API 参考

API 参考 - 图1备注

目前,并非所有的 Rancher 资源都可以通过 Rancher Kubernetes API 操作。

API 参考 - 图2

  • managementCattleIo_v3API 参考 - 图3
    • getlistManagementCattleIoV3ClusterRoleTemplateBindingForAllNamespaces
    • getlistManagementCattleIoV3GlobalRoleBinding
    • postcreateManagementCattleIoV3GlobalRoleBinding
    • deldeleteManagementCattleIoV3CollectionGlobalRoleBinding
    • getreadManagementCattleIoV3GlobalRoleBinding
    • putreplaceManagementCattleIoV3GlobalRoleBinding
    • deldeleteManagementCattleIoV3GlobalRoleBinding
    • patchpatchManagementCattleIoV3GlobalRoleBinding
    • getlistManagementCattleIoV3GlobalRole
    • postcreateManagementCattleIoV3GlobalRole
    • deldeleteManagementCattleIoV3CollectionGlobalRole
    • getreadManagementCattleIoV3GlobalRole
    • putreplaceManagementCattleIoV3GlobalRole
    • deldeleteManagementCattleIoV3GlobalRole
    • patchpatchManagementCattleIoV3GlobalRole
    • getlistManagementCattleIoV3NamespacedClusterRoleTemplateBinding
    • postcreateManagementCattleIoV3NamespacedClusterRoleTemplateBinding
    • deldeleteManagementCattleIoV3CollectionNamespacedClusterRoleTemplateBinding
    • getreadManagementCattleIoV3NamespacedClusterRoleTemplateBinding
    • putreplaceManagementCattleIoV3NamespacedClusterRoleTemplateBinding
    • deldeleteManagementCattleIoV3NamespacedClusterRoleTemplateBinding
    • patchpatchManagementCattleIoV3NamespacedClusterRoleTemplateBinding
    • getlistManagementCattleIoV3NamespacedProjectRoleTemplateBinding
    • postcreateManagementCattleIoV3NamespacedProjectRoleTemplateBinding
    • deldeleteManagementCattleIoV3CollectionNamespacedProjectRoleTemplateBinding
    • getreadManagementCattleIoV3NamespacedProjectRoleTemplateBinding
    • putreplaceManagementCattleIoV3NamespacedProjectRoleTemplateBinding
    • deldeleteManagementCattleIoV3NamespacedProjectRoleTemplateBinding
    • patchpatchManagementCattleIoV3NamespacedProjectRoleTemplateBinding
    • getlistManagementCattleIoV3NamespacedProject
    • postcreateManagementCattleIoV3NamespacedProject
    • deldeleteManagementCattleIoV3CollectionNamespacedProject
    • getreadManagementCattleIoV3NamespacedProject
    • putreplaceManagementCattleIoV3NamespacedProject
    • deldeleteManagementCattleIoV3NamespacedProject
    • patchpatchManagementCattleIoV3NamespacedProject
    • getlistManagementCattleIoV3ProjectRoleTemplateBindingForAllNamespaces
    • getlistManagementCattleIoV3ProjectForAllNamespaces
    • getlistManagementCattleIoV3RoleTemplate
    • postcreateManagementCattleIoV3RoleTemplate
    • deldeleteManagementCattleIoV3CollectionRoleTemplate
    • getreadManagementCattleIoV3RoleTemplate
    • putreplaceManagementCattleIoV3RoleTemplate
    • deldeleteManagementCattleIoV3RoleTemplate
    • patchpatchManagementCattleIoV3RoleTemplate

API docs by Redocly

API 参考 - 图4API 参考 - 图5

Kubernetes (v1.27.5+k3s1)

Download OpenAPI specification:Download

managementCattleIo_v3

listManagementCattleIoV3ClusterRoleTemplateBindingForAllNamespaces

list objects of kind ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图6

BearerToken

query Parameters
allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图7200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/clusterroletemplatebindingsAPI 参考 - 图8

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/clusterroletemplatebindings

Response samples

  • 200

Content type

API 参考 - 图9application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

listManagementCattleIoV3GlobalRoleBinding

list objects of kind GlobalRoleBinding

Authorizations:

API 参考 - 图10

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图11200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/globalrolebindingsAPI 参考 - 图12

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings

Response samples

  • 200

Content type

API 参考 - 图13application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

createManagementCattleIoV3GlobalRoleBinding

create a GlobalRoleBinding

Authorizations:

API 参考 - 图14

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图15application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

globalRoleName
required
string

GlobalRoleName is the name of the Global Role that the subject will be bound to. Immutable.

groupPrincipalName
string

GroupPrincipalName is the name of the group principal subject to be bound. Immutable.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

userName
string

UserName is the name of the user subject to be bound. Immutable.

