다음은 kubernetes의 discovery 예시이다.




$ kubectl config view

apiVersion: v1

clusters:

- cluster:

certificate-authority-data: REDACTED

server: https://10.1.1.1:6443

name: kubernetes

...




$ kubectl get secrets

NAME                  TYPE                                  DATA      AGE

default-token-686zl   kubernetes.io/service-account-token   3         3d





$ kubectl describe secret default-token-686zl

Name:         default-token-686zl

Namespace:    default

Labels:       <none>

Annotations:  kubernetes.io/service-account.name=default

              kubernetes.io/service-account.uid=a0b98cf2-f15f-11e8-9449-fa163e9f27a5


Type:  kubernetes.io/service-account-token


Data

====

ca.crt:     1090 bytes

namespace:  7 bytes

token:      xxxx



$ export token=$(kubectl describe secret default-token-686zl |grep ^token |cut -f7 -d ' ')



$ echo $token

xxx



$ curl https://10.1.1.1:6443/apis --header "Authorization: Bearer $token" -k

{

"kind": "APIVersions",

"versions": [

"v1"

],

"serverAddressByClientCIDRs": [

{

"clientCIDR": "0.0.0.0/0",

"serverAddress": "10.1.1.1:6443"

}

]

}

...



이전 결과와 동일하다. 



$ curl https://10.128.0.3:6443/api/v1 --header "Authorization: Bearer $token" -k


{

"kind": "APIVersions",

"versions": [

"v1"

],

"serverAddressByClientCIDRs": [

{

"clientCIDR": "0.0.0.0/0",

"serverAddress": "10.1.1.1:6443"

}

]

}

...




Posted by 김용환 '김용환'