1.23. KlusterletConfig API (v1alpha1)
1.23.1. 概述
本文档介绍了与 Red Hat Advanced Cluster Management for Kubernetes 的 KlusterletConfig 资源相关的 API 信息。KlusterletConfig 资源有 4 个可用的请求:create、query、delete 和 update。KlusterletConfig 包含有关 klusterlet 的配置信息,如 nodeSelector、tolerations 和 pullSecret。KlusterletConfig 是一个集群范围的资源,仅适用于 open-cluster-managemnet-agent 命名空间中的 klusterlet pod。KlusterletConfig 不会影响附加部署配置。
1.23.1.1. 版本信息
版本 : 2.12.0
1.23.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.23.1.3. Tags
- config.open-cluster-management.io : 创建和管理 KlusterletConfig
1.23.2. 路径
1.23.2.1. 查询所有 KlusterletConfig
GET /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs1.23.2.1.1. 描述
查询 KlusterletConfigs 以获取更多详细信息。
1.23.2.1.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| 标头 |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
1.23.2.1.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.23.2.1.4. 使用
-
klusterletconfig/yaml
1.23.2.1.5. Tags
- config.open-cluster-management.io
1.23.2.2. 创建 KlusterletConfig
POST /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs1.23.2.2.1. 描述
创建 KlusterletConfig。
1.23.2.2.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| 标头 |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| Body |
body | 描述要创建的 KlusterletConfig 绑定的参数。 |
1.23.2.2.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.23.2.2.4. 使用
-
klusterletconfig/yaml
1.23.2.2.5. Tags
- config.open-cluster-management.io
1.23.2.2.6. HTTP 请求示例
1.23.2.2.6.1. 请求正文
{
"apiVersion": "apiextensions.k8s.io/v1",
"kind": "CustomResourceDefinition",
"metadata": {
"annotations": {
"controller-gen.kubebuilder.io/version": "v0.7.0"
},
"creationTimestamp": null,
"name": "klusterletconfigs.config.open-cluster-management.io"
},
"spec": {
"group": "config.open-cluster-management.io",
"names": {
"kind": "KlusterletConfig",
"listKind": "KlusterletConfigList",
"plural": "klusterletconfigs",
"singular": "klusterletconfig"
},
"preserveUnknownFields": false,
"scope": "Cluster",
"versions": [
{
"name": "v1alpha1",
"schema": {
"openAPIV3Schema": {
"description": "KlusterletConfig contains the configuration of a klusterlet including the upgrade strategy, config overrides, proxy configurations etc.",
"properties": {
"apiVersion": {
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
"type": "string"
},
"kind": {
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"metadata": {
"type": "object"
},
"spec": {
"description": "Spec defines the desired state of KlusterletConfig",
"properties": {
"hubKubeAPIServerProxyConfig": {
"description": "HubKubeAPIServerProxyConfig holds proxy settings for connections between klusterlet/add-on agents on the managed cluster and the kube-apiserver on the hub cluster. Empty means no proxy settings is available.",
"properties": {
"caBundle": {
"description": "CABundle is a CA certificate bundle to verify the proxy server. It will be ignored if only HTTPProxy is set; And it is required when HTTPSProxy is set and self signed CA certificate is used by the proxy server.",
"format": "byte",
"type": "string"
},
"httpProxy": {
"description": "HTTPProxy is the URL of the proxy for HTTP requests",
"type": "string"
},
"httpsProxy": {
"description": "HTTPSProxy is the URL of the proxy for HTTPS requests HTTPSProxy will be chosen if both HTTPProxy and HTTPSProxy are set.",
"type": "string"
}
},
"type": "object"
},
"nodePlacement": {
"description": "NodePlacement enables explicit control over the scheduling of the agent components. If the placement is nil, the placement is not specified, it will be omitted. If the placement is an empty object, the placement will match all nodes and tolerate nothing.",
"properties": {
"nodeSelector": {
"additionalProperties": {
"type": "string"
},
"description": "NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.",
"type": "object"
},
"tolerations": {
"description": "Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.",
"items": {
"description": "The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.",
"properties": {
"effect": {
"description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.",