Responses

API 参考 - 图17200

OK

API 参考 - 图18201

Created

API 参考 - 图19202

Accepted

401

Unauthorized

post/apis/management.cattle.io/v3/globalrolebindingsAPI 参考 - 图20

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings

Request samples

  • Payload

Content type

API 参考 - 图21application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" }

Response samples

  • 200
  • 201
  • 202

Content type

API 参考 - 图22application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" }

deleteManagementCattleIoV3CollectionGlobalRoleBinding

delete collection of GlobalRoleBinding

Authorizations:

API 参考 - 图23

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图24200

OK

401

Unauthorized

delete/apis/management.cattle.io/v3/globalrolebindingsAPI 参考 - 图25

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings

Response samples

  • 200

Content type

API 参考 - 图26application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

readManagementCattleIoV3GlobalRoleBinding

read the specified GlobalRoleBinding

Authorizations:

API 参考 - 图27

BearerToken

path Parameters
name
required
string unique

name of the GlobalRoleBinding

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

Responses

API 参考 - 图28200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/globalrolebindings/{name}API 参考 - 图29

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings/{name}

Response samples

  • 200

Content type

API 参考 - 图30application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" }

replaceManagementCattleIoV3GlobalRoleBinding

replace the specified GlobalRoleBinding

Authorizations:

API 参考 - 图31

BearerToken

path Parameters
name
required
string unique

name of the GlobalRoleBinding

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图32application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

globalRoleName
required
string

GlobalRoleName is the name of the Global Role that the subject will be bound to. Immutable.

groupPrincipalName
string

GroupPrincipalName is the name of the group principal subject to be bound. Immutable.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

userName
string

UserName is the name of the user subject to be bound. Immutable.

Responses

API 参考 - 图34200

OK

API 参考 - 图35201

Created

401

Unauthorized

put/apis/management.cattle.io/v3/globalrolebindings/{name}API 参考 - 图36

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图37application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" }

Response samples

  • 200
  • 201

Content type

API 参考 - 图38application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" }

deleteManagementCattleIoV3GlobalRoleBinding

delete a GlobalRoleBinding

Authorizations:

API 参考 - 图39

BearerToken

path Parameters
name
required
string unique

name of the GlobalRoleBinding

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer unique

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents
boolean unique

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy
string unique

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Request Body schema:

API 参考 - 图40application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

dryRun
Array of strings

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer <int64>

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

orphanDependents
boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

object (io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions)

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

propagationPolicy
string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Responses

API 参考 - 图42200

OK

API 参考 - 图43202

Accepted

401

Unauthorized

delete/apis/management.cattle.io/v3/globalrolebindings/{name}API 参考 - 图44

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图45application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "dryRun": [ - "string" ], - "gracePeriodSeconds": 0, - "kind": "string", - "orphanDependents": true, - "preconditions": { - "resourceVersion": "string", - "uid": "string" }, - "propagationPolicy": "string" }

Response samples

  • 200
  • 202

Content type

API 参考 - 图46application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

patchManagementCattleIoV3GlobalRoleBinding

partially update the specified GlobalRoleBinding

Authorizations:

API 参考 - 图47

BearerToken

path Parameters
name
required
string unique

name of the GlobalRoleBinding

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force
boolean unique

Force is going to “force” Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Request Body schema:

API 参考 - 图48application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

object (io.k8s.apimachinery.pkg.apis.meta.v1.Patch)

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

Responses

API 参考 - 图49200

OK

401

Unauthorized

patch/apis/management.cattle.io/v3/globalrolebindings/{name}API 参考 - 图50

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalrolebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图51application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

Copy

{ }

Response samples

  • 200

Content type

API 参考 - 图52application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "globalRoleName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "userName": "string" }

listManagementCattleIoV3GlobalRole

list objects of kind GlobalRole

Authorizations:

API 参考 - 图53

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图54200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/globalrolesAPI 参考 - 图55

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles

Response samples

  • 200

Content type

API 参考 - 图56application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

createManagementCattleIoV3GlobalRole

create a GlobalRole

Authorizations:

API 参考 - 图57

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图58application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

builtin
boolean

Builtin specifies that this GlobalRole was created by Rancher if true. Immutable.

description
string

Description holds text that describes the resource.

displayName
string

DisplayName is the human-readable name displayed in the UI for this resource.

inheritedClusterRoles
Array of strings

InheritedClusterRoles are the names of RoleTemplates whose permissions are granted by this GlobalRole in every cluster besides the local cluster. To grant permissions in the local cluster, use the Rules field.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

newUserDefault
boolean

NewUserDefault specifies that all new users created should be bound to this GlobalRole if true.

Array of objects

Rules holds a list of PolicyRules that are applied to the local cluster only.

