Opensourcetechブログ

OpensourcetechによるNGINX/Kubernetes/Zabbix/Neo4j/Linuxなどオープンソース技術に関するブログです。

Kubernetes API-Serverへkubectlではなく、curl(http api)でアクセスをする方法


LinuCエヴァンジェリストの鯨井貴博@opensourcetechです。

今回は、Kubernetesでkubectlコマンドではなく、curl(http api)を使ってアクセスする方法の紹介です。


はじめに
kubernetesでは、Pod(コンテナ)などの状態をkubectlコマンドで取得しますが、
クラスターの内部ではAPI-Serve経由で通信が行われています。
f:id:opensourcetech:20211202194617p:plain

この代わりに、apiのURLを直接指定することで同様のことを実施することが可能です。



認証情報の準備
では、kubectlで情報を取得するときにはどこにある認証情報が使われているかというと、
kubectlを実行するユーザのホームディレクトリにある "config"ファイルの
パラメータが使われます。
・certificate-authority-data
・client-certificate-data
・client-key-data

具体例で示すと、以下です。

kubeuser@kubemaster1:~$ ls $HOME/.kube
cache  config  http-cache
kubeuser@kubemaster1:~$ cat $HOME/.kube/config
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1USXdNVEV4TWpJeE5sb1hEVE14TVRFeU9URXhNakl4Tmxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTnJ0CkZFVFVjbitnZjh3T3RPNFFkdmFhNmtzV1hQSk5nckdGbkUrcGtLU2hEU3ZVYXFOcGEvU3J6Zyt6R2JYZXliRTIKdjh0Z242Z0RWVGcwd24vZXR1YVJZc2N1SDVFcnFTamdUbFpRRUo3THpnR2p2OTM2UzRjVCtXdjYrK3pJL2lKcgpFS0lYRWIyVHFvWkpnZEhKVGNHbCsrdjdBYWwvNUdTZWE0SmhjRit5TXRsWFo5NE1ORko2VHp3YyswTVo2VDhkCnVQNjRlWHgvdEtXeDMrdG8ydElCR01jU3hqZDNhTE04bXRLWVo1SzdNTHRuM2hKR0xxM05nb0psdVRub1lWQm8KbVZYVTIrTDFSYnJSS3RmdmIwRWZRNnUwcnFCazNSN0l5MHJRNkl6a1kyVUoxdUNKNVV5UWRvczhjUXdrRlFWdgpLK1UrV2NEanVwbDVPRDhla1ZzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFa0hmRjJmMTl3dmRYQ3hIdVhWZHVNVHVFWTkKaGU4TXZUQTlValhpTm1HWUZYSDQrZW53WGlLL3FOTEh4WUVhR2RLOTJhWGJmcFlGVG5BSkx6cDA4VzFNSTk3WgpoMFVLUVdsWTl2elhPalZLTjEwZnBkY1A5eThvVk0wSWhtWXdDbk9nZmdpRFdtM1QxL2dWbi9lL09xTWlsMmN4CjFjV2ZBeDlpRjlDVVA0ek5WbkUwUlNLQTI5c09TQS9nMEY2a3N0bTlHVmV3enlIZlZaalZUUVFGdEIxbHJTRFMKeitCQ0RFcERmOEFmejhZOXAwVHNESkFsQm5WempKZEhFcnV3TlUzSmVIUDcwZnB1QUtTYmZpT2J0ajBpVDVKMgpuZ1lhUDJVTitJSzYxUHFCb3ZIT3pNeE0rb0ZLODIyTlkvRXJyaEZGdVBJb1FKbEVGNkRPN0IrVUFGQT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
    server: https://k8smaster1:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJWDNtZXU5K0s4UFV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TVRFeU1ERXhNVEl5TVRaYUZ3MHlNakV5TURFeE1USXlNakJhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXRuR3ByOVgxTUtMbVhhc04KUHRLOFUyZTdTNFFqb2V5UXdQSTdTSjVvQktFSGpSZDFkNUFRRXFUajRpbFlpODVydnJDRzZXVC84RW00eFQxdgpIYk1EbWdDMXNxVWVINjF0THpQOElkOEtJUjJyRGZFQk9TL3U4RnlVeUpQZyt5VENOaVJXWTZ5U21sL2NaVVFNClNtbDdXVDJPVmtNdzlCa3ZEcTNjRjMxRFdWVkRHS0l0dENxcEZ3d1B1WHE2N0xoNnhHLzlpK05UYVN0YVlPcU8KY2xORXNxQ1NoMVdVUkNiZWtma0k0OFRkTGdZd0dJL3lVV2xpbGEyRzUzOVRSVkEvc2pJVHpSbHVsZXVJY21hcQpvWGJiTThKTTF0UmF2MkJXRTZGbVY0NnFFdjJvMVBWL1kzZFF3Z054V0JJcWZ5NnVzZ2ZoejVuakd2K3BYUlZqClpHaHpzd0lEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFCNitkSndvZ1pNdDJkVHlFdkp3aXhwcnE1U1Rvb3BmRUdISwo5L1loWWtDbmhKY0FSUGg3VXU5bW1yS3VsVWlka2N2SExRaGlFWEMxRzBLbWUyTkNHdGRJQ0V6cHJtbEExOGlvCmlEU2NVR2RqRnpBNkVqMjZFcUQvaVpkZHkxQWtXVlRZT2owKzRSUWVEWE5xa1FnL3FWNStURGpUb0NRNVdrZ0kKQ2lhU3hlTmxSZXc1WmVlTXo2WjU0bGhvcDNTcWlvaVFnbkM1U3dTbENQOEk3NENLVG9RYXNxcEtPSk5HR2JCMgpwRmtQOEJwWXYxTXlpYVgxKzVBYUhHaGVVR29PcG5VaU5RQ3E0ZktBUW94K04rTEl3OWJRdTBPSCsvVmJOdzRzCkYrcG5SRXZ1WG9zTFY3aVBMQXNNSHpHOUpOczhqcFdMZHR1ekpXSG5MQ0Fhb2lMUGNPVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBdG5HcHI5WDFNS0xtWGFzTlB0SzhVMmU3UzRRam9leVF3UEk3U0o1b0JLRUhqUmQxCmQ1QVFFcVRqNGlsWWk4NXJ2ckNHNldULzhFbTR4VDF2SGJNRG1nQzFzcVVlSDYxdEx6UDhJZDhLSVIyckRmRUIKT1MvdThGeVV5SlBnK3lUQ05pUldZNnlTbWwvY1pVUU1TbWw3V1QyT1ZrTXc5Qmt2RHEzY0YzMURXVlZER0tJdAp0Q3FwRnd3UHVYcTY3TGg2eEcvOWkrTlRhU3RhWU9xT2NsTkVzcUNTaDFXVVJDYmVrZmtJNDhUZExnWXdHSS95ClVXbGlsYTJHNTM5VFJWQS9zaklUelJsdWxldUljbWFxb1hiYk04Sk0xdFJhdjJCV0U2Rm1WNDZxRXYybzFQVi8KWTNkUXdnTnhXQklxZnk2dXNnZmh6NW5qR3YrcFhSVmpaR2h6c3dJREFRQUJBb0lCQUFNdDI5MGFoMWsvblhBSQphUVN0TzJiZ3FkelpBcDN4dDF3RlhJOFpZNHFoRzdhVHNCSlRTbFJvMXllN3ZMVkM5Wkd2RmNxL1hjNWNHb0lsClhlaFFsRUY4dmEzTlBzY2lpSUtJRDE2dnVrZDFjdU9kVFg0bm5heEdrTGttQ29lVnptU1BJWW8vR1piakVMNGEKLzNQVWZyZkJZTmVUK0Nob3YrOHJqR2hFWUlZUDlMaklIZkJYR3JnWXE4VWZ5bndRakJBTVJvbFd0UjEva1NpSQpSOEdGMVVWOXloVnpPV2oxQ0ltWWdPbkJ2STBsZEMrUHVLaUZqNlF6OGVFU1JWaXhic29xUGhsWkFtbk5wTVliCjkvTk5oZmtPSXRGMGdBMGViQXFvZXRxdkZHYkw0RkFqVU9Hak5pNGpESTFFUmNuRWpSOXRLaEhDeWRDa2RhQjQKcFdyZ1dlRUNnWUVBN1VodXAyQkMyWE1zSVlQL0EyaEE4YWFlRHlWUDJ4TGxJN2Z4bThLR2QyeFFmNUR4QzJjVQowT2JTUmNwMnNqN3IyWXk1d2ZrUWJ1THZlR2RXWWpDS0VlNVo5WEJKTXdTYmVGSXBDY0QwUll2b2YwdG4xR2tLCkRkQU1LcXEweHFlc3NmT1hXRmlWVkg4ekNyQ0xBdXlHTW9TYnFvK1VwYlhVZHNMaFV2QndZSWtDZ1lFQXhOWFgKZEVxMGRwbXpJSGZ2ZWEzdVVQRHBIUjAzNkYvOEYwRVZrNjcrMW1TUDFVTTJuSXk0RFJSRzdhSG0relpqSGtiUQpUNnlWNDV4ckdKV2xmRXd4Y25OY1VaQ1Nhblh6azRzNkIwTFFUeU1lYlQ1MmY3S1dsU0s4eThkUldjN0kzcXJCCkF


