k8s

Open source container management platform.

Provider Summary

total services: 5
total methods: 267

total resources: 33
selectable resources: 24

Installation

REGISTRY PULL k8s v23.01.00104;

Authentication

{
  "k8s": {
    "type": string, // authentication type to use, suported values include: bearer, null_auth
    "credentialsenvvar": string, // env var name containing the api key or credentials
  }
}

note

cluster_addr is a required paramter for all operations using the k8s provider, for example:

SELECT name, namespace, uid, creationTimestamp 
FROM k8s.core_v1.service_account 
WHERE cluster_addr = '35.244.65.136' AND namespace = 'kube-system' 
ORDER BY name ASC;

Example using `kubectl proxy`

AUTH='{ "k8s": { "type": "null_auth" } }'
./stackql shell --auth="${AUTH}"

note

The protocol parameter is required when accessing a Kubernetes cluster via kubectl proxy, see the example below:

select name, namespace, uid, creationTimestamp 
from k8s.core_v1.pod 
where protocol = 'http' 
and cluster_addr = 'localhost:8080'  
order by name asc limit 3;

Example using direct cluster access

export K8S_TOKEN='eyJhbGciOiJ...'
AUTH='{ "k8s": { "type": "bearer", "credentialsenvvar": "K8S_TOKEN" } }'
stackql shell --auth="${AUTH}" --tls.CABundle k8s_cert_bundle.pem

note

You will need to generate a certificate bundle for your cluster (k8s_cert_bundle.pem in the preceeding example), you can use the following code to generate this (for MacOS or Linux):

kubectl get secret -o jsonpath="{.items[?(@.type==\"kubernetes.io/service-account-token\")].data['ca\.crt']}" | base64 -i --decode > k8s_cert_bundle.pem

Alternatively, you could add the --tls.allowInsecure=true argument to the stackql command, it is not recommended however.

Services

core

core_v1

Installation​

Authentication​

Example using kubectl proxy​

Example using direct cluster access​

Services​

Installation

Authentication

Example using `kubectl proxy`

Example using direct cluster access

Services