Responses

API 参考 - 图61200

OK

API 参考 - 图62201

Created

API 参考 - 图63202

Accepted

401

Unauthorized

post/apis/management.cattle.io/v3/globalrolesAPI 参考 - 图64

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles

Request samples

  • Payload

Content type

API 参考 - 图65application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

Response samples

  • 200
  • 201
  • 202

Content type

API 参考 - 图66application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

deleteManagementCattleIoV3CollectionGlobalRole

delete collection of GlobalRole

Authorizations:

API 参考 - 图67

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图68200

OK

401

Unauthorized

delete/apis/management.cattle.io/v3/globalrolesAPI 参考 - 图69

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles

Response samples

  • 200

Content type

API 参考 - 图70application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

readManagementCattleIoV3GlobalRole

read the specified GlobalRole

Authorizations:

API 参考 - 图71

BearerToken

path Parameters
name
required
string unique

name of the GlobalRole

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

Responses

API 参考 - 图72200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/globalroles/{name}API 参考 - 图73

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles/{name}

Response samples

  • 200

Content type

API 参考 - 图74application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

replaceManagementCattleIoV3GlobalRole

replace the specified GlobalRole

Authorizations:

API 参考 - 图75

BearerToken

path Parameters
name
required
string unique

name of the GlobalRole

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图76application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

builtin
boolean

Builtin specifies that this GlobalRole was created by Rancher if true. Immutable.

description
string

Description holds text that describes the resource.

displayName
string

DisplayName is the human-readable name displayed in the UI for this resource.

inheritedClusterRoles
Array of strings

InheritedClusterRoles are the names of RoleTemplates whose permissions are granted by this GlobalRole in every cluster besides the local cluster. To grant permissions in the local cluster, use the Rules field.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

newUserDefault
boolean

NewUserDefault specifies that all new users created should be bound to this GlobalRole if true.

Array of objects

Rules holds a list of PolicyRules that are applied to the local cluster only.

Responses

API 参考 - 图79200

OK

API 参考 - 图80201

Created

401

Unauthorized

put/apis/management.cattle.io/v3/globalroles/{name}API 参考 - 图81

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles/{name}

Request samples

  • Payload

Content type

API 参考 - 图82application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

Response samples

  • 200
  • 201

Content type

API 参考 - 图83application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

deleteManagementCattleIoV3GlobalRole

delete a GlobalRole

Authorizations:

API 参考 - 图84

BearerToken

path Parameters
name
required
string unique

name of the GlobalRole

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer unique

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents
boolean unique

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy
string unique

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Request Body schema:

API 参考 - 图85application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

dryRun
Array of strings

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer <int64>

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

orphanDependents
boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

object (io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions)

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

propagationPolicy
string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Responses

API 参考 - 图87200

OK

API 参考 - 图88202

Accepted

401

Unauthorized

delete/apis/management.cattle.io/v3/globalroles/{name}API 参考 - 图89

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles/{name}

Request samples

  • Payload

Content type

API 参考 - 图90application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "dryRun": [ - "string" ], - "gracePeriodSeconds": 0, - "kind": "string", - "orphanDependents": true, - "preconditions": { - "resourceVersion": "string", - "uid": "string" }, - "propagationPolicy": "string" }

Response samples

  • 200
  • 202

Content type

API 参考 - 图91application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

patchManagementCattleIoV3GlobalRole

partially update the specified GlobalRole

Authorizations:

API 参考 - 图92

BearerToken

path Parameters
name
required
string unique

name of the GlobalRole

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force
boolean unique

Force is going to “force” Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Request Body schema:

API 参考 - 图93application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

object (io.k8s.apimachinery.pkg.apis.meta.v1.Patch)

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

Responses

API 参考 - 图94200

OK

401

Unauthorized

patch/apis/management.cattle.io/v3/globalroles/{name}API 参考 - 图95

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/globalroles/{name}

Request samples

  • Payload

Content type

API 参考 - 图96application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

Copy

{ }

Response samples

  • 200

Content type

API 参考 - 图97application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "builtin": true, - "description": "string", - "displayName": "string", - "inheritedClusterRoles": [ - "string" ], - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "newUserDefault": true, - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

listManagementCattleIoV3NamespacedClusterRoleTemplateBinding

list objects of kind ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图98

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图99200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindingsAPI 参考 - 图100

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings

Response samples

  • 200

Content type

API 参考 - 图101application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

createManagementCattleIoV3NamespacedClusterRoleTemplateBinding

create a ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图102

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图103application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

clusterName
required
string

ClusterName is the metadata.name of the cluster to which a subject is added. Must match the namespace. Immutable.

groupName
string

GroupName is the name of the group subject added to the cluster. Immutable.

groupPrincipalName
string

GroupPrincipalName is the name of the group principal subject added to the cluster. Immutable.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

roleTemplateName
required
string

RoleTemplateName is the name of the role template that defines permissions to perform actions on resources in the cluster. Immutable.

userName
string

UserName is the name of the user subject added to the cluster. Immutable.

userPrincipalName
string

UserPrincipalName is the name of the user principal subject added to the cluster. Immutable.

