod资源对象,RESTClient Example参考代码示例如下:mainimport ( "context" "flag" "fmt" "k8s.io/client-go/kubernetes/scheme" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/util/homedir" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "path/filepath")func main() { var kubeconfig *string // home是家目录,如果能取得家目录的值,就可以用来做默认值 if home:=homedir.HomeDir(); home != "" { // 如果输入了kubeconfig参数,该参数的值就是kubeconfig文件的绝对路径, // 如果没有输入kubeconfig参数,就用默认路径~/.kube/config kubeconfig = flag.String("kubeconfig", filepath.Join(home, ".kube", "config"), "(optional) absolute path to the kubeconfig file") } else { // 如果取不到当前用户的家目录,就没办法设置kubeconfig的默认目录了,只能从入参中取 kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file") } flag.Parse() // 从本机加载kubeconfig配置文件,因此第一个参数为空字符串 config, err := clientcmd.BuildConfigFromFlags("", *kubeconfig) // kubeconfig加载失败就直接退出了 if err != nil { panic(err.Error()) } // 参考path : /api/v1/namespaces/{namespace}/pods config.APIPath = "api" // pod的group是空字符串 config.GroupVersion = &corev1.SchemeGroupVersion // 指定序列化工具 config.NegotiatedSerializer = scheme.Codecs // 根据配置信息构建restClient实例 restClient, err := rest.RESTClientFor(config) if err!=nil { panic(err.Error()) } // 保存pod结果的数据结构实例 result := &corev1.PodList{} // 指定namespace namespace := "kube-system" // 设置请求参数,然后发起请求 // GET请求 err = restClient.Get(). // 指定namespace,参考path : /api/v1/namespaces/{namespace}/pods Namespace(namespace). // 查找多个pod,参考path : /api/v1/namespaces/{namespace}/pods Resource("pods"). // 指定大小限制和序列化工具 VersionedParams(&metav1.ListOptions{Limit:100}, scheme.ParameterCodec). // 请求 Do(context.TODO()). // 结果存入result Into(result) if err != nil { panic(err.Error()) } // 打印名称 fmt.Printf("Namespace\t Status\t\t Name\n") // 每个pod都打印Namespace、Status.Phase、Name三个字段 for _, d := range result.Items { fmt.Printf("%v\t %v\t %v\n", d.Namespace, d.Status.Phase, d.Name) }}
运行以上代码,列出default命名空间下的所有Pod资源对象的相关信息。首先加载kubeconfig配置信息,并设置config.APIPath请求的HTTP路径。然后设置config.GroupVersion请求的资源组/资源版本。最后设置config.NegotiatedSerializer数据的编解码器。
rest.RESTClientFor函数通过kubeconfig配置信息实例化RESTClient对象,RESTClient对象构建HTTP请求参数,例如Get函数设置请求方法为get操作,它还支持Post、Put、Delete、Patch等请求方法。Namespace函数设置请求的命名空间。Resource函数设置请求的资源名称。VersionedParams函数将一些查询选项(如limit、TimeoutSeconds等)添加到请求参数中。通过Do函数执行该请求,并将kube-apiserver返回的结果(Result对象)解析到corev1.PodList对象中。最终格式化输出结果。
执行脚本,获取pod列表与本机minikube get得到的pod名称一致,可以修改代码中的命名空间为default,获取default命名空间下的pod:
➜ restclient git:(master) ✗ kubectl get pod -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-64897985d-jq6tk 1/1 Running 1 (24d ago) 24detcd-minikube 1/1 Running 1 (24d ago) 24dkube-apiserver-minikube 1/1 Running 1 (24d ago) 24dkube-controller-manager-minikube 1/1 Running 1 (24d ago) 24dkube-proxy-fbd4n 1/1 Running 1 (24d ago) 24dkube-scheduler-minikube 1/1 Running 1 (24d ago) 24dstorage-provisioner 1/1 Running 2 (13d ago) 24d➜ restclient git:(master) ✗ go run main.go Namespace Status Namekube-system Running coredns-64897985d-jq6tkkube-system Running etcd-minikubekube-system Running kube-apiserver-minikubekube-system Running kube-controller-manager-minikubekube-system Running kube-proxy-fbd4nkube-system Running kube-scheduler-minikubekube-system Running storage-provisioner➜ restclient git:(master) ✗ kubectl get pod -n default NAME READY STATUS RESTARTS AGEnginx-deployment-9456bbbf9-78z87 1/1 Running 0 7d9hnginx-deployment-9456bbbf9-7tgnm 1/1 Running 0 7d9hnginx-deployment-9456bbbf9-n4mch 1/1 Running 0 7d9h➜ restclient git:(master) ✗ go run main.go Namespace Status Namedefault Running nginx-deployment-9456bbbf9-78z87default Running nginx-deployment-9456bbbf9-7tgnmdefault Running nginx-deployment-9456bbbf9-n4mch
RESTClient发送请求的过程对Go语言标准库net/Do formats and executes the request. Returns a Result object for easy response// processing.//// Error type:// * If the server responds with a status: *errors.StatusError or *errors.UnexpectedObjectError// * errors are returned directly.func (r *Request) Do(ctx context.Context) Result { var result Result err := r.request(ctx, func(req *resp *{ result = r.transformResponse(resp, req) }) if err != nil { return Result{err: err} } return result}func (r *Request) newHTTPRequest(ctx context.Context) (*error) { url := r.URL().String() req, err := url, r.body) if err != nil { return nil, err } req = req.WithContext(ctx) req.Header = r.headers return req, nil}// request connects to the server and invokes the provided function when a server response is// received. It handles retry behavior and up front validation of requests. It will invoke// fn at most once. It will return an error if a problem occurred prior to connecting to the// server - the provided function is