これらが使われいることは "kubectl config view" というコマンドでも確認出来ますが、
"REDACTED"となっており伏せられています。

kubeuser@kubemaster1:~$ kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://k8smaster1:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED


つまり、これらを使えばhttp apiを使えるということになります。
注意点としては、そのままコピーするのではなく、Base64エンコーディングして使います。
certificate-authority-data → ca.pem client-certificate-data → client.pem
client-key-data → client-key.pem

kubeuser@kubemaster1:~$ export client=$(grep client-cert $HOME/.kube/config | cu t -d" " -f 6)
kubeuser@kubemaster1:~$ echo $client
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRxZ0F3SUJBZ0lJWDNtZXU5K0s4UFV3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TVRFeU1ERXhNVEl5TVRaYUZ3MHlNakV5TURFeE1USXlNakJhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXRuR3ByOVgxTUtMbVhhc04KUHRLOFUyZTdTNFFqb2V5UXdQSTdTSjVvQktFSGpSZDFkNUFRRXFUajRpbFlpODVydnJDRzZXVC84RW00eFQxdgpIYk1EbWdDMXNxVWVINjF0THpQOElkOEtJUjJyRGZFQk9TL3U4RnlVeUpQZyt5VENOaVJXWTZ5U21sL2NaVVFNClNtbDdXVDJPVmtNdzlCa3ZEcTNjRjMxRFdWVkRHS0l0dENxcEZ3d1B1WHE2N0xoNnhHLzlpK05UYVN0YVlPcU8KY2xORXNxQ1NoMVdVUkNiZWtma0k0OFRkTGdZd0dJL3lVV2xpbGEyRzUzOVRSVkEvc2pJVHpSbHVsZXVJY21hcQpvWGJiTThKTTF0UmF2MkJXRTZGbVY0NnFFdjJvMVBWL1kzZFF3Z054V0JJcWZ5NnVzZ2ZoejVuakd2K3BYUlZqClpHaHpzd0lEQVFBQm95Y3dKVEFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFCNitkSndvZ1pNdDJkVHlFdkp3aXhwcnE1U1Rvb3BmRUdISwo5L1loWWtDbmhKY0FSUGg3VXU5bW1yS3VsVWlka2N2SExRaGlFWEMxRzBLbWUyTkNHdGRJQ0V6cHJtbEExOGlvCmlEU2NVR2RqRnpBNkVqMjZFcUQvaVpkZHkxQWtXVlRZT2owKzRSUWVEWE5xa1FnL3FWNStURGpUb0NRNVdrZ0kKQ2lhU3hlTmxSZXc1WmVlTXo2WjU0bGhvcDNTcWlvaVFnbkM1U3dTbENQOEk3NENLVG9RYXNxcEtPSk5HR2JCMgpwRmtQOEJwWXYxTXlpYVgxKzVBYUhHaGVVR29PcG5VaU5RQ3E0ZktBUW94K04rTEl3OWJRdTBPSCsvVmJOdzRzCkYrcG5SRXZ1WG9zTFY3aVBMQXNNSHpHOUpOczhqcFdMZHR1ekpXSG5MQ0Fhb2lMUGNPVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
kubeuser@kubemaster1:~$ echo $client | base64 -d > ./client.pem

kubeuser@kubemaster1:~$ export key=$(grep client-key-data $HOME/.kube/config | cu t -d" " -f 6)
kubeuser@kubemaster1:~$ echo $key
LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBdG5HcHI5WDFNS0xtWGFzTlB0SzhVMmU3UzRRam9leVF3UEk3U0o1b0JLRUhqUmQxCmQ1QVFFcVRqNGlsWWk4NXJ2ckNHNldULzhFbTR4VDF2SGJNRG1nQzFzcVVlSDYxdEx6UDhJZDhLSVIyckRmRUIKT1MvdThGeVV5SlBnK3lUQ05pUldZNnlTbWwvY1pVUU1TbWw3V1QyT1ZrTXc5Qmt2RHEzY0YzMURXVlZER0tJdAp0Q3FwRnd3UHVYcTY3TGg2eEcvOWkrTlRhU3RhWU9xT2NsTkVzcUNTaDFXVVJDYmVrZmtJNDhUZExnWXdHSS95ClVXbGlsYTJHNTM5VFJWQS9zaklUelJsdWxldUljbWFxb1hiYk04Sk0xdFJhdjJCV0U2Rm1WNDZxRXYybzFQVi8KWTNkUXdnTnhXQklxZnk2dXNnZmh6NW5qR3YrcFhSVmpaR2h6c3dJREFRQUJBb0lCQUFNdDI5MGFoMWsvblhBSQphUVN0TzJiZ3FkelpBcDN4dDF3RlhJOFpZNHFoRzdhVHNCSlRTbFJvMXllN3ZMVkM5Wkd2RmNxL1hjNWNHb0lsClhlaFFsRUY4dmEzTlBzY2lpSUtJRDE2dnVrZDFjdU9kVFg0bm5heEdrTGttQ29lVnptU1BJWW8vR1piakVMNGEKLzNQVWZyZkJZTmVUK0Nob3YrOHJqR2hFWUlZUDlMaklIZkJYR3JnWXE4VWZ5bndRakJBTVJvbFd0UjEva1NpSQpSOEdGMVVWOXloVnpPV2oxQ0ltWWdPbkJ2STBsZEMrUHVLaUZqNlF6OGVFU1JWaXhic29xUGhsWkFtbk5wTVliCjkvTk5oZmtPSXRGMGdBMGViQXFvZXRxdkZHYkw0RkFqVU9Hak5pNGpESTFFUmNuRWpSOXRLaEhDeWRDa2RhQjQKcFdyZ1dlRUNnWUVBN1VodXAyQkMyWE1zSVlQL0EyaEE4YWFlRHlWUDJ4TGxJN2Z4bThLR2QyeFFmNUR4QzJjVQowT2JTUmNwMnNqN3IyWXk1d2ZrUWJ1THZlR2RXWWpDS0VlNVo5WEJKTXdTYmVGSXBDY0QwUll2b2YwdG4xR2tLCkRkQU1LcXEweHFlc3NmT1hXRmlWVkg4ekNyQ0xBdXlHTW9TYnFvK1VwYlhVZHNMaFV2QndZSWtDZ1lFQXhOWFgKZEVxMGRwbXpJSGZ2ZWEzdVVQRHBIUjAzNkYvOEYwRVZrNjcrMW1TUDFVTTJuSXk0RFJSRzdhSG0relpqSGtiUQpUNnlWNDV4ckdKV2xmRXd4Y25OY1VaQ1Nhblh6azRzNkIwTFFUeU1lYlQ1MmY3S1dsU0s4eThkUldjN0kzcXJCCkFaM3FpMjBoWlQwV1lyNkUzZXR6ODFnSjBYbElSM2NzQk9jK1Mxc0NnWUVBczMyeUxxeVRoUGdwYnVUeGQvdFoKL1RKRHFFTmFSK2JnTElmTm5UeW1DUnFIUGlnL0hwZ0lXQW56RDlZYXViVDlKZURjOTQxWFQvb2NtZURacUliOQpPcGtwdFk4TjRDamhEa0JnU0wrTVNEdVFVUktTWlV4YnpaME9Sd3hBbVhGbkltbVlsN3pTb1V0aktmZm4vL3M1CmZHZHhkYkVOQ2RrazhmMXpBeEZjZ0xrQ2dZRUFsbkhIZ3JnU3BNK25UTHEreStiM3p0L0RuU0FXK2tKYTRMODcKS2F6SVZMOTUvQXVxY3c5UElaZ00rbFlUd0pCNlE4cm1MdTkvaFArcUQ1bFphZDZtc0k2aDBpbkk3eHdHTnhCawpJdWFiWnRFMTBWTzdxTENzVFlMR2dJNXdqRTd6MHRUNlBpMGY5cjlMbGlDUnVwbFozbkMzS0Joek1Lc2RacG9jCmlBYmk0eDhDZ1lFQXFkUVpaR2xPazlZeEhSbmFnMGpVZEZtS3JoN2JMRE9CMkhtK0VpVitqNDZ5MW9EbTNhQ08KUjVMTjNvMEV3OXFvaVpRYjVHR2hTazdiKzZMSnNFWkFzOHVIYmZXNVlCd3BBVzdETWFVVEROV05oVTZpaXNwVwpDeXBDVm9tcDkrREhmU3BxWVErTHRESERaakRQbkVIKzBhaWtobzdqZ0NQbWxjTUtiZHFHWEdRPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
kubeuser@kubemaster1:~$ echo $key | base64 -d > /../client-key.pem