Responses

API 参考 - 图105200

OK

API 参考 - 图106201

Created

API 参考 - 图107202

Accepted

401

Unauthorized

post/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindingsAPI 参考 - 图108

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings

Request samples

  • Payload

Content type

API 参考 - 图109application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" }

Response samples

  • 200
  • 201
  • 202

Content type

API 参考 - 图110application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" }

deleteManagementCattleIoV3CollectionNamespacedClusterRoleTemplateBinding

delete collection of ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图111

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图112200

OK

401

Unauthorized

delete/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindingsAPI 参考 - 图113

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings

Response samples

  • 200

Content type

API 参考 - 图114application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

readManagementCattleIoV3NamespacedClusterRoleTemplateBinding

read the specified ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图115

BearerToken

path Parameters
name
required
string unique

name of the ClusterRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

Responses

API 参考 - 图116200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}API 参考 - 图117

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}

Response samples

  • 200

Content type

API 参考 - 图118application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" }

replaceManagementCattleIoV3NamespacedClusterRoleTemplateBinding

replace the specified ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图119

BearerToken

path Parameters
name
required
string unique

name of the ClusterRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图120application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

clusterName
required
string

ClusterName is the metadata.name of the cluster to which a subject is added. Must match the namespace. Immutable.

groupName
string

GroupName is the name of the group subject added to the cluster. Immutable.

groupPrincipalName
string

GroupPrincipalName is the name of the group principal subject added to the cluster. Immutable.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

roleTemplateName
required
string

RoleTemplateName is the name of the role template that defines permissions to perform actions on resources in the cluster. Immutable.

userName
string

UserName is the name of the user subject added to the cluster. Immutable.

userPrincipalName
string

UserPrincipalName is the name of the user principal subject added to the cluster. Immutable.

Responses

API 参考 - 图122200

OK

API 参考 - 图123201

Created

401

Unauthorized

put/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}API 参考 - 图124

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图125application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" }

Response samples

  • 200
  • 201

Content type

API 参考 - 图126application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" }

deleteManagementCattleIoV3NamespacedClusterRoleTemplateBinding

delete a ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图127

BearerToken

path Parameters
name
required
string unique

name of the ClusterRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer unique

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents
boolean unique

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy
string unique

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Request Body schema:

API 参考 - 图128application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

dryRun
Array of strings

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer <int64>

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

orphanDependents
boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

object (io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions)

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

propagationPolicy
string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Responses

API 参考 - 图130200

OK

API 参考 - 图131202

Accepted

401

Unauthorized

delete/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}API 参考 - 图132

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图133application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "dryRun": [ - "string" ], - "gracePeriodSeconds": 0, - "kind": "string", - "orphanDependents": true, - "preconditions": { - "resourceVersion": "string", - "uid": "string" }, - "propagationPolicy": "string" }

Response samples

  • 200
  • 202

Content type

API 参考 - 图134application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

patchManagementCattleIoV3NamespacedClusterRoleTemplateBinding

partially update the specified ClusterRoleTemplateBinding

Authorizations:

API 参考 - 图135

BearerToken

path Parameters
name
required
string unique

name of the ClusterRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force
boolean unique

Force is going to “force” Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Request Body schema:

API 参考 - 图136application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

object (io.k8s.apimachinery.pkg.apis.meta.v1.Patch)

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

Responses

API 参考 - 图137200

OK

401

Unauthorized

patch/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}API 参考 - 图138

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/clusterroletemplatebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图139application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

Copy

{ }

Response samples

  • 200

Content type

API 参考 - 图140application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "clusterName": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "roleTemplateName": "string", - "userName": "string", - "userPrincipalName": "string" }

listManagementCattleIoV3NamespacedProjectRoleTemplateBinding

list objects of kind ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图141

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图142200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindingsAPI 参考 - 图143

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings

Response samples

  • 200

Content type

API 参考 - 图144application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

createManagementCattleIoV3NamespacedProjectRoleTemplateBinding

create a ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图145

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图146application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

groupName
string

GroupName is the name of the group subject added to the project. Immutable.

groupPrincipalName
string

GroupPrincipalName is the name of the group principal subject added to the project. Immutable.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

projectName
required
string

ProjectName is the name of the project to which a subject is added. Immutable.

roleTemplateName
required
string

RoleTemplateName is the name of the role template that defines permissions to perform actions on resources in the project. Immutable.

serviceAccount
string

ServiceAccount is the name of the service account bound as a subject. Immutable. Deprecated.

userName
string

UserName is the name of the user subject added to the project. Immutable.

userPrincipalName
string

UserPrincipalName is the name of the user principal subject added to the project. Immutable.

Responses

API 参考 - 图148200

OK

API 参考 - 图149201

Created

API 参考 - 图150202

Accepted

401

Unauthorized

post/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindingsAPI 参考 - 图151

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings

Request samples

  • Payload

Content type

API 参考 - 图152application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" }

Response samples

  • 200
  • 201
  • 202

Content type

API 参考 - 图153application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" }

deleteManagementCattleIoV3CollectionNamespacedProjectRoleTemplateBinding

delete collection of ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图154

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图155200

OK

401

Unauthorized

delete/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindingsAPI 参考 - 图156

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings

Response samples

  • 200

Content type

API 参考 - 图157application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

readManagementCattleIoV3NamespacedProjectRoleTemplateBinding

read the specified ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图158

BearerToken

path Parameters
name
required
string unique

name of the ProjectRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

Responses

API 参考 - 图159200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}API 参考 - 图160