responsible for handling server errors.func (r *Request) request(ctx context.Context, fn func(**error { //Metrics for total request latency start := time.Now() defer func() { metrics.RequestLatency.Observe(ctx, r.verb, r.finalURLTemplate(), time.Since(start)) }() if r.err != nil { klog.V(4).Infof("Error in request: %v", r.err) return r.err } if err := r.requestPreflightCheck(); err != nil { return err } client := r.c.Client if client == nil { client = } // Throttle the first try before setting up the timeout configured on the // client. We don't want a throttled client to return timeouts to callers // before it makes a single request. if err := r.tryThrottle(ctx); err != nil { return err } if r.timeout > 0 { var cancel context.CancelFunc ctx, cancel = context.WithTimeout(ctx, r.timeout) defer cancel() } // Right now we make about ten retry attempts if we get a Retry-After response. var retryAfter *RetryAfter for { req, err := r.newHTTPRequest(ctx) if err != nil { return err } r.backoff.Sleep(r.backoff.CalculateBackoff(r.URL())) if retryAfter != nil { // We are retrying the request that we already send to apiserver // at least once before. // This request should also be throttled with the client-internal rate limiter. if err := r.tryThrottleWithInfo(ctx, retryAfter.Reason); err != nil { return err } retryAfter = nil } resp, err := client.Do(req) updateURLMetrics(ctx, r, resp, err) if err != nil { r.backoff.UpdateBackoff(r.URL(), err, 0) } else { r.backoff.UpdateBackoff(r.URL(), err, resp.StatusCode) } done := func() bool { defer readAndCloseResponseBody(resp) // if the the server returns an error in err, the response will be nil. f := func(req *resp *{ if resp == nil { return } fn(req, resp) } var retry bool retryAfter, retry = r.retry.NextRetry(req, resp, err, func(req *err error) bool { // "Connection reset by peer" or "apiserver is shutting down" are usually a transient errors. // Thus in case of "GET" operations, we simply retry it. // We are not automatically retrying "write" operations, as they are not idempotent. if r.verb != "GET" { return false } // For connection errors and apiserver shutdown errors retry. if net.IsConnectionReset(err) || net.IsProbableEOF(err) { return true } return false }) if retry { err := r.retry.BeforeNextRetry(ctx, r.backoff, retryAfter, req.URL.String(), r.body) if err == nil { return false } klog.V(4).Infof("Could not retry request - %v", err) } f(req, resp) return true }() if done { return err } }}
请求发送之前需要根据请求参数生成请求的RESTful URL,由r.URL.String函数完成。例如,在RESTClient Example代码示例中,根据请求参数生成请求的RESTful URL为URL(即kube-apiserver)发送请求,请求得到的结果存放在 restclient git:(master) ✗ kubectl get pod -n default -v=7I0402 20:53:44.605922 48787 loader.go:375] Config loaded from file: /Users/daixuan/.kube/configI0402 20:53:44.621427 48787 round_trippers.go:420] GET 20:53:44.621444 48787 round_trippers.go:427] Request Headers:I0402 20:53:44.621449 48787 round_trippers.go:431] Accept: application/json;as=Table;v=v1beta1;g=meta.k8s.io, application/jsonI0402 20:53:44.621456 48787 round_trippers.go:431] User-Agent: kubectl/v1.16.2 (darwin/amd64) kubernetes/c97fe50I0402 20:53:44.636307 48787 round_trippers.go:446] Response Status: 200 OK in 14 millisecondsNAME READY STATUS RESTARTS AGEnginx-deployment-9456bbbf9-78z87 1/1 Running 0 7d9hnginx-deployment-9456bbbf9-7tgnm 1/1 Running 0 7d9hnginx-deployment-9456bbbf9-n4mch 1/1 Running 0 7d9h
ClientSet客户端
RESTClient是一种最基础的客户端,使用时需要指定Resource和Version等信息,编写代码时需要提前知道Resource所在的Group和对应的Version信息。相比RESTClient,ClientSet使用起来更加便捷,一般情况下,开发者对Kubernetes进行二次开发时通常使用ClientSet。
ClientSet在RESTClient的基础上封装了对Resource和Version的管理方法。每一个Resource可以理解为一个客户端,而ClientSet则是多个客户端的集合,每一个Resource和Version都以函数的方式暴露给开发者,例如,ClientSet提供的RbacV1、CoreV1、NetworkingV1等接口函数,多ClientSet多资源集合如图:
注意 :ClientSet仅能访问Kubernetes自身内置的资源(即客户端集合内的资源),不能直接访问CRD自定义资源。如果需要ClientSet访问CRD自定义资源,可以通过client-gen代码生成器重新生成ClientSet,在ClientSet集合中自动生成与CRD操作相关的接口。
类似于kubectl命令,通过ClientSet列出所有运行中的Pod资源对象,ClientSet Example代码示例:
