Kubernetes-以编程方式找出服务IP范围CIDR [英] Kubernetes - Find out service ip range CIDR programatically
问题描述
我需要一种方法来获取可在所有Kubernetes群集上使用的服务群集ip范围(作为CIDR).
I need a way to get service cluster ip range (as CIDR) that works accross all Kubernetes clusters.
我尝试了以下方法,该方法对于使用kubeadm创建的集群工作正常,因为它可以捕获apiserver pod的参数:
I tried the following, which works fine for clusters created with kubeadm as it greps arguments of apiserver pod:
$ kubectl cluster-info dump | grep service-cluster-ip-range
"--service-cluster-ip-range=10.96.0.0/12",
这不适用于所有Kubernetes集群,即gcloud
This does not work on all Kubernetes clusters, i.e. gcloud
所以问题是,以编程方式获得服务IP范围的最佳方法是什么?
So the question is, what is the best way to get service ip range programatically?
推荐答案
我认为没有办法通过K8s Api访问此类信息,但是有一个开放的问题可以解决此功能的不足: https://github.com/kubernetes/kubernetes/issues/25533 .如果您可以访问所涉及的k8s集群的etcd,则存在一个密钥,其中包含有关服务cidr范围的信息:/registry/ranges/serviceips
.您可以通过使用etcdctl获取该值(假设您具有适当的权限):etcdctl --enpoints=<your etcd> --<any authentication flags> get "/registry/ranges/serviceips" --prefix=true
.
I don't think there is a way to access such information through K8s Api, there is an open issue to address lack of this functionality: https://github.com/kubernetes/kubernetes/issues/25533 . If you have access to the etcd of the k8s cluster in question, then there is a key with information about service cidr range: /registry/ranges/serviceips
. You can get the value, by using etcdctl (assuming, you have the proper permissions): etcdctl --enpoints=<your etcd> --<any authentication flags> get "/registry/ranges/serviceips" --prefix=true
.
这篇关于Kubernetes-以编程方式找出服务IP范围CIDR的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!