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}

Response samples

  • 200

Content type

API 参考 - 图161application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" }

replaceManagementCattleIoV3NamespacedProjectRoleTemplateBinding

replace the specified ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图162

BearerToken

path Parameters
name
required
string unique

name of the ProjectRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图163application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

groupName
string

GroupName is the name of the group subject added to the project. Immutable.

groupPrincipalName
string

GroupPrincipalName is the name of the group principal subject added to the project. Immutable.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

projectName
required
string

ProjectName is the name of the project to which a subject is added. Immutable.

roleTemplateName
required
string

RoleTemplateName is the name of the role template that defines permissions to perform actions on resources in the project. Immutable.

serviceAccount
string

ServiceAccount is the name of the service account bound as a subject. Immutable. Deprecated.

userName
string

UserName is the name of the user subject added to the project. Immutable.

userPrincipalName
string

UserPrincipalName is the name of the user principal subject added to the project. Immutable.

Responses

API 参考 - 图165200

OK

API 参考 - 图166201

Created

401

Unauthorized

put/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}API 参考 - 图167

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图168application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" }

Response samples

  • 200
  • 201

Content type

API 参考 - 图169application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" }

deleteManagementCattleIoV3NamespacedProjectRoleTemplateBinding

delete a ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图170

BearerToken

path Parameters
name
required
string unique

name of the ProjectRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer unique

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents
boolean unique

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy
string unique

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Request Body schema:

API 参考 - 图171application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

dryRun
Array of strings

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer <int64>

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

orphanDependents
boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

object (io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions)

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

propagationPolicy
string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Responses

API 参考 - 图173200

OK

API 参考 - 图174202

Accepted

401

Unauthorized

delete/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}API 参考 - 图175

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图176application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "dryRun": [ - "string" ], - "gracePeriodSeconds": 0, - "kind": "string", - "orphanDependents": true, - "preconditions": { - "resourceVersion": "string", - "uid": "string" }, - "propagationPolicy": "string" }

Response samples

  • 200
  • 202

Content type

API 参考 - 图177application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

patchManagementCattleIoV3NamespacedProjectRoleTemplateBinding

partially update the specified ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图178

BearerToken

path Parameters
name
required
string unique

name of the ProjectRoleTemplateBinding

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force
boolean unique

Force is going to “force” Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Request Body schema:

API 参考 - 图179application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

object (io.k8s.apimachinery.pkg.apis.meta.v1.Patch)

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

Responses

API 参考 - 图180200

OK

401

Unauthorized

patch/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}API 参考 - 图181

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projectroletemplatebindings/{name}

Request samples

  • Payload

Content type

API 参考 - 图182application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

Copy

{ }

Response samples

  • 200

Content type

API 参考 - 图183application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" }

listManagementCattleIoV3NamespacedProject

list objects of kind Project

Authorizations:

API 参考 - 图184

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图185200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/namespaces/{namespace}/projectsAPI 参考 - 图186

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects

Response samples

  • 200

Content type

API 参考 - 图187application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

createManagementCattleIoV3NamespacedProject

create a Project

Authorizations:

API 参考 - 图188

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图189application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

object

Spec is the specification of the desired configuration for the project.

object

Status is the most recently observed status of the project.

Responses

API 参考 - 图193200

OK

API 参考 - 图194201

Created

API 参考 - 图195202

Accepted

401

Unauthorized

post/apis/management.cattle.io/v3/namespaces/{namespace}/projectsAPI 参考 - 图196

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects

Request samples

  • Payload

Content type

API 参考 - 图197application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } }

Response samples

  • 200
  • 201
  • 202

Content type

API 参考 - 图198application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } }

deleteManagementCattleIoV3CollectionNamespacedProject

delete collection of Project

Authorizations:

API 参考 - 图199

BearerToken

path Parameters
namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图200200

OK

401

Unauthorized

delete/apis/management.cattle.io/v3/namespaces/{namespace}/projectsAPI 参考 - 图201

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects

Response samples

  • 200

Content type

API 参考 - 图202application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

readManagementCattleIoV3NamespacedProject

read the specified Project

Authorizations:

API 参考 - 图203

BearerToken

path Parameters
name
required
string unique

name of the Project

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

Responses

API 参考 - 图204200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}API 参考 - 图205

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}

Response samples

  • 200

Content type

API 参考 - 图206application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } }

replaceManagementCattleIoV3NamespacedProject

replace the specified Project

Authorizations:

API 参考 - 图207

BearerToken

path Parameters
name
required
string unique

name of the Project

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图208application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

object

Spec is the specification of the desired configuration for the project.

object

Status is the most recently observed status of the project.

