概述
請思考以下場景:
你們已經有了一套釋出平台,用于生産環境或者開發,測試,預釋出和生産都已經在使用了,然後你也想推廣容器平台,但是容器平台的界面和現有的釋出平台是割裂的,而且現有的資料也沒法用到容器平台,要怎麼做才能實作兩個平台的整合呢?
解決思路:
由于沒有大規模使用過容器來跑業務應用,你希望把容器平台作為測試環境,那麼你可以這樣做,把生成Dockerfile和Template的界面移到釋出平台,然後釋出平台調用openshift API來實作整合。
本文就來講講如何調用openshift API 。
擷取access token
詳細請參考上一篇文章:Openshift API Token生成方法
建立項目
請求:
curl -k -v -XPOST \
-H "Authorization: Bearer $token" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
https://example.test.com:8443/apis/project.openshift.io/v1/projectrequests \
-d "{\"kind\":\"ProjectRequest\",\"apiVersion\":\"project.openshift.io/v1\",\"metadata\":{\"name\":\"project_name\",\"creationTimestamp\":null}}"
傳回:
code: 201 #建立成功
code: 200 #ok
code: 202 #Accepted
code: 401 # unauthorized
删除項目
請求:
curl -k -v -XDELETE \
-H "Authorization: Bearer $token" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
https://example.test.com:8443/apis/project.openshift.io/v1/projects/project_name
傳回:
code: 200 # 删除成功
body:
{
"kind":"Status",
"apiVersion":"v1",
"metadata":{},
"status":"Success"
}
code: 401 # unauthorized
code: 404 # Not Found
擷取所有項目清單和每個項目中的釋出執行個體名稱
請求:
curl -k -v -XGET \
-H "Authorization: Bearer $token" \
-H "Accept: application/json" \
https://example.test.com:8443/apis/apps.openshift.io/v1/deploymentconfigs
傳回:
code: 200 #成功
body:
{
"kind": "DeploymentConfigList",
"apiVersion": "apps.openshift.io/v1",
"metadata": {
"selfLink": "/apis/apps.openshift.io/v1/deploymentconfigs",
"resourceVersion": "38784201" },
"items": [
{
"metadata": {
"name": "jenkins",
"namespace": "ci",
.......
},
{
"metadata": {
"name": "test",
"namespace": "test",
.......
},
........
]
........
}
code: 401 # unauthorized
推送鏡像到OpenShift内部鏡像庫
假如你在外面已經生成好了鏡像,然後想把鏡像推送到OpenShift内部鏡像庫。
推送鏡像(也可以調用docker的API來做,這裡采用簡單些的辦法)
⚠️openshift鏡像庫是在叢集内部,隻能采用service IP/name和端口通路,是以推送鏡像所在機器需要在叢集内。
docker login -u $user -p $access_token docker-registry.default.svc:5000 && \
docker tag $image_name:$tag docker-registry.default.svc:5000/$project/$image_name:$tag && \
docker push docker-registry.default.svc:5000/$project/$image_name:$tag
釋出鏡像
以devops-team項目中的nginx-example執行個體為例說明
請求:
curl -X POST -kv \
"https://example.test.com:8443/apis/apps.openshift.io/v1/namespaces/devops-team/deploymentconfigs/nginx-example/instantiate?pretty=true" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
-d "{ \"apiVersion\": \"apps.openshift.io/v1\", \"force\": true, \"kind\": \"DeploymentConfig\", \"latest\": true, \"name\": \"nginx-example\"}"
傳回:
code: 201 #觸發釋出成功
body:
{
"kind": "DeploymentConfig",
"apiVersion": "apps.openshift.io/v1",
"metadata": {
"name": "nginx-example",
"namespace": "devops-team",
..........
}
code: 200 # ok
code: 202 # accepted
code: 401 # unauthorized
檢視釋出狀态
要擷取上面的釋出:nginx-example的釋出狀态,就需要先擷取最近一次釋出的名稱:nginx-example-?