kubeuser@kubemaster1:~$ export auth=$(grep certificate-authority-data $HOME/.kube/config | cu t -d" " -f 6)
kubeuser@kubemaster1:~$ echo $auth
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1USXdNVEV4TWpJeE5sb1hEVE14TVRFeU9URXhNakl4Tmxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTnJ0CkZFVFVjbitnZjh3T3RPNFFkdmFhNmtzV1hQSk5nckdGbkUrcGtLU2hEU3ZVYXFOcGEvU3J6Zyt6R2JYZXliRTIKdjh0Z242Z0RWVGcwd24vZXR1YVJZc2N1SDVFcnFTamdUbFpRRUo3THpnR2p2OTM2UzRjVCtXdjYrK3pJL2lKcgpFS0lYRWIyVHFvWkpnZEhKVGNHbCsrdjdBYWwvNUdTZWE0SmhjRit5TXRsWFo5NE1ORko2VHp3YyswTVo2VDhkCnVQNjRlWHgvdEtXeDMrdG8ydElCR01jU3hqZDNhTE04bXRLWVo1SzdNTHRuM2hKR0xxM05nb0psdVRub1lWQm8KbVZYVTIrTDFSYnJSS3RmdmIwRWZRNnUwcnFCazNSN0l5MHJRNkl6a1kyVUoxdUNKNVV5UWRvczhjUXdrRlFWdgpLK1UrV2NEanVwbDVPRDhla1ZzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFa0hmRjJmMTl3dmRYQ3hIdVhWZHVNVHVFWTkKaGU4TXZUQTlValhpTm1HWUZYSDQrZW53WGlLL3FOTEh4WUVhR2RLOTJhWGJmcFlGVG5BSkx6cDA4VzFNSTk3WgpoMFVLUVdsWTl2elhPalZLTjEwZnBkY1A5eThvVk0wSWhtWXdDbk9nZmdpRFdtM1QxL2dWbi9lL09xTWlsMmN4CjFjV2ZBeDlpRjlDVVA0ek5WbkUwUlNLQTI5c09TQS9nMEY2a3N0bTlHVmV3enlIZlZaalZUUVFGdEIxbHJTRFMKeitCQ0RFcERmOEFmejhZOXAwVHNESkFsQm5WempKZEhFcnV3TlUzSmVIUDcwZnB1QUtTYmZpT2J0ajBpVDVKMgpuZ1lhUDJVTitJSzYxUHFCb3ZIT3pNeE0rb0ZLODIyTlkvRXJyaEZGdVBJb1FKbEVGNkRPN0IrVUFGQT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
kubeuser@kubemaster1:~$ echo $auth | base64 -d > ./ca.pem 




curl実行端末へ各認証ファイルをコピー
続いて、先ほど作成した3ファイルをcurlを実行する端末へコピーします。
※scpなどコピー出来れば方法は何でもOkです。

コピー先の端末にファイルがコピー出来ました。

pi@raspberrypi:~ $ ls *.pem
ca.pem  client-key.pem  client.pem


また、curl利用時にはAPI-Serverが稼働するMasterノードのホスト名(kubemaster1)を指定するので、
hostsで名前解決が出来るようにします。

pi@raspberrypi:~ $ cat /etc/hosts
127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

127.0.1.1               raspberrypi
192.168.1.251 k8smaster1




http apiの実行
そして、http apiを実行します。
今回は、curlコマンドを使って"default"というNamespaceにあるPodを確認します。

