红帽全球峰会1.13. MultiClusterHub API
1.13.1. 概述
本文档介绍了与 Red Hat Advanced Cluster Management for Kubernetes 的 MultiClusterHub 资源相关的 API 信息。MultiClusterHub 资源有 4 个可用的请求:create、query、delete 和 update。
1.13.1.1. 版本信息
版本 : 2.6.0
1.13.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.13.1.3. Tags
- multiclusterhubs.operator.open-cluster-management.io : 创建和管理多集群 hub operator
1.13.2. 路径
1.13.2.1. 创建 MultiClusterHub 资源
POST /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/mch1.13.2.1.1. 描述
创建一个 MultiClusterHub 资源来定义 multicluster hub 实例的配置。
1.13.2.1.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| Header |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| 路径 |
namespace | 要使用的命名空间,如 default。 | 字符串 |
| Body |
body | 描述要创建的 multicluster hub 的参数。 |
1.13.2.1.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.13.2.1.4. 使用
-
multiclusterhubs/yaml
1.13.2.1.5. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.13.2.1.6. HTTP 请求示例
1.13.2.1.6.1. 请求正文
{
"apiVersion": "apiextensions.k8s.io/v1",
"kind": "CustomResourceDefinition",
"metadata": {
"name": "multiclusterhubs.operator.open-cluster-management.io"
},
"spec": {
"group": "operator.open-cluster-management.io",
"names": {
"kind": "MultiClusterHub",
"listKind": "MultiClusterHubList",
"plural": "multiclusterhubs",
"shortNames": [
"mch"
],
"singular": "multiclusterhub"
},
"scope": "Namespaced",
"versions": [
{
"additionalPrinterColumns": [
{
"description": "The overall status of the multicluster hub.",
"jsonPath": ".status.phase",
"name": "Status",
"type": "string"
},
{
"jsonPath": ".metadata.creationTimestamp",
"name": "Age",
"type": "date"
}
],
"name": "v1",
"schema": {
"openAPIV3Schema": {
"description": "MultiClusterHub defines the configuration for an instance of
the multiCluster hub.",
"properties": {
"apiVersion": {
"description": "APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
"type": "string"
},
"kind": {
"description": "Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. The value is in CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"metadata": {
"type": "object"
},
"spec": {
"description": "MultiClusterHubSpec defines the desired state of MultiClusterHub.",
"properties": {
"availabilityConfig": {
"description": "Specifies deployment replication for improved availability.
Options are: Basic and High (default).",
"type": "string"
},
"customCAConfigmap": {
"description": "Provide the customized OpenShift default ingress CA certificate
to {product-title-short}.",
}
"type": "string"
},
"disableHubSelfManagement": {
"description": "Disable automatic import of the hub cluster as a managed
cluster.",
"type": "boolean"
},
"disableUpdateClusterImageSets": {
"description": "Disable automatic update of ClusterImageSets.",
"type": "boolean"
},
"hive": {
"description": "(Deprecated) Overrides for the default HiveConfig specification.",
"properties": {
"additionalCertificateAuthorities": {
"description": "(Deprecated) AdditionalCertificateAuthorities is
a list of references to secrets in the 'hive' namespace that
contain an additional Certificate Authority to use when communicating
with target clusters. These certificate authorities are
used in addition to any self-signed CA generated by each cluster
on installation.",
"items": {
"description": "LocalObjectReference contains the information
to let you locate the referenced object inside the same namespace.",
"properties": {
"name": {
"description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"backup": {
"description": "(Deprecated) Backup specifies configuration for backup
integration. If absent, backup integration is disabled.",
