如何为kubernetes api显示swagger用户界面?

uubf1zoe  于 2022-11-02  发布在  Kubernetes
关注(0)|答案(4)|浏览(319)

我安装了kubernetes使用kubeadmkube-apiserver启动成功。我的电脑的操作系统是Centos 7。命令如下:

kube-apiserver
      --advertise-address=10.211.55.9
      --allow-privileged=true
      --authorization-mode=Node,RBAC
      --client-ca-file=/etc/kubernetes/pki/ca.crt
      --enable-admission-plugins=NodeRestriction
      --enable-bootstrap-token-auth=true
      --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt
      --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
      --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
      --etcd-servers=https://127.0.0.1:2379
      --insecure-port=0
      --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
      --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key
      --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
      --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt
      --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
      --requestheader-allowed-names=front-proxy-client
      --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
      --requestheader-extra-headers-prefix=X-Remote-Extra-
      --requestheader-group-headers=X-Remote-Group
      --requestheader-username-headers=X-Remote-User
      --secure-port=6443
      --service-account-key-file=/etc/kubernetes/pki/sa.pub
      --service-cluster-ip-range=10.96.0.0/12
      --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
      --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
      --enable-swagger-ui=true
      --insecure-bind-address=0.0.0.0
      --insecure-port=8080

打开浏览器搜索http://localhost:8080/swagger-ui/,我得到了没有swagger ui的uri列表。如何显示swagger ui?

http://localhost:8080/swagger-ui/
{
  "paths": [
    "/apis",
    "/apis/",
    "/apis/apiextensions.k8s.io",
    "/apis/apiextensions.k8s.io/v1",
    "/apis/apiextensions.k8s.io/v1beta1",
    "/healthz",
    "/healthz/etcd",
    "/healthz/log",
    "/healthz/ping",
    "/healthz/poststarthook/crd-informer-synced",
    "/healthz/poststarthook/generic-apiserver-start-informers",
    "/healthz/poststarthook/start-apiextensions-controllers",
    "/healthz/poststarthook/start-apiextensions-informers",
    "/livez",
    "/livez/etcd",
    "/livez/log",
    "/livez/ping",
    "/livez/poststarthook/crd-informer-synced",
    "/livez/poststarthook/generic-apiserver-start-informers",
    "/livez/poststarthook/start-apiextensions-controllers",
    "/livez/poststarthook/start-apiextensions-informers",
    "/metrics",
    "/openapi/v2",
    "/readyz",
    "/readyz/etcd",
    "/readyz/log",
    "/readyz/ping",
    "/readyz/poststarthook/crd-informer-synced",
    "/readyz/poststarthook/generic-apiserver-start-informers",
    "/readyz/poststarthook/start-apiextensions-controllers",
    "/readyz/poststarthook/start-apiextensions-informers",
    "/readyz/shutdown",
    "/version"
  ]
}
kubernetes

4条答案

按热度按时间
bjp0bcyl

bjp0bcyl1#

打开指向Kubernetes API服务器的反向代理:

kubectl proxy --port=8080

保存Swagger文件。* 由于CORS策略,无法直接链接。*

curl localhost:8080/openapi/v2 > k8s-swagger.json

使用Swagger UI启动一个Docker容器

docker run \
    --rm \
    -p 80:8080 \
    -e SWAGGER_JSON=/k8s-swagger.json \
    -v $(pwd)/k8s-swagger.json:/k8s-swagger.json \
    swaggerapi/swagger-ui

参考:https://jonnylangefeld.com/blog/kubernetes-how-to-view-swagger-ui
如果您想充分发挥Swagger的潜力,本指南可能会帮助您:https://github.com/olivernadj/Kubernetes-REST-API-feat-Swagger-UI

赞(0)分享  回复(0)举报  2022-11-02
wtlkbnrh

wtlkbnrh2#

获取openapi json最简单的方法是:

kubectl get --raw /openapi/v2  > k8s-openapi-v2.json

现在你可以为这个json启动一个swagger-ui示例,如下所示:

docker run \
  -v $PWD/k8s-openapi-v2.json:/app/swagger.json \
  -p 8081:8080 \
  swaggerapi/swagger-ui

导航到https://本地主机:8081
你会看到一个昂首阔步的用户界面,但它相当落后,因为Kubernetes集群公开了许多API。

赞(0)分享  回复(0)举报  2022-11-02
0wi1tuuw

0wi1tuuw3#

这里有一个快速的方法来玩swagger和k8s api。
不适用于生产。

1. wget -q -O - https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
2. k3d cluster create -p "80:80@loadbalancer" -p "443:443@loadbalancer"
3. kubectl apply -f tools/swagger/swagger.yml
4. kubectl create token new-admin-sa
5. replace token in tools/swagger/swagger.yml
6. kubectl apply -f tools/swagger/swagger.yml
7. echo "127.0.0.1 kubernetes" >> /etc/hosts
8. echo "127.0.0.1 swagger-ui" >> /etc/hosts

Failed to load API definition

apiVersion: traefik.containo.us/v1alpha1
kind: ServersTransport
metadata:
  name: mytransport
spec:
  serverName: kubernetes
  insecureSkipVerify: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: testroute
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`kubernetes`)
      kind: Rule
      services:
        - kind: Service
          name: kubernetes
          port: 443
          serversTransport: mytransport
      middlewares:
        - name: test-header
    - match: Host(`swagger-ui`)
      kind: Rule
      services:
        - kind: Service
          name: swagger-ui-service
          port: 8080
      middlewares:
        - name: test-header

---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: test-header
spec:
  headers:
    customRequestHeaders:
      Authorization: "Bearer PASTE_YOUR_TOKEN_HERE"
    accessControlAllowMethods:
      - "GET"
      - "OPTIONS"
      - "PUT"
    accessControlAllowOriginList:
      - "https://kubernetes"
      - "https://swagger-ui"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: swagger-ui
  labels:
    app: swagger-ui
spec:
  replicas: 1
  selector:
    matchLabels:
      app: swagger-ui
  template:
    metadata:
      labels:
        app: swagger-ui
    spec:
      containers:
        - name: swagger-ui
          image: swaggerapi/swagger-ui
          ports:
            - containerPort: 8080
          env:
            - name: URL
              value: https://kubernetes/openapi/v2
---
apiVersion: v1
kind: Service
metadata:
  name: swagger-ui-service # a random name
spec:
  selector:  # to connect to Pod through label
    app: swagger-ui
  ports:
    - port: 8080  # service port
      protocol: TCP
      targetPort: 8080  # container port
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: new-admin-sa
  namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: new-admin-crb
subjects:
  - kind: ServiceAccount
    name: new-admin-sa
    namespace: default
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

尽情享受https://swagger-ui/
UPD:如果您看到Failed to load API definition,请打开https://kubernetes/,单击Proceed to kubernetes (unsafe),然后重试https://swagger-ui/
否则,请确保按顺序执行步骤!
清洁:k3d cluster delete

赞(0)分享  回复(0)举报  2022-11-02
jjjwad0x

jjjwad0x4#

Kubernetes API服务器通过/openapi/v2端点为OpenAPI规范提供服务。

赞(0)分享  回复(0)举报  2022-11-02
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com