Responses

API 参考 - 图212200

OK

API 参考 - 图213201

Created

401

Unauthorized

put/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}API 参考 - 图214

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}

Request samples

  • Payload

Content type

API 参考 - 图215application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } }

Response samples

  • 200
  • 201

Content type

API 参考 - 图216application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } }

deleteManagementCattleIoV3NamespacedProject

delete a Project

Authorizations:

API 参考 - 图217

BearerToken

path Parameters
name
required
string unique

name of the Project

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer unique

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents
boolean unique

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy
string unique

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Request Body schema:

API 参考 - 图218application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

dryRun
Array of strings

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer <int64>

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

orphanDependents
boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

object (io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions)

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

propagationPolicy
string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Responses

API 参考 - 图220200

OK

API 参考 - 图221202

Accepted

401

Unauthorized

delete/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}API 参考 - 图222

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}

Request samples

  • Payload

Content type

API 参考 - 图223application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "dryRun": [ - "string" ], - "gracePeriodSeconds": 0, - "kind": "string", - "orphanDependents": true, - "preconditions": { - "resourceVersion": "string", - "uid": "string" }, - "propagationPolicy": "string" }

Response samples

  • 200
  • 202

Content type

API 参考 - 图224application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

patchManagementCattleIoV3NamespacedProject

partially update the specified Project

Authorizations:

API 参考 - 图225

BearerToken

path Parameters
name
required
string unique

name of the Project

namespace
required
string unique

object name and auth scope, such as for teams and projects

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force
boolean unique

Force is going to “force” Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Request Body schema:

API 参考 - 图226application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

object (io.k8s.apimachinery.pkg.apis.meta.v1.Patch)

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

Responses

API 参考 - 图227200

OK

401

Unauthorized

patch/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}API 参考 - 图228

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/namespaces/{namespace}/projects/{name}

Request samples

  • Payload

Content type

API 参考 - 图229application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

Copy

{ }

Response samples

  • 200

Content type

API 参考 - 图230application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } }

listManagementCattleIoV3ProjectRoleTemplateBindingForAllNamespaces

list objects of kind ProjectRoleTemplateBinding

Authorizations:

API 参考 - 图231

BearerToken

query Parameters
allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图232200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/projectroletemplatebindingsAPI 参考 - 图233

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/projectroletemplatebindings

Response samples

  • 200

Content type

API 参考 - 图234application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "groupName": "string", - "groupPrincipalName": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectName": "string", - "roleTemplateName": "string", - "serviceAccount": "string", - "userName": "string", - "userPrincipalName": "string" } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

listManagementCattleIoV3ProjectForAllNamespaces

list objects of kind Project

Authorizations:

API 参考 - 图235

BearerToken

query Parameters
allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图236200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/projectsAPI 参考 - 图237

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/projects

Response samples

  • 200

Content type

API 参考 - 图238application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "apiVersion": "string", - "kind": "string", - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "spec": { - "clusterName": "string", - "containerDefaultResourceLimit": { - "limitsCpu": "string", - "limitsMemory": "string", - "requestsCpu": "string", - "requestsMemory": "string" }, - "description": "string", - "displayName": "string", - "enableProjectMonitoring": true, - "namespaceDefaultResourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } }, - "resourceQuota": { - "limit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" }, - "usedLimit": { - "configMaps": "string", - "limitsCpu": "string", - "limitsMemory": "string", - "persistentVolumeClaims": "string", - "pods": "string", - "replicationControllers": "string", - "requestsCpu": "string", - "requestsMemory": "string", - "requestsStorage": "string", - "secrets": "string", - "services": "string", - "servicesLoadBalancers": "string", - "servicesNodePorts": "string" } } }, - "status": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "monitoringStatus": { - "conditions": [ - { - "lastTransitionTime": "string", - "lastUpdateTime": "string", - "message": "string", - "reason": "string", - "status": "string", - "type": "string" } ], - "grafanaEndpoint": "string" }, - "podSecurityPolicyTemplateId": "string" } } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

listManagementCattleIoV3RoleTemplate

list objects of kind RoleTemplate

Authorizations:

API 参考 - 图239

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图240200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/roletemplatesAPI 参考 - 图241

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates

Response samples

  • 200

Content type

API 参考 - 图242application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "items": [ - { - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] } ], - "kind": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" } }

createManagementCattleIoV3RoleTemplate

create a RoleTemplate

Authorizations:

API 参考 - 图243

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图244application/jsonapplication/yamlapplication/json

administrative
boolean

Administrative if false, and context is set to cluster this RoleTemplate will not grant access to “CatalogTemplates” and “CatalogTemplateVersions” for any project in the cluster. Default is false.

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

builtin
boolean

Builtin if true specifies that this RoleTemplate was created by Rancher and is immutable. Default to false.

clusterCreatorDefault
boolean

ClusterCreatorDefault if true, a binding with this RoleTemplate will be created for a users when they create a new cluster. ClusterCreatorDefault is only evaluated if the context of the RoleTemplate is set to cluster. Default to false.

context
string
Enum: “project” “cluster” “”

Context describes if the roleTemplate applies to clusters or projects. Valid values are “project”, “cluster” or “”.

description
string

Description holds text that describes the resource.

displayName
string

DisplayName is the human-readable name displayed in the UI for this resource.

external
boolean

External if true specifies that rules for this RoleTemplate should be gathered from a ClusterRole with the matching name. If set to true the Rules on the template will not be evaluated. External’s value is only evaluated if the RoleTemplate’s context is set to “cluster” Default to false.

hidden
boolean

Hidden if true informs the Rancher UI not to display this RoleTemplate. Default to false.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

locked
boolean

Locked if true, new bindings will not be able to use this RoleTemplate. Default to false.