"properties": {
"minBackupPeriodSeconds": {
"description": "(Deprecated) MinBackupPeriodSeconds specifies
that a minimum of MinBackupPeriodSeconds occurs in between
each backup. This is used to rate limit backups. This potentially
batches together multiple changes into one backup. No backups
are lost for changes that happen during the interval
that is queued up, and results in a backup once
the interval has been completed.",
"type": "integer"
},
"velero": {
"description": "(Deprecated) Velero specifies configuration for the Velero backup integration.",
"properties": {
"enabled": {
"description": "(Deprecated) Enabled dictates if the Velero backup integration is enabled. If not specified, the default is disabled.",
"type": "boolean"
}
},
"type": "object"
}
},
"type": "object"
},
"externalDNS": {
"description": "(Deprecated) ExternalDNS specifies configuration for external-dns if it is to be deployed by Hive. If absent, external-dns is not deployed.",
"properties": {
"aws": {
"description": "(Deprecated) AWS contains AWS-specific settings for external DNS.",
"properties": {
"credentials": {
"description": "(Deprecated) Credentials reference a secret that is used to authenticate with AWS Route53. It needs permission to manage entries in each of the managed domains for this cluster. Secret should have AWS keys named 'aws_access_key_id' and 'aws_secret_access_key'.",
"properties": {
"name": {
"description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
},
"gcp": {
"description": "(Deprecated) GCP contains Google Cloud Platform specific settings for external DNS.",
"properties": {
"credentials": {
"description": "(Deprecated) Credentials reference a secret that is used to authenticate with GCP DNS. It needs permission to manage entries in each of the managed domains for this cluster. Secret should have a key names 'osServiceAccount.json'. The credentials must specify the project to use.",
"properties": {
"name": {
"description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
}
},
"type": "object"
},
"failedProvisionConfig": {
"description": "(Deprecated) FailedProvisionConfig is used to configure settings related to handling provision failures.",
"properties": {
"skipGatherLogs": {
"description": "(Deprecated) SkipGatherLogs disables functionality that attempts to gather full logs from the cluster if an installation fails for any reason. The logs are stored in a persistent volume for up to seven days.",
"type": "boolean"
}
},
"type": "object"
},
"globalPullSecret": {
"description": "(Deprecated) GlobalPullSecret is used to specify a pull secret that is used globally by all of the cluster deployments. For each cluster deployment, the contents of GlobalPullSecret are merged with the specific pull secret for a cluster deployment(if specified), with precedence given to the contents of the pull secret for the cluster deployment.",
"properties": {
"name": {
"description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
"type": "string"
}
},
"type": "object"
},
"maintenanceMode": {
"description": "(Deprecated) MaintenanceMode can be set to true to disable the Hive controllers in situations where you need to ensure nothing is running that adds or act upon finalizers on Hive types. This should rarely be needed. Sets replicas to zero for the 'hive-controllers' deployment to accomplish this.",
"type": "boolean"
}
},
"required": [
"failedProvisionConfig"
],
"type": "object"
},
"imagePullSecret": {
"description": "Override pull secret for accessing MultiClusterHub operand and endpoint images.",
"type": "string"
},
"ingress": {