pi@raspberrypi:~ $ curl --cert ./client.pem --key ./client-key.pem --cacert ca.pem https://k8smaster1:6443/api/v1/namespaces/default/pods
{
  "kind": "PodList",
  "apiVersion": "v1",
  "metadata": {
    "selfLink": "/api/v1/namespaces/default/pods",
    "resourceVersion": "211537"
  },
  "items": [
    {
      "metadata": {
        "name": "nginx-6c67f5ff6f-78kmz",
        "generateName": "nginx-6c67f5ff6f-",
        "namespace": "default",
        "selfLink": "/api/v1/namespaces/default/pods/nginx-6c67f5ff6f-78kmz",
        "uid": "99983ae0-bee6-47ab-b4f1-5007a2d2d747",
        "resourceVersion": "20123",
        "creationTimestamp": "2021-12-01T13:41:25Z",
        "labels": {
          "app": "nginx",
          "pod-template-hash": "6c67f5ff6f"
        },
        "annotations": {
          "cni.projectcalico.org/containerID": "134ee4de22750865ebde30d3154a9a84dd375fa680533fb16b1b8b0c9d33d1e4",
          "cni.projectcalico.org/podIP": "10.0.225.1/32",
          "cni.projectcalico.org/podIPs": "10.0.225.1/32"
        },
        "ownerReferences": [
          {
            "apiVersion": "apps/v1",
            "kind": "ReplicaSet",
            "name": "nginx-6c67f5ff6f",
            "uid": "9f0f8799-44ce-4417-9b78-241b99c15b3c",
            "controller": true,
            "blockOwnerDeletion": true
          }
        ],
        "managedFields": [
          {
            "manager": "kube-controller-manager",
            "operation": "Update",
            "apiVersion": "v1",
            "time": "2021-12-01T13:41:24Z",
            "fieldsType": "FieldsV1",
            "fieldsV1": {"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"9f0f8799-44ce-4417-9b78-241b99c15b3c\"}":{".":{},"f:apiVersion":{},"f:blockOwnerDeletion":{},"f:controller":{},"f:kind":{},"f:name":{},"f:uid":{}}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:enableServiceLinks":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}
          },
          {
            "manager": "calico",
            "operation": "Update",
            "apiVersion": "v1",
            "time": "2021-12-01T13:41:35Z",
            "fieldsType": "FieldsV1",
            "fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:cni.projectcalico.org/containerID":{},"f:cni.projectcalico.org/podIP":{},"f:cni.projectcalico.org/podIPs":{}}}}
          },
          {
            "manager": "kubelet",
            "operation": "Update",
            "apiVersion": "v1",
            "time": "2021-12-01T13:42:09Z",
            "fieldsType": "FieldsV1",
            "fieldsV1": {"f:status":{"f:conditions":{"k:{\"type\":\"ContainersReady\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Initialized\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Ready\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}}},"f:containerStatuses":{},"f:hostIP":{},"f:phase":{},"f:podIP":{},"f:podIPs":{".":{},"k:{\"ip\":\"10.0.225.1\"}":{".":{},"f:ip":{}}},"f:startTime":{}}}
          }
        ]
      },
      "spec": {
        "volumes": [
          {
            "name": "default-token-dvbfd",
            "secret": {
              "secretName": "default-token-dvbfd",
              "defaultMode": 420
            }
          }
        ],
        "containers": [
          {
            "name": "nginx",
            "image": "nginx:1.21.4",
            "resources": {

            },
            "volumeMounts": [
              {
                "name": "default-token-dvbfd",
                "readOnly": true,
                "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"
              }
            ],
            "terminationMessagePath": "/dev/termination-log",
            "terminationMessagePolicy": "File",
            "imagePullPolicy": "IfNotPresent"
          }
        ],
        "restartPolicy": "Always",
        "terminationGracePeriodSeconds": 30,
        "dnsPolicy": "ClusterFirst",
        "serviceAccountName": "default",
        "serviceAccount": "default",
        "nodeName": "kubeworker2",
        "securityContext": {

        },
        "schedulerName": "default-scheduler",
        "tolerations": [
          {
            "key": "node.kubernetes.io/not-ready",
            "operator": "Exists",
            "effect": "NoExecute",
            "tolerationSeconds": 300
          },
          {
            "key": "node.kubernetes.io/unreachable",
            "operator": "Exists",
            "effect": "NoExecute",
            "tolerationSeconds": 300
          }
        ],
        "priority": 0,
        "enableServiceLinks": true
      },
      "status": {
        "phase": "Running",
        "conditions": [
          {
            "type": "Initialized",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T13:41:27Z"
          },
          {
            "type": "Ready",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T13:42:09Z"
          },
          {
            "type": "ContainersReady",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T13:42:09Z"
          },
          {
            "type": "PodScheduled",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T13:41:26Z"
          }
        ],
        "hostIP": "192.168.1.254",
        "podIP": "10.0.225.1",
        "podIPs": [
          {
            "ip": "10.0.225.1"
          }
        ],
        "startTime": "2021-12-01T13:41:27Z",
        "containerStatuses": [
          {
            "name": "nginx",
            "state": {
              "running": {
                "startedAt": "2021-12-01T13:42:07Z"
              }
            },
            "lastState": {