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

projectCreatorDefault
boolean

ProjectCreatorDefault if true, a binding with this RoleTemplate will be created for a user when they create a new project. ProjectCreatorDefault is only evaluated if the context of the RoleTemplate is set to project. Default to false.

roleTemplateNames
Array of strings

RoleTemplateNames list of RoleTemplate names that this RoleTemplate will inherit. This RoleTemplate will grant all rules defined in an inherited RoleTemplate. Inherited RoleTemplates must already exist.

Array of objects

Rules hold all the PolicyRules for this RoleTemplate.

Responses

API 参考 - 图247200

OK

API 参考 - 图248201

Created

API 参考 - 图249202

Accepted

401

Unauthorized

post/apis/management.cattle.io/v3/roletemplatesAPI 参考 - 图250

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates

Request samples

  • Payload

Content type

API 参考 - 图251application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

Response samples

  • 200
  • 201
  • 202

Content type

API 参考 - 图252application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

deleteManagementCattleIoV3CollectionRoleTemplate

delete collection of RoleTemplate

Authorizations:

API 参考 - 图253

BearerToken

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

allowWatchBookmarks
boolean unique

allowWatchBookmarks requests watch events with type “BOOKMARK”. Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue
string unique

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the “next key”.

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector
string unique

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector
string unique

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit
integer unique

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the continue field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch
string unique

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents
boolean unique

sendInitialEvents=true may be set together with watch=true. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic “Bookmark” event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with “k8s.io/initial-events-end”: “true” annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When sendInitialEvents option is set, we require resourceVersionMatch option to also be set. The semantic of the watch request is as following: - resourceVersionMatch = NotOlderThan is interpreted as “data at least as new as the provided resourceVersion“ and the bookmark event is send when the state is synced to a resourceVersion at least as fresh as the one provided by the ListOptions. If resourceVersion is unset, this is interpreted as “consistent read” and the bookmark event is send when the state is synced at least to the moment when request started being processed.

  • resourceVersionMatch set to any other value or unset Invalid error is returned.

Defaults to true if resourceVersion=”” or resourceVersion=”0” (for backward compatibility reasons) and to false otherwise.

timeoutSeconds
integer unique

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch
boolean unique

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Responses

API 参考 - 图254200

OK

401

Unauthorized

delete/apis/management.cattle.io/v3/roletemplatesAPI 参考 - 图255

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates

Response samples

  • 200

Content type

API 参考 - 图256application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

readManagementCattleIoV3RoleTemplate

read the specified RoleTemplate

Authorizations:

API 参考 - 图257

BearerToken

path Parameters
name
required
string unique

name of the RoleTemplate

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

resourceVersion
string unique

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

Responses

API 参考 - 图258200

OK

401

Unauthorized

get/apis/management.cattle.io/v3/roletemplates/{name}API 参考 - 图259

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates/{name}

Response samples

  • 200

Content type

API 参考 - 图260application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

replaceManagementCattleIoV3RoleTemplate

replace the specified RoleTemplate

Authorizations:

API 参考 - 图261

BearerToken

path Parameters
name
required
string unique

name of the RoleTemplate

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Request Body schema:

API 参考 - 图262application/jsonapplication/yamlapplication/json

administrative
boolean

Administrative if false, and context is set to cluster this RoleTemplate will not grant access to “CatalogTemplates” and “CatalogTemplateVersions” for any project in the cluster. Default is false.

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

builtin
boolean

Builtin if true specifies that this RoleTemplate was created by Rancher and is immutable. Default to false.

clusterCreatorDefault
boolean

ClusterCreatorDefault if true, a binding with this RoleTemplate will be created for a users when they create a new cluster. ClusterCreatorDefault is only evaluated if the context of the RoleTemplate is set to cluster. Default to false.

context
string
Enum: “project” “cluster” “”

Context describes if the roleTemplate applies to clusters or projects. Valid values are “project”, “cluster” or “”.

description
string

Description holds text that describes the resource.

displayName
string

DisplayName is the human-readable name displayed in the UI for this resource.

external
boolean

External if true specifies that rules for this RoleTemplate should be gathered from a ClusterRole with the matching name. If set to true the Rules on the template will not be evaluated. External’s value is only evaluated if the RoleTemplate’s context is set to “cluster” Default to false.

hidden
boolean

Hidden if true informs the Rancher UI not to display this RoleTemplate. Default to false.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

locked
boolean

Locked if true, new bindings will not be able to use this RoleTemplate. Default to false.

object (io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)

ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.

projectCreatorDefault
boolean

ProjectCreatorDefault if true, a binding with this RoleTemplate will be created for a user when they create a new project. ProjectCreatorDefault is only evaluated if the context of the RoleTemplate is set to project. Default to false.

roleTemplateNames
Array of strings

RoleTemplateNames list of RoleTemplate names that this RoleTemplate will inherit. This RoleTemplate will grant all rules defined in an inherited RoleTemplate. Inherited RoleTemplates must already exist.