"type": "string"
},
"key": {
"description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.",
"type": "string"
},
"operator": {
"description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.",
"type": "string"
},
"tolerationSeconds": {
"description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.",
"format": "int64",
"type": "integer"
},
"value": {
"description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.",
"type": "string"
}
},
"type": "object"
},
"type": "array"
}
},
"type": "object"
},
"pullSecret": {
"description": "PullSecret is the name of image pull secret.",
"properties": {
"apiVersion": {
"description": "API version of the referent.",
"type": "string"
},
"fieldPath": {
"description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
"type": "string"
},
"kind": {
"description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"name": {
"description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
"type": "string"
},
"namespace": {
"description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/",
"type": "string"
},
"resourceVersion": {
"description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency",
"type": "string"
},
"uid": {
"description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids",
"type": "string"
}
},
"type": "object"
},
"registries": {
"description": "Registries includes the mirror and source registries. The source registry will be replaced by the Mirror.",
"items": {
"properties": {
"mirror": {
"description": "Mirror is the mirrored registry of the Source. Will be ignored if Mirror is empty.",
"type": "string"
},
"source": {
"description": "Source is the source registry. All image registries will be replaced by Mirror if Source is empty.",
"type": "string"
}
},
"required": [
"mirror"
],
"type": "object"
},
"type": "array"
}
},
"type": "object"
},
"status": {
"description": "Status defines the observed state of KlusterletConfig",
"type": "object"
}
},
"type": "object"
}
},
"served": true,
"storage": true,
"subresources": {
"status": {}
}
}
]
},
"status": {
"acceptedNames": {
"kind": "",
"plural": ""
},
"conditions": [],
"storedVersions": []
}
}1.23.2.3. 查询单个 KlusterletConfig
GET /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs/{klusterletconfig_name}1.23.2.3.1. 描述
查询单个 KlusterletConfig 获取更多详细信息。
1.23.2.3.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| 标头 |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| 路径 |
klusterletconfig_name | 要查询的 KlusterletConfig 的名称。 | 字符串 |
1.23.2.3.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.23.2.3.4. Tags
- config.open-cluster-management.io
1.23.2.4. 删除 KlusterletConfig
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs/{klusterletconfig_name}1.23.2.4.1. 描述
删除单个 klusterletconfig。
1.23.2.4.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| 标头 |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| 路径 |
klusterletconfig_name | 要删除的 KlusterletConfig 的名称。 | 字符串 |
1.23.2.4.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.23.2.4.4. Tags
- config.open-cluster-management.io
1.23.3. 定义
1.23.3.1. KlusterletConfig
| Name | 描述 | 模式 |
|---|---|---|
|
apiVersion | KlusterletConfig 的版本化模式。 | 字符串 |
|
kind | 代表 REST 资源的字符串值。 | 字符串 |
|
metadata | KlusterletConfig 的元数据。 | object |
|
spec | KlusterletConfig 的规格。 |
spec
| Name | 描述 | 模式 |
|---|---|---|
|
registry | 包括镜像和源 registry。源 registry 被镜像替代。 | registry |
|
pullSecret | 镜像 pull secret 的名称。 | object |
|
nodePlacement | 在受管集群中启用附加代理的调度控制。 | |
|
hubKubeAPIServerProxyConfig | 包含受管集群中 klusterlet 或附加代理和 hub 集群上的 kube-apiserver 之间的连接的代理设置。空表示没有可用的代理设置。 |
nodePlacement
| Name | 描述 | 模式 |
|---|---|---|
|
nodeSelector |
定义 pod 调度到运行的节点。当 | map[string]string |
|
tolerations |
应用到 pod,并使用匹配的运算符( | []corev1.Toleration |
kubeAPIServerProxyConfig
| Name | 描述 | 模式 |
|---|---|---|
|
cabundle | 用于验证代理服务器的 CA 证书捆绑包。如果只设置了 HTTPProxy,则捆绑包将被忽略。当设置 HTTPSProxy 且代理服务器使用自签名 CA 证书时,需要捆绑包。 | map[string]string |
|
httpProxy | HTTP 请求的代理的 URL | map[string]string |
|
httpsProxy | HTTPS 请求的代理的 URL。如果设置了 HTTPProxy 和 HTTPSProxy,则会选择 httpsProxy。 | map[string]string |