            },
            "ready": true,
            "restartCount": 0,
            "image": "nginx:1.21.4",
            "imageID": "docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e",
            "containerID": "docker://1428691efc36c56269e0dab3f445629293fe854afe0012d43d35344b5c53a848",
            "started": true
          }
        ],
        "qosClass": "BestEffort"
      }
    },
    {
      "metadata": {
        "name": "nginx-6c67f5ff6f-f5xnz",
        "generateName": "nginx-6c67f5ff6f-",
        "namespace": "default",
        "selfLink": "/api/v1/namespaces/default/pods/nginx-6c67f5ff6f-f5xnz",
        "uid": "b628189b-56a7-40cb-b4f6-507345cab1ca",
        "resourceVersion": "22805",
        "creationTimestamp": "2021-12-01T13:59:40Z",
        "labels": {
          "app": "nginx",
          "pod-template-hash": "6c67f5ff6f"
        },
        "annotations": {
          "cni.projectcalico.org/containerID": "e8875265feb7b5d5bb43932ebeb26e29589f0f3fb7e9328a46f8a6eb188d9bb7",
          "cni.projectcalico.org/podIP": "10.0.42.1/32",
          "cni.projectcalico.org/podIPs": "10.0.42.1/32"
        },
        "ownerReferences": [
          {
            "apiVersion": "apps/v1",
            "kind": "ReplicaSet",
            "name": "nginx-6c67f5ff6f",
            "uid": "9f0f8799-44ce-4417-9b78-241b99c15b3c",
            "controller": true,
            "blockOwnerDeletion": true
          }
        ],
        "managedFields": [
          {
            "manager": "kube-controller-manager",
            "operation": "Update",
            "apiVersion": "v1",
            "time": "2021-12-01T13:59:40Z",
            "fieldsType": "FieldsV1",
            "fieldsV1": {"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"9f0f8799-44ce-4417-9b78-241b99c15b3c\"}":{".":{},"f:apiVersion":{},"f:blockOwnerDeletion":{},"f:controller":{},"f:kind":{},"f:name":{},"f:uid":{}}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:enableServiceLinks":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}
          },
          {
            "manager": "calico",
            "operation": "Update",
            "apiVersion": "v1",
            "time": "2021-12-01T13:59:56Z",
            "fieldsType": "FieldsV1",
            "fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:cni.projectcalico.org/containerID":{},"f:cni.projectcalico.org/podIP":{},"f:cni.projectcalico.org/podIPs":{}}}}
          },
          {
            "manager": "kubelet",
            "operation": "Update",
            "apiVersion": "v1",
            "time": "2021-12-01T14:00:36Z",
            "fieldsType": "FieldsV1",
            "fieldsV1": {"f:status":{"f:conditions":{"k:{\"type\":\"ContainersReady\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Initialized\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Ready\"}":{".":{},"f:lastProbeTime":{},"f:lastTransitionTime":{},"f:status":{},"f:type":{}}},"f:containerStatuses":{},"f:hostIP":{},"f:phase":{},"f:podIP":{},"f:podIPs":{".":{},"k:{\"ip\":\"10.0.42.1\"}":{".":{},"f:ip":{}}},"f:startTime":{}}}
          }
        ]
      },
      "spec": {
        "volumes": [
          {
            "name": "default-token-dvbfd",
            "secret": {
              "secretName": "default-token-dvbfd",
              "defaultMode": 420
            }
          }
        ],
        "containers": [
          {
            "name": "nginx",
            "image": "nginx:1.21.4",
            "resources": {

            },
            "volumeMounts": [
              {
                "name": "default-token-dvbfd",
                "readOnly": true,
                "mountPath": "/var/run/secrets/kubernetes.io/serviceaccount"
              }
            ],
            "terminationMessagePath": "/dev/termination-log",
            "terminationMessagePolicy": "File",
            "imagePullPolicy": "IfNotPresent"
          }
        ],
        "restartPolicy": "Always",
        "terminationGracePeriodSeconds": 30,
        "dnsPolicy": "ClusterFirst",
        "serviceAccountName": "default",
        "serviceAccount": "default",
        "nodeName": "kubeworker",
        "securityContext": {

        },
        "schedulerName": "default-scheduler",
        "tolerations": [
          {
            "key": "node.kubernetes.io/not-ready",
            "operator": "Exists",
            "effect": "NoExecute",
            "tolerationSeconds": 300
          },
          {
            "key": "node.kubernetes.io/unreachable",
            "operator": "Exists",
            "effect": "NoExecute",
            "tolerationSeconds": 300
          }
        ],
        "priority": 0,
        "enableServiceLinks": true
      },
      "status": {
        "phase": "Running",
        "conditions": [
          {
            "type": "Initialized",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T13:59:43Z"
          },
          {
            "type": "Ready",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T14:00:36Z"
          },
          {
            "type": "ContainersReady",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T14:00:36Z"
          },
          {
            "type": "PodScheduled",
            "status": "True",
            "lastProbeTime": null,
            "lastTransitionTime": "2021-12-01T13:59:41Z"
          }
        ],
        "hostIP": "192.168.1.253",
        "podIP": "10.0.42.1",
        "podIPs": [
          {
            "ip": "10.0.42.1"
          }
        ],
        "startTime": "2021-12-01T13:59:43Z",
        "containerStatuses": [
          {
            "name": "nginx",
            "state": {
              "running": {
                "startedAt": "2021-12-01T14:00:35Z"
              }
            },
            "lastState": {

            },
            "ready": true,
            "restartCount": 0,
            "image": "nginx:1.21.4",
            "imageID": "docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e",
            "containerID": "docker://a234cfed8a6d736123eb46ffab92aa8ac25eb0bf719ff9b01a2877925c1d01f5",
            "started": true
          }
        ],
        "qosClass": "BestEffort"
      }
    }
  ]
}



少し長いので確認するのが大変ですが、
kubectl describeでPodを確認したときの出力が近いかなと思います。

kubeuser@kubemaster1:~$ kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
nginx-6c67f5ff6f-78kmz   1/1     Running   0          21h
nginx-6c67f5ff6f-f5xnz   1/1     Running   0          21h

kubeuser@kubemaster1:~$ kubectl describe pod nginx-6c67f5ff6f-78kmz nginx-6c67f5ff6f-f5xnz
Name:         nginx-6c67f5ff6f-78kmz
Namespace:    default
Priority:     0
Node:         kubeworker2/192.168.1.254
Start Time:   Wed, 01 Dec 2021 13:41:27 +0000
Labels:       app=nginx
              pod-template-hash=6c67f5ff6f
Annotations:  cni.projectcalico.org/containerID: 134ee4de22750865ebde30d3154a9a84dd375fa680533fb16b1b8b0c9d33d1e4
              cni.projectcalico.org/podIP: 10.0.225.1/32
              cni.projectcalico.org/podIPs: 10.0.225.1/32
Status:       Running
IP:           10.0.225.1
IPs:
  IP:           10.0.225.1
Controlled By:  ReplicaSet/nginx-6c67f5ff6f
Containers:
  nginx:
    Container ID:   docker://1428691efc36c56269e0dab3f445629293fe854afe0012d43d35344b5c53a848
    Image:          nginx:1.21.4
    Image ID:       docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Wed, 01 Dec 2021 13:42:07 +0000
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-dvbfd (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  default-token-dvbfd:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-dvbfd
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:          <none>


