Kubernetes Documentation¶
Note
This Kubernetes driver will be subject to change from community feedback. How to map the core assets (pods, clusters) to API entities will be subject to testing and further community feedback.
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of “labels” and “pods”, it groups the containers which make up an application into logical units for easy management and discovery.
Authentication¶
Authentication currently supported with the following methods:
- Client certificate auth (recommended) - https://kubernetes.io/docs/reference/access-authn-authz/authentication/#x509-client-certs
- Bearer token auth - https://kubernetes.io/docs/reference/access-authn-authz/authentication/#static-token-file
- Basic HTTP Authentication (deprecated) - https://kubernetes.io/docs/reference/access-authn-authz/authentication/#static-password-file
- No authentication (testing only)
Instantiating the driver¶
from libcloud.container.types import Provider
from libcloud.container.providers import get_driver
cls = get_driver(Provider.KUBERNETES)
# 1. Client side cert auth
conn = cls(
host="192.168.99.103",
port=8443,
secure=True,
key_file="/home/user/.minikube/client.key",
cert_file="/home/user/.minikube/client.crt",
ca_cert="/home/user/.minikube/ca.crt",
)
# 2. Bearer bootstrap token auth
conn = cls(key="my_token", host="126.32.21.4", ex_token_bearer_auth=True)
# 3. Basic auth
conn = cls(key="my_username", secret="THIS_IS)+_MY_SECRET_KEY+I6TVkv68o4H", host="126.32.21.4")
for container in conn.list_containers():
print(container.name)
for cluster in conn.list_clusters():
print(cluster.name)
Instantiating the driver (minikube installation - cert file auth)¶
This example shows how to connect to a local minikube Kubernetes cluster which utilizes certifcate based authentication.
import libcloud.security
from libcloud.container.types import Provider
from libcloud.container.providers import get_driver
# Disable cert vertification when running minikube locally using self signed
# cert
libcloud.security.VERIFY_SSL_CERT = False
cls = get_driver(Provider.KUBERNETES)
# You can retrieve cluster ip by running "minikube ip" command
conn = cls(
host="192.168.99.103",
port=8443,
secure=True,
key_file="/home/user/.minikube/client.key",
cert_file="/home/user/.minikube/client.crt",
ca_cert="/home/user/.minikube/ca.crt",
)
for container in conn.list_containers():
print(container.name)
for cluster in conn.list_clusters():
print(cluster.name)
Instantiating the driver (minikube installation - basic auth)¶
This example shows how to connect to a local minikube Kubernetes cluster which utilizes basic auth authentication.
When using basic auth, you need to start the minikube as shown below.
$ cat users.csv
pass123,user1,developers
# Mount a share with a local users file
minikube mount /home/libcloud/users.csv:/var/lib/docker/users.csv
# Start miniube
minikube --extra-config=apiserver.basic-auth-file=/var/lib/docker/users.csv start
import libcloud.security
from libcloud.container.types import Provider
from libcloud.container.providers import get_driver
# Disable cert vertification when running minikube locally using self signed
# cert
libcloud.security.VERIFY_SSL_CERT = False
cls = get_driver(Provider.KUBERNETES)
# You can retrieve cluster ip by running "minikube ip" command
conn = cls(key="user1", secret="pass123", host="192.168.99.100", port=8443, secure=True)
for container in conn.list_containers():
print(container.name)
for cluster in conn.list_clusters():
print(cluster.name)
Docker Hub Client HubClient
is a shared utility class for interfacing to the public Docker Hub Service.
You can use this class for fetching images to deploy to services like ECS
from libcloud.container.types import Provider
from libcloud.container.providers import get_driver
from libcloud.container.utils.docker import HubClient
cls = get_driver(Provider.KUBERNETES)
conn = cls(key="my_username", secret="THIS_IS)+_MY_SECRET_KEY+I6TVkv68o4H", host="126.32.21.4")
hub = HubClient()
image = hub.get_image("ubuntu", "latest")
for cluster in conn.list_clusters():
print(cluster.name)
if cluster.name == "default":
container = conn.deploy_container(cluster=cluster, name="my-simple-app", image=image)
API Docs¶
-
class
libcloud.container.drivers.kubernetes.
KubernetesContainerDriver
(key=None, secret=None, secure=False, host='localhost', port=4243, key_file=None, cert_file=None, ca_cert=None, ex_token_bearer_auth=False)[source]¶ Parameters: - key (
str
) – API key or username to be used (required) - secret (
str
) – Secret password to be used (required) - secure (
bool
) – Whether to use HTTPS or HTTP. Note: Some providers only support HTTPS, and it is on by default. - host (
str
) – Override hostname used for connections. - port (
int
) – Override port used for connections. - key_file (
str
) – Path to the key file used to authenticate (when using key file auth). - cert_file (
str
) – Path to the cert file used to authenticate (when using key file auth). - ex_token_bearer_auth (
bool
) – True to use token bearer auth.