mainimport ( "context" "flag" "fmt" "path/filepath" appsv1 "k8s.io/api/apps/v1" apiv1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/util/homedir")const ( NAMESPACE = "test" DEPLOYMENTNAME = "nginx-test" IMAGE = "nginx:1.13" PORT = 80 REPLICAS = 2)func main() { var kubeconfig *string // home是家目录,如果能取得家目录的值,就可以用来做默认值 if home := homedir.HomeDir(); home != "" { // 如果输入了kubeconfig参数,该参数的值就是kubeconfig文件的绝对路径, // 如果没有输入kubeconfig参数,就用默认路径~/.kube/config kubeconfig = flag.String("kubeconfig", filepath.Join(home, ".kube", "config"), "(optional) kubeconfig文件的绝对路径") } else { kubeconfig = flag.String("kubeconfig", "", "kubeconfig文件的绝对路径") } flag.Parse() // 从本机加载kubeconfig配置文件,因此第一个参数为空字符串 config, err := clientcmd.BuildConfigFromFlags("", *kubeconfig) // kubeconfig加载失败就直接退出了 if err != nil { panic(err) } // 实例化clientset对象 clientset, err := kubernetes.NewForConfig(config) if err != nil { panic(err) } // 引用namespace的函数 createNamespace(clientset) // 引用deployment的函数 createDeployment(clientset)}// 新建namespacefunc createNamespace(clientset *kubernetes.Clientset) { namespaceClient := clientset.CoreV1().Namespaces() namespace := &apiv1.Namespace{ ObjectMeta: metav1.ObjectMeta{ Name: NAMESPACE, }, } result, err := namespaceClient.Create(context.TODO(), namespace, metav1.CreateOptions{}) if err!=nil { panic(err.Error()) } fmt.Printf("Create namespace %s \n", result.GetName())}// 新建deploymentfunc createDeployment(clientset *kubernetes.Clientset) { //如果希望在default命名空间下场景可以引用apiv1.NamespaceDefault默认字符 //deploymentsClient := clientset.AppsV1().Deployments(apiv1.NamespaceDefault) //拿到deployment的客户端 deploymentsClient := clientset.AppsV1().Deployments(NAMESPACE) deployment := &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ Name: DEPLOYMENTNAME, }, Spec: appsv1.DeploymentSpec{ Replicas: int32Ptr(REPLICAS), Selector: &metav1.LabelSelector{ MatchLabels: map[string]string{ "app": "nginx-test", }, }, Template: apiv1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ "app": "nginx-test", }, }, Spec: apiv1.PodSpec{ Containers: []apiv1.Container{ { Name: "web", Image: IMAGE, Ports: []apiv1.ContainerPort{ { Name: " Protocol: apiv1.ProtocolTCP, ContainerPort: PORT, }, }, }, }, }, }, }, } // Create Deployment fmt.Println("Creating deployment...") result, err := deploymentsClient.Create(context.TODO(), deployment, metav1.CreateOptions{}) if err != nil { panic(err) } fmt.Printf("Created deployment %q.\n", result.GetObjectMeta().GetName())}//引用replicas带入副本集func int32Ptr(i int32) *int32 { return &i }
➜ clientset git:(master) ✗ go run main.go Create namespace test Creating deployment...Created deployment "nginx-test".➜ clientset git:(master) ✗ kubectl get pod -n testNAME READY STATUS RESTARTS AGEnginx-test-785479479f-bfl46 1/1 Running 0 10snginx-test-785479479f-zrbfb 1/1 Running 0 10s
运行以上代码,会创建1个2副本nginx-test的deployment。首先加载kubeconfig配置信息,kubernetes.NewForConfig通过kubeconfig配置信息实例化clientset对象,该对象用于管理所有Resource的客户端。
DynamicClient客户端
DynamicClient是一种动态客户端,它可以对任意Kubernetes资源进行RESTful操作,包括CRD自定义资源。DynamicClient与ClientSet操作类似,同样封装了RESTClient,同样提供了Create、Update、Delete、Get、List、Watch、Patch等方法。
DynamicClient与ClientSet最大的不同之处是,ClientSet仅能访问Kubernetes自带的资源(即客户端集合内的资源),不能直接访问CRD自定义资源。ClientSet需要预先实现每种Resource和Version的操作,其内部的数据都是结构化数据(即已知数据结构)。而DynamicClient内部实现了Unstructured,用于处理非结构化数据结构(即无法提前预知数据结构),这也是DynamicClient能够处理CRD自定义资源的关键。
注意 :DynamicClient不是类型安全的,因此在访问CRD自定义资源时需要特别注意。例如,在操作指针不当的情况下可能会导致程序崩溃。
DynamicClient的处理过程将Resource(例如PodList)转换成Unstructured结构类型,Kubernetes的所有Resource都可以转换为该结构类型。处理完成后,再将Unstructured转换成PodList。整个过程类似于Go语言的interface{}断言转换过程。另外,Unstructured结构类型是通过map[string]interface{}转换的。
类似于kubectl命令,通过DynamicClient列出所有运行的Pod资源对象,DynamicClient Example代码示例如下:
mainimport ( "bufio" "context" "flag" "fmt" "os" "path/filepath" apiv1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/dynamic" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/util/homedir")func main() { var kubeconfig *string// home是家目录,如果能取得家目录的值,就可以用来做默认值 // 如果输入了kubeconfig参数,该参数的值就是kubeconfig文件的绝对路径, // 如果没有输入kubeconfig参数,就用默认路径~/.kube/config if home := homedir.HomeDir(); home != "" { kubeconfig = flag.String("kubeconfig", filepath.Join(home, ".kube", "config"), "(optional) absolute path to the kubeconfig file") } else { kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file") } flag.Parse()//定义函数内的变量 namespace := "default" replicas := 2 deployname := "dynamic-deployment-nginx" image := "nginx:1.17" // 从本机加载kubeconfig配置文件,因此第一个参数为空字符串 config, err := clientcmd.BuildConfigFromFlags("", *kubeconfig) // kubeconfig加载失败就直接退出了 if err != nil { panic(err) } // dynamic.NewForConfig实例化dynamic对象 client, err := dynamic.NewForConfig(config) if err != nil { panic(err) } //使用schema的包带入gvr deploymentRes := schema.GroupVersionResource{Group: "apps", Version: "v1", Resource: "deployments"} //定义结构化数据结构 deployment := &unstructured.Unstructured{ Object: map[string]interface{}{ "apiVersion": "apps/v1", "kind": "Deployment", "metadata": map[string]interface{}{ "name": deployname, }, "spec": map[string]interface{}{ "replicas": replicas, "selector": map[string]interface{}{ "matchLabels": map[string]interface{}{ "app": "demo", }, }, "template": map[string]interface{}{ "metadata": map[string]interface{}{ "labels": map[string]interface{}{ "app": "demo", }, }, "spec": map[string]interface{}{ "containers": []map[string]interface{}{ { "name": "web", "image": image, "ports": []map[string]interface{}{ { "name": " "protocol": "TCP", "containerPort": 80, }, }, }, }, }, }, }, }, } // 创建 Deployment fmt.Println("创建 deployment...") result, err := client.Resource(deploymentRes).Namespace(namespace).Create(context.TODO(), deployment, metav1.CreateOptions{}) if err != nil { panic(err) } fmt.Printf("创建 deployment %q.