"description": "Configuration options for ingress management.",
"properties": {
"sslCiphers": {
"description": "List of SSL ciphers enabled for management ingress. Defaults to full list of supported ciphers.",
"items": {
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"nodeSelector": {
"additionalProperties": {
"type": "string"
},
"description": "Set the node selectors..",
"type": "object"
},
"overrides": {
"description": "Developer overrides.",
"properties": {
"imagePullPolicy": {
"description": "Pull policy of the multicluster hub images.",
"type": "string"
}
},
"type": "object"
},
"separateCertificateManagement": {
"description": "(Deprecated) Install cert-manager into its own namespace.",
"type": "boolean"
}
},
"type": "object"
},
"status": {
"description": "MulticlusterHubStatus defines the observed state of MultiClusterHub.",
"properties": {
"components": {
"additionalProperties": {
"description": "StatusCondition contains condition information.",
"properties": {
"lastTransitionTime": {
"description": "LastTransitionTime is the last time the condition changed from one status to another.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "Message is a human-readable message indicating\ndetails about the last status change.",
"type": "string"
},
"reason": {
"description": "Reason is a (brief) reason for the last status change of the condition.",
"type": "string"
},
"status": {
"description": "Status is the status of the condition. One of True, False, Unknown.",
"type": "string"
},
"type": {
"description": "Type is the type of the cluster condition.",
"type": "string"
}
},
"type": "object"
},
"description": "Components []ComponentCondition `json:\"manifests,omitempty\"`",
"type": "object"
},
"conditions": {
"description": "Conditions contain the different condition statuses for the MultiClusterHub.",
"items": {
"description": "StatusCondition contains condition information.",
"properties": {
"lastTransitionTime": {
"description": "LastTransitionTime is the last time the condition changed from one status to another.",
"format": "date-time",
"type": "string"
},
"lastUpdateTime": {
"description": "The last time this condition was updated.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "Message is a human-readable message indicating details about the last status change.",
"type": "string"
},
"reason": {
"description": "Reason is a (brief) reason for the last status change of the condition.",
"type": "string"
},
"status": {
"description": "Status is the status of the condition. One of True, False, Unknown.",
"type": "string"
},
"type": {
"description": "Type is the type of the cluster condition.",
"type": "string"
}
},
"type": "object"
},
"type": "array"
},
"currentVersion": {
"description": "CurrentVersion indicates the current version..",
"type": "string"
},
"desiredVersion": {
"description": "DesiredVersion indicates the desired version.",
"type": "string"
},
"phase": {
"description": "Represents the running phase of the MultiClusterHub",
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
}
},
"served": true,
"storage": true,
"subresources": {
"status": {}
}
}
]
}
}1.13.2.2. 查询所有 MultiClusterHubs
GET /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator1.13.2.2.1. 描述
查询您的 multicluster hub operator 以获取更多详细信息。
1.13.2.2.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| Header |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| 路径 |
namespace | 要使用的命名空间,如 default。 | 字符串 |
1.13.2.2.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.13.2.2.4. 使用
-
operator/yaml
1.13.2.2.5. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.13.2.3. 查询 MultiClusterHub operator