Returns: None
-
connectionCls
¶ alias of
libcloud.common.kubernetes.KubernetesBasicAuthConnection
-
create_cluster
(name, location=None)¶ Create a container cluster
Parameters: - name (
str
) – The name of the cluster - location (
ClusterLocation
) – The location to create the cluster in
Return type: - name (
-
create_namespace
(name: str) → libcloud.container.drivers.kubernetes.KubernetesNamespace[source]¶ Create a namespace
Parameters: name ( str
) – The name of the namespaceReturn type: KubernetesNamespace
-
delete_namespace
(namespace: libcloud.container.drivers.kubernetes.KubernetesNamespace) → bool[source]¶ Delete a namespace
Returns: True
if the destroy was successful, otherwiseFalse
.Return type: bool
-
deploy_container
(name: str, image: libcloud.container.base.ContainerImage, namespace: libcloud.container.drivers.kubernetes.KubernetesNamespace = None, parameters: Optional[str] = None, start: Optional[bool] = True)[source]¶ Deploy an installed container image. In kubernetes this deploys a single container Pod. https://cloud.google.com/container-engine/docs/pods/single-container
Parameters: - name (
str
) – The name of the new container - image (
ContainerImage
) – The container image to deploy - namespace (
KubernetesNamespace
) – The namespace to deploy to, None is default - parameters (
str
) – Container Image parameters(unused) - start (
bool
) – Start the container on deployment(unused)
Return type: - name (
-
destroy_cluster
(cluster)¶ Delete a cluster
Returns: True
if the destroy was successful, otherwiseFalse
.Return type: bool
-
destroy_container
(container: libcloud.container.base.Container) → bool[source]¶ Destroy a deployed container. Because the containers are single container pods, this will delete the pod.
Parameters: container ( Container
) – The container to destroyReturn type: bool
-
ex_destroy_node
(node_name: str) → bool[source]¶ Destroy a node.
Parameters: node_name ( str
) – Name of the node to destroyReturn type: bool
-
ex_destroy_pod
(namespace: str, pod_name: str) → bool[source]¶ Delete a pod and the containers within it.
Parameters: - namespace (
str
) – The pod’s namespace - pod_name (
str
) – Name of the pod to destroy
Return type: bool
- namespace (
-
ex_list_deployments
() → List[libcloud.container.drivers.kubernetes.KubernetesDeployment][source]¶ Get cluster deployments
Return type: list
ofKubernetesDeployment
-
ex_list_nodes
() → List[libcloud.compute.base.Node][source]¶ List available Nodes
Return type: list
ofNode
-
ex_list_nodes_metrics
() → List[Dict[str, Any]][source]¶ Get nodes metrics from Kubernetes Metrics Server
Return type: list
ofdict
-
ex_list_pods
(fetch_metrics: bool = False) → List[libcloud.container.drivers.kubernetes.KubernetesPod][source]¶ List available Pods
Parameters: fetch_metrics ( bool
) – Fetch metrics for podsReturn type: list
ofKubernetesPod
-
ex_list_pods_metrics
() → List[Dict[str, Any]][source]¶ Get pods metrics from Kubernetes Metrics Server
Return type: list
ofdict
-
get_cluster
(id)¶ Get a cluster by ID
Parameters: id ( str
) – The ID of the cluster to getReturn type: ContainerCluster
-
get_container
(id: str) → libcloud.container.base.Container[source]¶ Get a container by ID
Parameters: id ( str
) – The ID of the container to getReturn type: libcloud.container.base.Container
-
get_namespace
(id: str) → libcloud.container.drivers.kubernetes.KubernetesNamespace[source]¶ Get a namespace by ID
Parameters: id ( str
) – The ID of the namespace to getReturn type: KubernetesNamespace
-
install_image
(path)¶ Install a container image from a remote path.
Parameters: path ( str
) – Path to the container imageReturn type: ContainerImage
-
list_clusters
(location=None)¶ Get a list of potential locations to deploy clusters into
Parameters: location ( ClusterLocation
) – The location to search inReturn type: list
ofContainerCluster
-
list_containers
(image=None, all=True) → List[libcloud.container.base.Container][source]¶ List the deployed container images
Parameters: - image (
libcloud.container.base.ContainerImage
) – Filter to containers with a certain image(unused) - all (
bool
) – Show all container (unused)
Return type: - image (
-
list_images
()¶ List the installed container images
Return type: list
ofContainerImage
-
list_locations
()¶ Get a list of potential locations to deploy clusters into
Return type: list
ofClusterLocation
-
list_namespaces
() → List[libcloud.container.drivers.kubernetes.KubernetesNamespace][source]¶ Get a list of namespaces that pods can be deployed into
Return type: list
ofKubernetesNamespace
-
restart_container
(container)¶ Restart a deployed container
Parameters: container ( Container
) – The container to restartReturn type: Container
- key (