\n", result.GetName()) // 列出 Deployments prompt() fmt.Printf("在命名空间中列出deployment %q:\n", apiv1.NamespaceDefault) list, err := client.Resource(deploymentRes).Namespace(namespace).List(context.TODO(), metav1.ListOptions{}) if err != nil { panic(err) } for _, d := range list.Items { replicas, found, err := unstructured.NestedInt64(d.Object, "spec", "replicas") if err != nil || !found { fmt.Printf("Replicas not found for deployment %s: error=%s", d.GetName(), err) continue } fmt.Printf(" * %s (%d replicas)\n", d.GetName(), replicas) }}func prompt() { fmt.Printf("--------------> 按回车键继续 <--------------.") scanner := bufio.NewScanner(os.Stdin) for scanner.Scan() { break } if err := scanner.Err(); err != nil { panic(err) } fmt.Println()}
➜ dynamicclient git:(master) ✗ go run dynamicclient.go 创建 deployment...创建 deployment "dynamic-deployment-nginx".--------------> 按回车键继续 <--------------.在命名空间中列出deployment "default": * dynamic-deployment-nginx (2 replicas) * ku (2 replicas) * nginx-deployment (3 replicas)➜ dynamicclient git:(master) ✗ kubectl get pod NAME READY STATUS RESTARTS AGEdynamic-deployment-nginx-fb67fc4b7-rd65d 1/1 Running 0 8sdynamic-deployment-nginx-fb67fc4b7-tx46j 1/1 Running 0 8snginx-deployment-9456bbbf9-78z87 1/1 Running 0 8dnginx-deployment-9456bbbf9-7tgnm 1/1 Running 0 8dnginx-deployment-9456bbbf9-n4mch 1/1 Running 0 8d
脚本是在default命名空间下创建了一个双副本的dynamic-deployment-nginx deployment,代码逻辑是首先加载kubeconfig配置信息,dynamic.NewForConfig通过kubeconfig配置信息实例化dynamicClient对象,该对象用于管理Kubernetes的所有Resource的客户端,例如对Resource执行Create、Update、Delete、Get、List、Watch、Patch等操作。
如果想要删除default命名空间下的dynamic-deployment-nginx deployment,参考脚本:
mainimport ( "bufio" "context" "flag" "fmt" "os" "path/filepath" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/dynamic" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/util/homedir" "k8s.io/apimachinery/pkg/runtime/schema" apiv1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured")func main() { // home是家目录,如果能取得家目录的值,就可以用来做默认值 var kubeconfig *string if home := homedir.HomeDir(); home != "" { // 如果输入了kubeconfig参数,该参数的值就是kubeconfig文件的绝对路径, // 如果没有输入kubeconfig参数,就用默认路径~/.kube/config kubeconfig = flag.String("kubeconfig", filepath.Join(home, ".kube", "config"), "(optional) absolute path to the kubeconfig file") } else { kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file") } flag.Parse()//定义函数内的变量名称 deletedeployname := "dynamic-deployment-nginx" namespace := "default"//从本机加载kubeconfig配置文件,因此第一个参数为空字符串 config, err := clientcmd.BuildConfigFromFlags("", *kubeconfig) if err != nil { panic(err) }//实例化dynamic对象 client, err := dynamic.NewForConfig(config) if err != nil { panic(err) }//使用schema包带入gvr deploymentRes := schema.GroupVersionResource{Group: "apps", Version: "v1", Resource: "deployments"} // 删除 Deployment prompt() fmt.Println("删除 deployment 中...") deletePolicy := metav1.DeletePropagationForeground deleteOptions := metav1.DeleteOptions{ PropagationPolicy: &deletePolicy, } if err := client.Resource(deploymentRes).Namespace(namespace).Delete(context.TODO(), deletedeployname, deleteOptions); err != nil { panic(err) } fmt.Println("成功完成删除 deployment,请等待terminating之后再执行回车,列出当前的kubectl get po -n 命名空间.") // 查看 Deployments prompt() fmt.Printf("列出当前命名空间的Pod %q:\n", apiv1.NamespaceDefault) list, err := client.Resource(deploymentRes).Namespace(namespace).List(context.TODO(), metav1.ListOptions{}) if err != nil { panic(err) } for _, d := range list.Items { replicas, found, err := unstructured.NestedInt64(d.Object, "spec", "replicas") if err != nil || !found { fmt.Printf("Replicas not found for deployment %s: error=%s", d.GetName(), err) continue } fmt.Printf(" * %s (%d replicas)\n", d.GetName(), replicas) }}func prompt() { fmt.Println("------------>按回车键继续") scanner := bufio.NewScanner(os.Stdin) for scanner.Scan() { break } if err := scanner.Err(); err != nil { panic(err) } fmt.Println()}
➜ dynamicclient git:(master) ✗ go run delete-list.go ------------>按回车键继续删除 deployment 中...成功完成删除 deployment,请等待terminating之后再执行回车,列出当前的kubectl get po -n 命名空间.------------>按回车键继续列出当前命名空间的Pod "default": * nginx-deployment (3 replicas)➜ dynamicclient git:(master) ✗ kubectl get pod NAME READY STATUS RESTARTS AGEnginx-deployment-9456bbbf9-78z87 1/1 Running 0 8dnginx-deployment-9456bbbf9-7tgnm 1/1 Running 0 8dnginx-deployment-9456bbbf9-n4mch 1/1 Running 0 8d