Name:         nginx-6c67f5ff6f-f5xnz
Namespace:    default
Priority:     0
Node:         kubeworker/192.168.1.253
Start Time:   Wed, 01 Dec 2021 13:59:43 +0000
Labels:       app=nginx
              pod-template-hash=6c67f5ff6f
Annotations:  cni.projectcalico.org/containerID: e8875265feb7b5d5bb43932ebeb26e29589f0f3fb7e9328a46f8a6eb188d9bb7
              cni.projectcalico.org/podIP: 10.0.42.1/32
              cni.projectcalico.org/podIPs: 10.0.42.1/32
Status:       Running
IP:           10.0.42.1
IPs:
  IP:           10.0.42.1
Controlled By:  ReplicaSet/nginx-6c67f5ff6f
Containers:
  nginx:
    Container ID:   docker://a234cfed8a6d736123eb46ffab92aa8ac25eb0bf719ff9b01a2877925c1d01f5
    Image:          nginx:1.21.4
    Image ID:       docker-pullable://nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Wed, 01 Dec 2021 14:00:35 +0000
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-dvbfd (ro)
Conditions:
  Type              Status
  Initialized



その他、リソースをcurlで確認する
deploymentをcurlで確認します。
しかし、実行時に使用するapiのURLが分からないことがありますが、
"--v=6"というオプションを付けて"kubectl get"をすれば分かります。

kubeuser@kubemaster1:~$ kubectl get deployments
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   2/2     2            2           21h

kubeuser@kubemaster1:~$ kubectl get deployments nginx --v=6
I1202 11:46:59.853871 1497329 loader.go:375] Config loaded from file:  /home/kubeuser/.kube/config
I1202 11:47:00.213735 1497329 round_trippers.go:443] GET https://k8smaster1:6443/apis/apps/v1/namespaces/default/deployments/nginx 200 OK in 345 milliseconds
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   2/2     2            2           22h


