{"id":266,"date":"2022-01-24T15:56:39","date_gmt":"2022-01-24T07:56:39","guid":{"rendered":"https:\/\/www.db2go.net\/?p=266"},"modified":"2022-01-24T15:56:47","modified_gmt":"2022-01-24T07:56:47","slug":"%e4%bb%a3%e7%a0%81%e4%b8%ad%e4%bd%bf%e7%94%a8sa%e8%ae%bf%e9%97%aek8s%e9%9b%86%e7%be%a4","status":"publish","type":"post","link":"https:\/\/www.db2go.net\/?p=266","title":{"rendered":"\u4ee3\u7801\u4e2d\u4f7f\u7528sa\u8bbf\u95eek8s\u96c6\u7fa4"},"content":{"rendered":"<ol>\n<li>\u5148\u521b\u5efasa\u3001cr\u3001crb<\/li>\n<\/ol>\n<pre><code class=\"language-yaml line-numbers\">apiVersion: rbac.authorization.k8s.io\/v1\nkind: ClusterRoleBinding\nmetadata:\n  name: myk8sadmin-cluser-bigdaddy\nroleRef:\n  apiGroup: rbac.authorization.k8s.io\n  kind: ClusterRole\n  name: cluser-bigdaddy\nsubjects:\n- kind: ServiceAccount\n  name: myk8sadmin\n  namespace: default\n\n---\n\nkind: ClusterRole\napiVersion: rbac.authorization.k8s.io\/v1beta1\nmetadata:\n  name: cluser-bigdaddy\nrules:\n- apiGroups:\n  - '*'\n  resources:\n  - '*'\n  verbs:\n  - '*'\n- nonResourceURLs:\n  - '*'\n  verbs:\n  - '*'\n\n---\n\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  namespace: default\n  name: myk8sadmin\n<\/code><\/pre>\n<ol start=\"2\">\n<li>\u6839\u636esa\u83b7\u53d6\u5230token<\/li>\n<\/ol>\n<pre><code class=\"language-shell line-numbers\">kubectl get secret myk8sadmin-token-pnn48 -o jsonpath={\".data.token\"}| base64 -d\n<\/code><\/pre>\n<ol start=\"3\">\n<li>\u4ee3\u7801\u4e2d\u4f7f\u7528<\/li>\n<\/ol>\n<pre><code class=\"language-go line-numbers\">var K8sClient *kubernetes.Clientset\nfunc init() {\n    config:=&amp;rest.Config{\n        Host:\"http:\/\/apiserver\u7684\u5730\u5740:9527\",\n        BearerToken:\"\u7b2c2\u6b65\u5f97\u5230\u7684token\",\n    }\n    c,err:=kubernetes.NewForConfig(config)\n    if err!=nil{\n        log.Fatalln(err)\n    }\n    K8sClient =c\n}\n<\/code><\/pre>\n<p>\u8fd9\u4e2a\u4ee3\u7801\u662f\u7528\u7684token\u7684\u65b9\u5f0f\uff0c\u8fd8\u53ef\u4ee5\u76f4\u63a5\u4f7f\u7528kubeconfig\u7684\u65b9\u5f0f\u6765\u751f\u6210config\u3002\u5982\u4e0b\u6240\u793a\uff1a<\/p>\n<pre><code class=\"language-go line-numbers\">\/\/\u83b7\u53d6clientset\nfunc GetClient() (*kubernetes.Clientset, error) {\n    fmt.Println()\n    var err error\n    var config *rest.Config\n    var kubeconfig *string\n\n    if home := homedir.HomeDir(); home != \"\" {\n        kubeconfig = flag.String(\"kubeconfig\", filepath.Join(home, \".kube\", \"config\"), \"kubeconfig\u7684\u7edd\u5bf9\u8def\u5f84\")\n    } else {\n        kubeconfig = flag.String(\"kubeconfig\", \"\", \"absolute path to the kubeconfig file\")\n    }\n    flag.Parse()\n\n    \/\/in-cluster\u5c31\u662f\u5ba2\u6237\u7aef\u7a0b\u5e8f\u8dd1\u5728k8s\u96c6\u7fa4\u5185\uff0c\u901a\u5e38\u4f7f\u7528service account\u8fdb\u884c\u5ba2\u6237\u7aef\u521d\u59cb\u5316\u3002\n    \/\/out-of-cluster\u662f\u5ba2\u6237\u7aef\u7a0b\u5e8f\u8dd1\u5728\u96c6\u7fa4\u5916\uff0c\u901a\u8fc7kubeconfig\u6587\u4ef6\u53bb\u521d\u59cb\u5316\u5ba2\u6237\u7aef\u3002\n    \/\/\u4f7f\u7528 ServiceAccount \u521b\u5efa\u96c6\u7fa4\u914d\u7f6e\uff08InCluster\u6a21\u5f0f\uff09\n    if config, err = rest.InClusterConfig(); err != nil {\n        \/\/ \u4f7f\u7528 KubeConfig \u6587\u4ef6\u521b\u5efa\u96c6\u7fa4\u914d\u7f6e\n        if config, err = clientcmd.BuildConfigFromFlags(\"\", *kubeconfig); err != nil {\n            panic(err.Error())\n        }\n    }\n\n    \/\/ \u521b\u5efa clientset\n    clientset, err := kubernetes.NewForConfig(config)\n    if err != nil {\n        return nil,err\n    }\n    return clientset,nil\n}\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u5148\u521b\u5efasa\u3001cr\u3001crb apiVersion: rbac.authorization.k8s.io\/v1 k&hellip;<\/p>\n <a href=\"https:\/\/www.db2go.net\/?p=266\" title=\"\u4ee3\u7801\u4e2d\u4f7f\u7528sa\u8bbf\u95eek8s\u96c6\u7fa4\" class=\"entry-more-link\"><span>Read More<\/span> <span class=\"screen-reader-text\">\u4ee3\u7801\u4e2d\u4f7f\u7528sa\u8bbf\u95eek8s\u96c6\u7fa4<\/span><\/a>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"Layout":"","footnotes":""},"categories":[13,3],"tags":[],"class_list":["entry","author-suredandan","post-266","post","type-post","status-publish","format-standard","category-client-go","category-k8s"],"views":1628,"_links":{"self":[{"href":"https:\/\/www.db2go.net\/index.php?rest_route=\/wp\/v2\/posts\/266","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.db2go.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.db2go.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.db2go.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.db2go.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=266"}],"version-history":[{"count":1,"href":"https:\/\/www.db2go.net\/index.php?rest_route=\/wp\/v2\/posts\/266\/revisions"}],"predecessor-version":[{"id":267,"href":"https:\/\/www.db2go.net\/index.php?rest_route=\/wp\/v2\/posts\/266\/revisions\/267"}],"wp:attachment":[{"href":"https:\/\/www.db2go.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=266"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.db2go.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=266"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.db2go.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=266"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}