DiscoveryClient客户端
DiscoveryClient是发现客户端,它主要用于发现Kubernetes API Server所支持的资源组、资源版本、资源信息。Kubernetes API Server支持很多资源组、资源版本、资源信息,开发者在开发过程中很难记住所有信息,此时可以通过DiscoveryClient查看所支持的资源组、资源版本、资源信息。
kubectl的api-versions和api-resources命令输出也是通过DiscoveryClient实现的。另外,DiscoveryClient同样在RESTClient的基础上进行了封装。
DiscoveryClient除了可以发现Kubernetes API Server所支持的资源组、资源版本、资源信息,还可以将这些信息存储到本地,用于本地缓存(Cache),以减轻对Kubernetes API Server访问的压力。在运行Kubernetes组件的机器上,缓存信息默认存储于~/.kube/cache和~/.kube/API Server所支持的资源组、资源版本、资源信息,DynamicClient Example代码示例如下:
mainimport ( "flag" "fmt" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/discovery" "k8s.io/client-go/tools/clientcmd" "k8s.io/client-go/util/homedir" "path/filepath")func main() { var kubeconfig *string // home是家目录,如果能取得家目录的值,就可以用来做默认值 if home:=homedir.HomeDir(); home != "" { // 如果输入了kubeconfig参数,该参数的值就是kubeconfig文件的绝对路径, // 如果没有输入kubeconfig参数,就用默认路径~/.kube/config kubeconfig = flag.String("kubeconfig", filepath.Join(home, ".kube", "config"), "(optional) absolute path to the kubeconfig file") } else { // 如果取不到当前用户的家目录,就没办法设置kubeconfig的默认目录了,只能从入参中取 kubeconfig = flag.String("kubeconfig", "", "absolute path to the kubeconfig file") } flag.Parse() // 从本机加载kubeconfig配置文件,因此第一个参数为空字符串 config, err := clientcmd.BuildConfigFromFlags("", *kubeconfig) // kubeconfig加载失败就直接退出了 if err != nil { panic(err.Error()) } // 新建discoveryClient实例 discoveryClient, err := discovery.NewDiscoveryClientForConfig(config) if err != nil { panic(err.Error()) } // 获取所有分组和资源数据 APIGroup, APIResourceListSlice, err := discoveryClient.ServerGroupsAndResources() if err != nil { panic(err.Error()) } // 先看Group信息 fmt.Printf("APIGroup :\n\n %v\n\n\n\n",APIGroup) // APIResourceListSlice是个切片,里面的每个元素代表一个GroupVersion及其资源 for _, singleAPIResourceList := range APIResourceListSlice { // GroupVersion是个字符串,例如"apps/v1" groupVerionStr := singleAPIResourceList.GroupVersion // ParseGroupVersion方法将字符串转成数据结构 gv, err := schema.ParseGroupVersion(groupVerionStr) if err != nil { panic(err.Error()) } fmt.Println("*****************************************************************") fmt.Printf("GV string [%v]\nGV struct [%#v]\nresources :\n\n", groupVerionStr, gv) // APIResources字段是个切片,里面是当前GroupVersion下的所有资源 for _, singleAPIResource := range singleAPIResourceList.APIResources { fmt.Printf("%v\n", singleAPIResource.Name) } }}
➜ discoveryclient git:(master) ✗ go run main.go APIGroup : [&APIGroup{Name:,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:apiregistration.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:apiregistration.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:apiregistration.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:apps,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:apps/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:apps/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:events.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:events.k8s.io/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:events.k8s.io/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:events.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:authentication.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:authentication.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:authentication.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:authorization.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:authorization.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:authorization.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:autoscaling,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:autoscaling/v2,Version:v2,},GroupVersionForDiscovery{GroupVersion:autoscaling/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:autoscaling/v2beta1,Version:v2beta1,},GroupVersionForDiscovery{GroupVersion:autoscaling/v2beta2,Version:v2beta2,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:autoscaling/v2,Version:v2,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:batch,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:batch/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:batch/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:batch/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:certificates.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:certificates.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:certificates.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:networking.