では、次はcurlで。

pi@raspberrypi:~ $ curl --cert ./client.pem --key ./client-key.pem --cacert ca.pem https://k8smaster1:6443/apis/apps/v1/namespaces/default/deployments/nginx
{
  "kind": "Deployment",
  "apiVersion": "apps/v1",
  "metadata": {
    "name": "nginx",
    "namespace": "default",
    "selfLink": "/apis/apps/v1/namespaces/default/deployments/nginx",
    "uid": "048f0f15-07e6-41fb-8327-76a0cbd91353",
    "resourceVersion": "26603",
    "generation": 3,
    "creationTimestamp": "2021-12-01T13:41:24Z",
    "labels": {
      "app": "nginx"
    },
    "annotations": {
      "deployment.kubernetes.io/revision": "1",
      "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"apps/v1\",\"kind\":\"Deployment\",\"metadata\":{\"annotations\":{\"deployment.kubernetes.io/revision\":\"1\"},\"generation\":1,\"labels\":{\"app\":\"nginx\"},\"managedFields\":[{\"apiVersion\":\"apps/v1\",\"fieldsType\":\"FieldsV1\",\"fieldsV1\":{\"f:metadata\":{\"f:labels\":{\".\":{},\"f:app\":{}}},\"f:spec\":{\"f:progressDeadlineSeconds\":{},\"f:replicas\":{},\"f:revisionHistoryLimit\":{},\"f:selector\":{\"f:matchLabels\":{\".\":{},\"f:app\":{}}},\"f:strategy\":{\"f:rollingUpdate\":{\".\":{},\"f:maxSurge\":{},\"f:maxUnavailable\":{}},\"f:type\":{}},\"f:template\":{\"f:metadata\":{\"f:labels\":{\".\":{},\"f:app\":{}}},\"f:spec\":{\"f:containers\":{\"k:{\\\"name\\\":\\\"nginx\\\"}\":{\".\":{},\"f:image\":{},\"f:imagePullPolicy\":{},\"f:name\":{},\"f:resources\":{},\"f:terminationMessagePath\":{},\"f:terminationMessagePolicy\":{}}},\"f:dnsPolicy\":{},\"f:restartPolicy\":{},\"f:schedulerName\":{},\"f:securityContext\":{},\"f:terminationGracePeriodSeconds\":{}}}}},\"manager\":\"kubectl\",\"operation\":\"Update\",\"time\":\"2021-12-01T13:41:24Z\"},{\"apiVersion\":\"apps/v1\",\"fieldsType\":\"FieldsV1\",\"fieldsV1\":{\"f:metadata\":{\"f:annotations\":{\".\":{},\"f:deployment.kubernetes.io/revision\":{}}},\"f:status\":{\"f:availableReplicas\":{},\"f:conditions\":{\".\":{},\"k:{\\\"type\\\":\\\"Available\\\"}\":{\".\":{},\"f:lastTransitionTime\":{},\"f:lastUpdateTime\":{},\"f:message\":{},\"f:reason\":{},\"f:status\":{},\"f:type\":{}},\"k:{\\\"type\\\":\\\"Progressing\\\"}\":{\".\":{},\"f:lastTransitionTime\":{},\"f:lastUpdateTime\":{},\"f:message\":{},\"f:reason\":{},\"f:status\":{},\"f:type\":{}}},\"f:observedGeneration\":{},\"f:readyReplicas\":{},\"f:replicas\":{},\"f:updatedReplicas\":{}}},\"manager\":\"kube-controller-manager\",\"operation\":\"Update\",\"time\":\"2021-12-01T13:42:09Z\"}],\"name\":\"nginx\",\"namespace\":\"default\"},\"spec\":{\"progressDeadlineSeconds\":600,\"replicas\":2,\"revisionHistoryLimit\":10,\"selector\":{\"matchLabels\":{\"app\":\"nginx\"}},\"strategy\":{\"rollingUpdate\":{\"maxSurge\":\"25%\",\"maxUnavailable\":\"25%\"},\"type\":\"RollingUpdate\"},\"template\":{\"metadata\":{\"creationTimestamp\":null,\"labels\":{\"app\":\"nginx\"}},\"spec\":{\"containers\":[{\"image\":\"nginx:1.21.4\",\"imagePullPolicy\":\"IfNotPresent\",\"name\":\"nginx\",\"resources\":{},\"terminationMessagePath\":\"/dev/termination-log\",\"terminationMessagePolicy\":\"File\"}],\"dnsPolicy\":\"ClusterFirst\",\"restartPolicy\":\"Always\",\"schedulerName\":\"default-scheduler\",\"securityContext\":{},\"terminationGracePeriodSeconds\":30}}}}\n"
    },
    "managedFields": [
      {
        "manager": "kubectl",
        "operation": "Update",
        "apiVersion": "apps/v1",
        "time": "2021-12-01T14:26:35Z",
        "fieldsType": "FieldsV1",
        "fieldsV1": {"f:metadata":{"f:annotations":{"f:kubectl.kubernetes.io/last-applied-configuration":{}},"f:labels":{".":{},"f:app":{}}},"f:spec":{"f:progressDeadlineSeconds":{},"f:replicas":{},"f:revisionHistoryLimit":{},"f:selector":{"f:matchLabels":{".":{},"f:app":{}}},"f:strategy":{"f:rollingUpdate":{".":{},"f:maxSurge":{},"f:maxUnavailable":{}},"f:type":{}},"f:template":{"f:metadata":{"f:labels":{".":{},"f:app":{}}},"f:spec":{"f:containers":{"k:{\"name\":\"nginx\"}":{".":{},"f:image":{},"f:imagePullPolicy":{},"f:name":{},"f:resources":{},"f:terminationMessagePath":{},"f:terminationMessagePolicy":{}}},"f:dnsPolicy":{},"f:restartPolicy":{},"f:schedulerName":{},"f:securityContext":{},"f:terminationGracePeriodSeconds":{}}}}}
      },
      {
        "manager": "kube-controller-manager",
        "operation": "Update",
        "apiVersion": "apps/v1",
        "time": "2021-12-01T14:26:40Z",
        "fieldsType": "FieldsV1",
        "fieldsV1": {"f:metadata":{"f:annotations":{".":{},"f:deployment.kubernetes.io/revision":{}}},"f:status":{"f:availableReplicas":{},"f:conditions":{".":{},"k:{\"type\":\"Available\"}":{".":{},"f:lastTransitionTime":{},"f:lastUpdateTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}},"k:{\"type\":\"Progressing\"}":{".":{},"f:lastTransitionTime":{},"f:lastUpdateTime":{},"f:message":{},"f:reason":{},"f:status":{},"f:type":{}}},"f:observedGeneration":{},"f:readyReplicas":{},"f:replicas":{},"f:updatedReplicas":{}}}
      }
    ]
  },
  "spec": {
    "replicas": 2,
    "selector": {
      "matchLabels": {
        "app": "nginx"
      }
    },
    "template": {
      "metadata": {
        "creationTimestamp": null,
        "labels": {
          "app": "nginx"
        }
      },
      "spec": {
        "containers": [
          {
            "name": "nginx",
            "image": "nginx:1.21.4",
            "resources": {

            },
            "terminationMessagePath": "/dev/termination-log",
            "terminationMessagePolicy": "File",
            "imagePullPolicy": "IfNotPresent"
          }
        ],
        "restartPolicy": "Always",
        "terminationGracePeriodSeconds": 30,
        "dnsPolicy": "ClusterFirst",
        "securityContext": {

        },
        "schedulerName": "default-scheduler"
      }
    },
    "strategy": {
      "type": "RollingUpdate",
      "rollingUpdate": {
        "maxUnavailable": "25%",
        "maxSurge": "25%"
      }
    },
    "revisionHistoryLimit": 10,
    "progressDeadlineSeconds": 600
  },
  "status": {
    "observedGeneration": 3,
    "replicas": 2,
    "updatedReplicas": 2,
    "readyReplicas": 2,
    "availableReplicas": 2,
    "conditions": [
      {
        "type": "Progressing",
        "status": "True",
        "lastUpdateTime": "2021-12-01T13:42:09Z",
        "lastTransitionTime": "2021-12-01T13:41:24Z",
        "reason": "NewReplicaSetAvailable",
        "message": "ReplicaSet \"nginx-6c67f5ff6f\" has successfully progressed."
      },
      {
        "type": "Available",
        "status": "True",
        "lastUpdateTime": "2021-12-01T14:00:39Z",
}




おわりに
curlでhttp apiを指定して取得する情報は慣れないと見づらいですが、
kubectlコマンドと同じことが出来る方法があるというのはいいですね♪

Opensourcetech by Takahiro Kujirai