英文:
How do I programmatically connect to an AKS(Azure kubernetes service) cluster and create a K8 clientset in Golang?
问题
我正在尝试使用Golang以编程方式获取AKS集群中的所有命名空间。为此,我需要为该特定的AKS集群创建一个Kubernetes clientset,以便我可以按如下方式列出命名空间:
k8ClientSet.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
由于我需要从集群外部执行此操作,因此无法使用kube-config,并且我也无法使用Kubelogin exec插件,因为它需要在主机系统上安装,这是不可能的。即使是Azure auth插件也已被弃用。
我尝试使用Azure auth插件,尽管它已被弃用,但它还需要在Azure AD上创建一个apiserver
应用注册,这对我来说不是一个理想的解决方案。
目前,我正在尝试使用Azure提供的此API-https://learn.microsoft.com/en-us/rest/api/aks/managed-clusters/run-command?tabs=HTTP,我认为这不是最佳方法,但这是我目前所拥有的。
如果可能的话,请帮助解决这个问题并分享代码示例。
英文:
I am trying to fetch all the namespaces present in an AKS cluster programmatically using Golang for which I need to create a Kubernetes clientset for that particular AKS cluster, so that I can list the namespace as follows:
k8ClientSet.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
I will need to this from outside the cluster so kube-config cannot be used and I will not be able to use the Kubelogin exec plugin since it requires it to be installed on the host system which is not possible. Even, the azure auth plugin has been deprecated.
I tried using the Azure auth plugin although it has been deprecated but it also required creating an apiserver
app registration on host Azure AD which is not an ideal solution for me.
As of now, I am trying to use this API provided by Azure - https://learn.microsoft.com/en-us/rest/api/aks/managed-clusters/run-command?tabs=HTTP which I do not think is the best approach, but that's all I have got so far.
Pls help with the issue and share code sample, if possible.
答案1
得分: 0
我从Azure QnA论坛上得到了这个解决方案,并且它有效!
import (
"context"
"fmt"
"os"
"github.com/Azure/azure-sdk-for-go/profiles/latest/containerservice/mgmt/containerservice"
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure/auth"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
)
func main() {
// 使用Azure Active Directory身份验证获取AKS集群凭据
authorizer, err := auth.NewAuthorizerFromEnvironment()
if err != nil {
panic(err.Error())
}
subscriptionID := "<your-subscription-id>"
resourceGroupName := "<your-resource-group-name>"
clusterName := "<your-aks-cluster-name>"
client := containerservice.NewManagedClustersClient(subscriptionID)
client.Authorizer = authorizer
credentials, err := client.ListClusterAdminCredentials(context.Background(), resourceGroupName, clusterName)
if err != nil {
panic(err.Error())
}
kubeconfig := string(credentials.Kubeconfigs[0].Value)
// 创建一个Kubernetes clientset
config, err := rest.InClusterConfig()
if err != nil {
config, err = clientcmd.NewClientConfigFromBytes([]byte(kubeconfig)).ClientConfig()
if err != nil {
panic(err.Error())
}
}
clientset, err := kubernetes.NewForConfig(config)
if err != nil {
panic(err.Error())
}
// 列出AKS集群中的所有命名空间
namespaces, err := clientset.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
if err != nil {
panic(err.Error())
}
// 打印每个命名空间的名称
for _, ns := range namespaces.Items {
fmt.Println(ns.Name)
}
}
我不得不做一些修改,例如,我使用了azidentity
进行身份验证,因为azure-sdk-for-go/profiles/latest/containerservice/mgmt/containerservice
已被弃用,我不得不使用azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v2
代替。
英文:
I got this solution from Azure QnA forum and it worked!
import (
"context"
"fmt"
"os"
"github.com/Azure/azure-sdk-for-go/profiles/latest/containerservice/mgmt/containerservice"
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure/auth"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
)
func main() {
// Get the AKS cluster credentials using Azure Active Directory authentication
authorizer, err := auth.NewAuthorizerFromEnvironment()
if err != nil {
panic(err.Error())
}
subscriptionID := "<your-subscription-id>"
resourceGroupName := "<your-resource-group-name>"
clusterName := "<your-aks-cluster-name>"
client := containerservice.NewManagedClustersClient(subscriptionID)
client.Authorizer = authorizer
credentials, err := client.ListClusterAdminCredentials(context.Background(), resourceGroupName, clusterName)
if err != nil {
panic(err.Error())
}
kubeconfig := string(credentials.Kubeconfigs[0].Value)
// Create a Kubernetes clientset
config, err := rest.InClusterConfig()
if err != nil {
config, err = clientcmd.NewClientConfigFromBytes([]byte(kubeconfig)).ClientConfig()
if err != nil {
panic(err.Error())
}
}
clientset, err := kubernetes.NewForConfig(config)
if err != nil {
panic(err.Error())
}
// <span class=" active-doc-0" data-doc-items="0">List all the namespaces present in the AKS cluster[1](#doc-pos=0)</span>
namespaces, err := clientset.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{})
if err != nil {
panic(err.Error())
}
// Print the name of each namespace
for _, ns := range namespaces.Items {
fmt.Println(ns.Name)
}
}
I had to make a few modifications like instead of auth
, I used azidentity
for authentication and since azure-sdk-for-go/profiles/latest/containerservice/mgmt/containerservice
has been deprecated, I had to use azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v2
instead.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论