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:networking.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:networking.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:policy,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:policy/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:policy/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:policy/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:rbac.authorization.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:rbac.authorization.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:rbac.authorization.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:storage.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:storage.k8s.io/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:storage.k8s.io/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:storage.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:admissionregistration.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:admissionregistration.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:admissionregistration.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:apiextensions.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:apiextensions.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:apiextensions.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:scheduling.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:scheduling.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:scheduling.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:coordination.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:coordination.k8s.io/v1,Version:v1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:coordination.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:node.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:node.k8s.io/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:node.k8s.io/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:node.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:discovery.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:discovery.k8s.io/v1,Version:v1,},GroupVersionForDiscovery{GroupVersion:discovery.k8s.io/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:discovery.k8s.io/v1,Version:v1,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},} &APIGroup{Name:flowcontrol.apiserver.k8s.io,Versions:[]GroupVersionForDiscovery{GroupVersionForDiscovery{GroupVersion:flowcontrol.apiserver.k8s.io/v1beta2,Version:v1beta2,},GroupVersionForDiscovery{GroupVersion:flowcontrol.apiserver.k8s.io/v1beta1,Version:v1beta1,},},PreferredVersion:GroupVersionForDiscovery{GroupVersion:flowcontrol.apiserver.k8s.io/v1beta2,Version:v1beta2,},ServerAddressByClientCIDRs:[]ServerAddressByClientCIDR{},}]*****************************************************************GV string [v1]GV struct [schema.GroupVersion{Group:"", Version:"v1"}]resources :bindingscomponentstatusesconfigmapsendpointseventslimitrangesnamespacesnamespaces/finalizenamespaces/statusnodesnodes/proxynodes/statuspersistentvolumeclaimspersistentvolumeclaims/statuspersistentvolumespersistentvolumes/statuspodspods/attachpods/bindingpods/ephemeralcontainerspods/evictionpods/execpods/logpods/portforwardpods/proxypods/statuspodtemplatesreplicationcontrollersreplicationcontrollers/scalereplicationcontrollers/statusresourcequotasresourcequotas/statussecretsserviceaccountsserviceaccounts/tokenservicesservices/proxyservices/status*****************************************************************GV string [apiregistration.k8s.io/v1]GV struct [schema.GroupVersion{Group:"apiregistration.k8s.io", Version:"v1"}]resources :apiservicesapiservices/status*****************************************************************GV string [apps/v1]GV struct [schema.GroupVersion{Group:"apps", Version:"v1"}]resources :controllerrevisionsdaemonsetsdaemonsets/statusdeploymentsdeployments/scaledeployments/statusreplicasetsreplicasets/scalereplicasets/statusstatefulsetsstatefulsets/scalestatefulsets/status*****************************************************************GV string [events.k8s.io/v1]GV struct [schema.GroupVersion{Group:"events.k8s.io", Version:"v1"}]resources :events*****************************************************************GV string [events.k8s.io/v1beta1]GV struct [schema.GroupVersion{Group:"events.k8s.io", Version:"v1beta1"}]resources :events*****************************************************************GV string [authentication.k8s.io/v1]GV struct [schema.GroupVersion{Group:"authentication.k8s.io", Version:"v1"}]resources :tokenreviews*****************************************************************GV