請求:
檢視deploymentconfi: nginx-example的資訊
curl -k -v -XGET \
-H "Authorization: Bearer $token" \
-H "Accept: application/json" \
https://example.test.com:8443/apis/apps.openshift.io/v1/namespaces/devops-team/deploymentconfigs/nginx-example
傳回:
code: 200 # 成功
body:
{
"kind": "DeploymentConfig",
"apiVersion": "apps.openshift.io/v1",
"metadata": {},
"spec": {},
"status": {
"latestVersion": 3,
"observedGeneration": 4,
"replicas": 1,
........}
}
由此可以得出最近一次的釋出名稱是nginx-example-3
code: 401 # unauthorized
擷取最近一次釋出的pod的運作狀态
請求:
curl -k -v -XGET \
-H "Accept: application/json" \
-H "Authorization: Bearer $token" \
https://example.test.com:8443/api/v1/namespaces/devops-team/pods?labelSelector=deployment=nginx-example-3,deploymentconfig=nginx-example,name=nginx-example
傳回:
code: 200 # 成功
body:
{
"kind": "PodList",
"apiVersion": "v1",
"metadata": {},
"items": [{
"metadata": {},
"spec": {},
"status": {
"phase": "Running",
"conditions": [],
"hostIP": "10.131.32.3",
"podIP": "10.129.104.40",
"startTime": "2018-11-13T09:40:10Z",
"containerStatuses": [],
"qosClass": "Burstable"}
]}
}
由此可以得出pod運作狀态為Running,pod已經在跑了,
如果狀态是Failed,說明釋出失敗了,
如果是Waiting,說明在等待。
code: 401 # unauthorized
導入模版
實作web-console裡面的import template功能需要分兩步,第一步要把template檔案轉成對象為List的各個Resource對象,第二步是建立生成的各個Resource。
要實作第一個API要送出的參數非常多,包含了template中所有的參數,是以我們繞過第一步,直接生成各個Resource對象的json或yaml格式的内容,然後調用相關的API建立對象。
下面舉例說如何建立各個對象。
建立Service對象
請求:
curl -k -v -XPOST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
https://example.test.com:8443/api/v1/namespaces/demo-au/services \
-d "{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{"description":"Exposes and load balances the application pods"},"labels":{"template":"demo-au"},"name":"demo-au","namespace":"demo-au"},"spec":{"ports":[{"name":"nginx","port":80,"targetPort":80}],"selector":{"name":"demo-au"}}}"
傳回:
code: 201 #建立成功
code: 409 #對象已經存在
code: 401 # unauthorized
建立Route對象
請求:
curl -k -v -XPOST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
https://example.test.com:8443/oapi/v1/namespaces/demo-au/routes \
-d "{"apiVersion":"v1","kind":"Route","metadata":{.......}}"
傳回:
code: 201 #建立成功
code: 409 #對象已經存在
code: 401 # unauthorized
建立imagestream對象
請求:
curl -k -v -XPOST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
https://example.test.com:8443/oapi/v1/namespaces/demo-au/imagestreams \
-d "{"apiVersion":"v1","kind":"ImageStream","metadata":{.......}}"
傳回:
code: 201 #建立成功
code: 409 #對象已經存在
code: 401 # unauthorized
建立deploymentconfig對象
請求:
curl -k -v -XPOST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
https://example.test.com:8443/oapi/v1/namespaces/demo-au/deploymentconfigs \
-d "{"apiVersion":"v1","kind":"DeploymentConfig","metadata":{.......}}"
傳回:
code: 201 #建立成功
code: 409 #對象已經存在
code: 401 # unauthorized
建立secret對象
請求:
curl -k -v -XPOST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $token" \
https://example.test.com:8443/api/v1/namespaces/demo-au/secrets \
-d "{"apiVersion":"v1","kind":"Secret","metadata":{.......}}"
傳回:
code: 201 #建立成功
code: 409 #對象已經存在
code: 401 # unauthorized
更多容器技術請關注公衆号:
![Vue學習記錄-- v-cloak,v-text,v-html,v-bind,v-on的基本使用[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)