Array of objects

Rules hold all the PolicyRules for this RoleTemplate.

Responses

API 参考 - 图265200

OK

API 参考 - 图266201

Created

401

Unauthorized

put/apis/management.cattle.io/v3/roletemplates/{name}API 参考 - 图267

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates/{name}

Request samples

  • Payload

Content type

API 参考 - 图268application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

Response samples

  • 200
  • 201

Content type

API 参考 - 图269application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }

deleteManagementCattleIoV3RoleTemplate

delete a RoleTemplate

Authorizations:

API 参考 - 图270

BearerToken

path Parameters
name
required
string unique

name of the RoleTemplate

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer unique

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents
boolean unique

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy
string unique

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Request Body schema:

API 参考 - 图271application/jsonapplication/yamlapplication/json

apiVersion
string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

dryRun
Array of strings

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds
integer <int64>

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

kind
string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

orphanDependents
boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the “orphan” finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.

object (io.k8s.apimachinery.pkg.apis.meta.v1.Preconditions)

Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.

propagationPolicy
string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: ‘Orphan’ - orphan the dependents; ‘Background’ - allow the garbage collector to delete the dependents in the background; ‘Foreground’ - a cascading policy that deletes all dependents in the foreground.

Responses

API 参考 - 图273200

OK

API 参考 - 图274202

Accepted

401

Unauthorized

delete/apis/management.cattle.io/v3/roletemplates/{name}API 参考 - 图275

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates/{name}

Request samples

  • Payload

Content type

API 参考 - 图276application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "dryRun": [ - "string" ], - "gracePeriodSeconds": 0, - "kind": "string", - "orphanDependents": true, - "preconditions": { - "resourceVersion": "string", - "uid": "string" }, - "propagationPolicy": "string" }

Response samples

  • 200
  • 202

Content type

API 参考 - 图277application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "apiVersion": "string", - "code": 0, - "details": { - "causes": [ - { - "field": "string", - "message": "string", - "reason": "string" } ], - "group": "string", - "kind": "string", - "name": "string", - "retryAfterSeconds": 0, - "uid": "string" }, - "kind": "string", - "message": "string", - "metadata": { - "continue": "string", - "remainingItemCount": 0, - "resourceVersion": "string", - "selfLink": "string" }, - "reason": "string", - "status": "string" }

patchManagementCattleIoV3RoleTemplate

partially update the specified RoleTemplate

Authorizations:

API 参考 - 图278

BearerToken

path Parameters
name
required
string unique

name of the RoleTemplate

query Parameters
pretty
string unique

If ‘true’, then the output is pretty printed.

dryRun
string unique

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager
string unique

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation
string unique

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force
boolean unique

Force is going to “force” Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Request Body schema:

API 参考 - 图279application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

object (io.k8s.apimachinery.pkg.apis.meta.v1.Patch)

Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.

Responses

API 参考 - 图280200

OK

401

Unauthorized

patch/apis/management.cattle.io/v3/roletemplates/{name}API 参考 - 图281

https://ranchermanager.docs.rancher.com/apis/management.cattle.io/v3/roletemplates/{name}

Request samples

  • Payload

Content type

API 参考 - 图282application/json-patch+jsonapplication/merge-patch+jsonapplication/apply-patch+yamlapplication/json-patch+json

Copy

{ }

Response samples

  • 200

Content type

API 参考 - 图283application/jsonapplication/yamlapplication/json

Copy

Expand all Collapse all

{ - "administrative": true, - "apiVersion": "string", - "builtin": true, - "clusterCreatorDefault": true, - "context": "project", - "description": "string", - "displayName": "string", - "external": true, - "hidden": true, - "kind": "string", - "locked": true, - "metadata": { - "annotations": { - "property1": "string", - "property2": "string" }, - "creationTimestamp": "2019-08-24T14:15:22Z", - "deletionGracePeriodSeconds": 0, - "deletionTimestamp": "2019-08-24T14:15:22Z", - "finalizers": [ - "string" ], - "generateName": "string", - "generation": 0, - "labels": { - "property1": "string", - "property2": "string" }, - "managedFields": [ - { - "apiVersion": "string", - "fieldsType": "string", - "fieldsV1": { }, - "manager": "string", - "operation": "string", - "subresource": "string", - "time": "2019-08-24T14:15:22Z" } ], - "name": "string", - "namespace": "string", - "ownerReferences": [ - { - "apiVersion": "string", - "blockOwnerDeletion": true, - "controller": true, - "kind": "string", - "name": "string", - "uid": "string" } ], - "resourceVersion": "string", - "selfLink": "string", - "uid": "string" }, - "projectCreatorDefault": true, - "roleTemplateNames": [ - "string" ], - "rules": [ - { - "apiGroups": [ - "string" ], - "nonResourceURLs": [ - "string" ], - "resourceNames": [ - "string" ], - "resources": [ - "string" ], - "verbs": [ - "string" ] } ] }