GET /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator/{multiclusterhub_name}1.13.2.3.1. 描述
查询单个 multicluster hub operator 以获取更多详细信息。
1.13.2.3.2. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| Header |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| 路径 |
application_name | 您要查询的应用程序的名称。 | 字符串 |
| 路径 |
namespace | 要使用的命名空间,如 default。 | 字符串 |
1.13.2.3.3. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.13.2.3.4. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.13.2.4. 删除 MultiClusterHub operator
DELETE /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator/{multiclusterhub_name}1.13.2.4.1. 参数
| 类型 | Name | 描述 | 模式 |
|---|---|---|---|
| Header |
COOKIE | 身份验证:Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN 是用户访问令牌。 | 字符串 |
| 路径 |
application_name | 要删除的 multicluster hub Operator 的名称。 | 字符串 |
| 路径 |
namespace | 要使用的命名空间,如 default。 | 字符串 |
1.13.2.4.2. 响应
| HTTP 代码 | 描述 | 模式 |
|---|---|---|
| 200 | 成功 | 无内容 |
| 403 | 禁止访问 | 无内容 |
| 404 | 未找到资源 | 无内容 |
| 500 | 内部服务错误 | 无内容 |
| 503 | 服务不可用 | 无内容 |
1.13.2.4.3. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.13.3. 定义
1.13.3.1. multicluster hub operator
| Name | 描述 | 模式 |
|---|---|---|
|
apiVersion | MultiClusterHub 的版本化模式。 | 字符串 |
|
kind | 代表 REST 资源的字符串值。 | 字符串 |
|
metadata | 描述定义资源的规则。 | 对象 |
|
spec | 资源规格。 |
spec
| availabilityConfig 可选 | 指定部署复制以提高可用性。默认值为 High。 | 字符串 |
|---|---|---|
|
customCAConfigmap | 为 Red Hat Advanced Cluster Management 提供自定义的 OpenShift 默认入口 CA 证书。 | 字符串 |
|
disableHubSelfManagement | 禁用自动导入 hub 集群作为受管集群。 | 布尔值 |
|
disableUpdateClusterImageSets | 禁用 ClusterImageSets 的自动更新。 | 布尔值 |
|
hive | (已弃用)用于覆盖默认 HiveConfig 规格的对象。 | |
|
imagePullSecret | 覆盖用于访问 MultiClusterHub 操作对象和端点镜像的 pull secret。 | 字符串 |
|
ingress | 入口管理的配置选项。 | |
|
nodeSelector | 设置节点选择器。 | 字符串 |
|
separateCertificateManagement |
(已弃用)将 | 布尔值 |
hive
| additionalCertificateAuthorities 可选 | (已弃用)到 hive 命名空间中的 secret 的引用列表,它包含了在与目标集群通信时要使用的额外证书颁发机构(CA)。除了安装时每个集群生成的任何自签名 CA 外,这些证书颁发机构也被使用。 | 对象 |
|---|---|---|
|
backup | (已弃用)指定备份集成的配置。如果没有,则禁用备份集成。 | |
|
externalDNS |
(已弃用)如果要由 Hive 部署,指定 | 对象 |
|
failedProvisionConfig | (已弃用)用于配置与处理调配失败相关的设置。 | |
|
globalPullSecret |
(已弃用)用于指定供所有集群部署全局使用的 pull secret。对于每个集群部署, | 对象 |
|
maintenanceMode |
(已弃用)在您需要确保没有运行任何会在 Hive 类型的 finalizer 上进行添加或操作时,可以使用它来禁用 hive 控制器。这应该很少需要。将 | 布尔值 |
Ingress
| sslCiphers 可选 | 为管理入口启用的 SSL 密码列表。默认为所支持密码的完整列表。 | 字符串 |
|---|
backup
| minBackupPeriodSeconds 可选 | (已弃用)指定在每个备份之间的最小 MinBackupPeriodSeconds 。这用于对备份进行比率限制。这可能会将多个更改组合到一个备份中。因为在这一时间段内发生的更改会被放入排队,在备份间隔时间后这些队列中的更改会被备份,因此不会丢失备份数据。 | 整数 |
|---|---|---|
|
velero | (已弃用)Velero 指定 Velero 备份集成的配置。 | 对象 |
failedProvisionConfig
| skipGatherLogs 可选 | (已弃用)当安装因为任何原因失败时,禁用尝试从集群收集完整日志的功能。日志会存储在持久卷中,并最多存储七天。 | 布尔值 |
|---|
status
| components 可选 | 状态配置的组件。 | 对象 |
|---|---|---|
|
conditions | 包含 multicluster hub 的不同条件。 | |
|
desiredVersion | 表示所需的版本。 | 字符串 |
|
phase |
代表 MultiClusterHub 资源的活跃阶段。用于此参数的值包括: | 字符串 |
conditions
| lastTransitionTime 可选 | 条件从一个状态变为另一个状态的最后一次的时间。 | 字符串 |
|---|---|---|
|
lastUpdateTime | 最后一次更新此条件的时间。 | 字符串 |
|
message | Message 是人类可读的消息,表示关于上次状态更改的详细信息。 | 字符串 |
|
reason | 条件发生状态更改的原因。 | 字符串 |
|
status | 条件的状态。 | 字符串 |
|
type | 集群条件的类型。 | 字符串 |
StatusConditions
| kind 必需 | 代表此状态的资源 kind。 | 字符串 |
|---|---|---|
|
available | 指明此组件是否在正确运行。 | 布尔值 |
|
lastTransitionTime | 条件从一个状态变为另一个状态的最后一次的时间。 | metav1.time |
|
lastUpdateTime | 最后一次更新此条件的时间。 | metav1.time |
|
message | Message 是人类可读的消息,表示关于上次状态更改的详细信息。 | 字符串 |
|
reason | 条件发生状态更改的原因。 | 字符串 |
|
status | 条件的状态。 | 字符串 |
|
type | 集群条件的类型。 | 字符串 |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}