string [authorization.k8s.io/v1]GV struct [schema.GroupVersion{Group:"authorization.k8s.io", Version:"v1"}]resources :localsubjectaccessreviewsselfsubjectaccessreviewsselfsubjectrulesreviewssubjectaccessreviews*****************************************************************GV string [autoscaling/v2]GV struct [schema.GroupVersion{Group:"autoscaling", Version:"v2"}]resources :horizontalpodautoscalershorizontalpodautoscalers/status*****************************************************************GV string [autoscaling/v1]GV struct [schema.GroupVersion{Group:"autoscaling", Version:"v1"}]resources :horizontalpodautoscalershorizontalpodautoscalers/status*****************************************************************GV string [autoscaling/v2beta1]GV struct [schema.GroupVersion{Group:"autoscaling", Version:"v2beta1"}]resources :horizontalpodautoscalershorizontalpodautoscalers/status*****************************************************************GV string [autoscaling/v2beta2]GV struct [schema.GroupVersion{Group:"autoscaling", Version:"v2beta2"}]resources :horizontalpodautoscalershorizontalpodautoscalers/status*****************************************************************GV string [batch/v1]GV struct [schema.GroupVersion{Group:"batch", Version:"v1"}]resources :cronjobscronjobs/statusjobsjobs/status*****************************************************************GV string [batch/v1beta1]GV struct [schema.GroupVersion{Group:"batch", Version:"v1beta1"}]resources :cronjobscronjobs/status*****************************************************************GV string [certificates.k8s.io/v1]GV struct [schema.GroupVersion{Group:"certificates.k8s.io", Version:"v1"}]resources :certificatesigningrequestscertificatesigningrequests/approvalcertificatesigningrequests/status*****************************************************************GV string [networking.k8s.io/v1]GV struct [schema.GroupVersion{Group:"networking.k8s.io", Version:"v1"}]resources :ingressclassesingressesingresses/statusnetworkpolicies*****************************************************************GV string [policy/v1]GV struct [schema.GroupVersion{Group:"policy", Version:"v1"}]resources :poddisruptionbudgetspoddisruptionbudgets/status*****************************************************************GV string [policy/v1beta1]GV struct [schema.GroupVersion{Group:"policy", Version:"v1beta1"}]resources :poddisruptionbudgetspoddisruptionbudgets/statuspodsecuritypolicies*****************************************************************GV string [rbac.authorization.k8s.io/v1]GV struct [schema.GroupVersion{Group:"rbac.authorization.k8s.io", Version:"v1"}]resources :clusterrolebindingsclusterrolesrolebindingsroles*****************************************************************GV string [storage.k8s.io/v1]GV struct [schema.GroupVersion{Group:"storage.k8s.io", Version:"v1"}]resources :csidriverscsinodesstorageclassesvolumeattachmentsvolumeattachments/status*****************************************************************GV string [storage.k8s.io/v1beta1]GV struct [schema.GroupVersion{Group:"storage.k8s.io", Version:"v1beta1"}]resources :csistoragecapacities*****************************************************************GV string [admissionregistration.k8s.io/v1]GV struct [schema.GroupVersion{Group:"admissionregistration.k8s.io", Version:"v1"}]resources :mutatingwebhookconfigurationsvalidatingwebhookconfigurations*****************************************************************GV string [apiextensions.k8s.io/v1]GV struct [schema.GroupVersion{Group:"apiextensions.k8s.io", Version:"v1"}]resources :customresourcedefinitionscustomresourcedefinitions/status*****************************************************************GV string [scheduling.k8s.io/v1]GV struct [schema.GroupVersion{Group:"scheduling.k8s.io", Version:"v1"}]resources :priorityclasses*****************************************************************GV string [coordination.k8s.io/v1]GV struct [schema.GroupVersion{Group:"coordination.k8s.io", Version:"v1"}]resources :leases*****************************************************************GV string [node.k8s.io/v1]GV struct [schema.GroupVersion{Group:"node.k8s.io", Version:"v1"}]resources :runtimeclasses*****************************************************************GV string [node.k8s.io/v1beta1]GV struct [schema.GroupVersion{Group:"node.k8s.io", Version:"v1beta1"}]resources :runtimeclasses*****************************************************************GV string [discovery.k8s.io/v1]GV struct [schema.GroupVersion{Group:"discovery.k8s.io", Version:"v1"}]resources :endpointslices*****************************************************************GV string [discovery.k8s.io/v1beta1]GV struct [schema.GroupVersion{Group:"discovery.k8s.io", Version:"v1beta1"}]resources :endpointslices*****************************************************************GV string [flowcontrol.apiserver.k8s.io/v1beta2]GV struct [schema.GroupVersion{Group:"flowcontrol.apiserver.k8s.io", Version:"v1beta2"}]resources :flowschemasflowschemas/statusprioritylevelconfigurationsprioritylevelconfigurations/status*****************************************************************GV string [flowcontrol.apiserver.k8s.io/v1beta1]GV struct [schema.GroupVersion{Group:"flowcontrol.apiserver.k8s.io", Version:"v1beta1"}]resources :flowschemasflowschemas/statusprioritylevelconfigurationsprioritylevelconfigurations/status
运行以上代码,列出Kubernetes API Server所支持的资源组、资源版本、资源信息。首先加载kubeconfig配置信息,discovery.NewDiscoveryClientForConfig通过kubeconfig配置信息实例化discoveryClient对象,该对象是用于发现Kubernetes API Server所支持的资源组、资源版本、资源信息的客户端。
discoveryClient.ServerGroupsAndResources函数会返回Kubernetes API Server所支持的资源组、资源版本、资源信息(即APIResourceList),通过遍历APIResourceList输出信息。
1.获取Kubernetes API Server所支持的资源组、资源版本、资源信息
Kubernetes API Server暴露出/api和/apis接口。DiscoveryClient通过RESTClient分别请求/api和/apis接口,从而获取Kubernetes API Server所支持的资源组、资源版本、资源信息。其核心实现位于ServerGroupsAndResources→ServerGroups中,代码示例如下:
代码路径:vendor/k8s.io/client-go/discovery/discovery_client.go
// ServerGroups returns the supported groups, with information like supported versions and the// preferred version.func (d *DiscoveryClient) ServerGroups() (apiGroupList *metav1.APIGroupList, err error) { // Get the groupVersions exposed at /api v := &metav1.APIVersions{} err = d.restClient.Get().AbsPath(d.LegacyPrefix).Do(context.TODO()).Into(v) apiGroup := metav1.APIGroup{} if err == nil && len(v.Versions) != 0 { apiGroup = apiVersionsToAPIGroup(v) } if err != nil && !errors.IsNotFound(err) && !errors.IsForbidden(err) { return nil, err } // Get the groupVersions exposed at /apis apiGroupList = &metav1.APIGroupList{} err = d.restClient.Get().AbsPath("/apis").Do(context.TODO()).Into(apiGroupList) if err != nil && !errors.IsNotFound(err) && !errors.IsForbidden(err) { return nil, err } // to be compatible with a v1.0 server, if it's a 403 or 404, ignore and return whatever we got from /api if err != nil && (errors.IsNotFound(err) || errors.IsForbidden(err)) { apiGroupList = &metav1.APIGroupList{} } // prepend the group retrieved from /api to the list if not empty if len(v.Versions) != 0 { apiGroupList.Groups = append([]metav1.APIGroup{apiGroup}, apiGroupList.Groups...) } return apiGroupList, nil}
首先,DiscoveryClient通过RESTClient请求/api接口,将请求结果存放于metav1.APIVersions结构体中。然后,再次通过RESTClient请求/apis接口,将请求结果存放于metav1.APIGroupList结构体中。最后,将/api接口中检索到的资源组信息合并到apiGroupList列表中并返回。
2.本地缓存的DiscoveryClient
DiscoveryClient可以将资源相关信息存储于本地,默认存储位置为~/.kube/cache和~/.kube/API Server的访问压力。默认每10分钟与Kubernetes API Server同步一次,同步周期较长,因为资源组、源版本、资源信息一般很少变动。本地缓存的DiscoveryClient如图所示。
DiscoveryClient第一次获取资源组、资源版本、资源信息时,首先会查询本地缓存,如果数据不存在(没有命中)则请求Kubernetes API Server接口(回源),Cache将Kubernetes API Server响应的数据存储在本地一份并返回给DiscoveryClient。当下一次DiscoveryClient再次获取资源信息时,会将数据直接从本地缓存返回(命中)给DiscoveryClient。本地缓存的默认存储周期为10分钟。代码示例如下,代码路径:vendor/k8s.io/client-go/discovery/cached/disk/cached_discovery.go
// ServerResourcesForGroupVersion returns the supported resources for a group and version.func (d *CachedDiscoveryClient) ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error) { filename := filepath.Join(d.cacheDirectory, groupVersion, "serverresources.json") cachedBytes, err := d.getCachedFile(filename) // don't fail on errors, we either don't have a file or won't be able to run the cached check. Either way we can fallback. if err == nil { cachedResources := &metav1.APIResourceList{} if err := runtime.DecodeInto(scheme.Codecs.UniversalDecoder(), cachedBytes, cachedResources); err == nil { klog.V(10).Infof("returning cached discovery info from %v", filename) return cachedResources, nil } } liveResources, err := d.delegate.ServerResourcesForGroupVersion(groupVersion) if err != nil { klog.V(3).Infof("skipped caching discovery info due to %v", err) return liveResources, err } if liveResources == nil || len(liveResources.APIResources) == 0 { klog.V(3).Infof("skipped caching discovery info, no resources found") return liveResources, err } if err := d.writeCachedFile(filename, liveResources); err != nil { klog.V(1).Infof("failed to write cache to %v due to %v", filename, err) } return liveResources, nil}
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
发表评论
暂时没有评论,来抢沙发吧~