docker深入2-UI之portainer通过API来更新service的ACL
2018-10-15 17:56
751 查看
docker深入2-UI之portainer通过API来更新service的ACL
2018/10/15
准备工作
- 阅读文档
- 本例使用 httpie 来发送请求
brew install httpie
- 通过 jq 来格式化数据
brew install jq
- workdir
/tmp/httpie
原因
portainer升级至1.19.2后,有比较特别的变化:
尽管之前为 service 设置过 ACL ,但在升级后发现还是全部重置为 Administrators 权限
1.19.2
Breaking changes
This version changes the default ownership for externally created resources from Public to Administrator restricted (#960, #2137). The migration process will automatically migrate any existing resource declared as Public to Administrators only.
临时解决办法
通过API来重置ACL
下面是具体示范:
##### *1. 拿到认证 token* # http POST http://your-portainer-addr/api/auth Username="admin" Password="ti9M%DjI6c7M" { "jwt": "xxJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzOTYxNzcwNX0.ifadEaqEo7LNWPuPBl8zQMZqeFvxfVPgAD6asNdMQYY" } ##### *2. 列出teams信息* # http GET http://your-portainer-addr/api/teams \ "Authorization: Bearer xxJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzOTYxNzcwNX0.ifadEaqEo7LNWPuPBl8zQMZqeFvxfVPgAD6asNdMQYY" [ { "Id": 1, "Name": "dev" }, { "Id": 2, "Name": "qa" }, { "Id": 3, "Name": "ops" } ] ##### *示例: 从文本中读取json数据来发送POST请求* # http POST http://your-portainer-addr/api/resource_controls \ "Authorization: Bearer xxJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzOTYxNzcwNX0.ifadEaqEo7LNWPuPBl8zQMZqeFvxfVPgAD6asNdMQYY" \ @/tmp/httpie/1.json ##### *示例: 获得通过service前缀过滤后的状态* # http GET http://your-portainer-addr/api/endpoints/5/docker/services\?filters\='{"name":["dev-app1"]}' \ "Authorization: Bearer xxJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzOTYxNzcwNX0.ifadEaqEo7LNWPuPBl8zQMZqeFvxfVPgAD6asNdMQYY" |jq '.[] | {name: .Spec.Name, id: .ID, teams: .Portainer.ResourceControl.TeamAccesses[0].TeamId}' ##### *3. 获得通过service前缀过滤后的ID* # http GET http://your-portainer-addr/api/endpoints/5/docker/services\?filters\='{"name":["dev-app1"]}' \ "Authorization: Bearer xxJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzOTYxNzcwNX0.ifadEaqEo7LNWPuPBl8zQMZqeFvxfVPgAD6asNdMQYY" |jq '.[].ID' \ > .id ##### *4. 根据上述信息,批量执行API来设置team权限* s1='{"Type":"service","Public":false,"ResourceID":"' s2='","Users":[],"Teams":[2]}' for ID in `cat .id |sed 's/"//g'`;do echo $ID echo ${s1}${ID}${s2}>d.json http POST http://your-portainer-addr/api/resource_controls \ "Authorization: Bearer xxJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTUzOTYxNzcwNX0.ifadEaqEo7LNWPuPBl8zQMZqeFvxfVPgAD6asNdMQYY" \ @/tmp/httpie/d.json echo '---------' done
ZYXW、参考
1、swagger
https://app.swaggerhub.com/apis/deviantony/Portainer/1.19.2/#/
2、issuecomment
https://github.com/portainer/portainer/pull/2137#issuecomment-426421950
3、releases-tag-1.19.2
https://github.com/portainer/portainer/releases/tag/1.19.2
相关文章推荐
- Android Service 通知Activity更新界面的方法研究|Service通过Broadcast更新UI
- 如何调用docker swarm service的API来创建及更新服务
- 【Android】Service通过广播更新UI
- Service通过Broadcast更新UI
- Android Service 通知Activity更新界面的方法研究|Service通过Broadcast更新UI
- 【Android】关于在Service中通过接口回调更新Activity的UI
- Android Service 通知Activity更新界面的方法研究|Service通过Broadcast更新UI
- docker深入2-UI之portainer的二次开发
- docker深入2-UI之portainer的使用简介
- 【Android应用实例之四】计时器之通过Service&BroadcastReceiver实现UI动态更新
- 后台Service通过广播更新UI,Activity通过广播停止Service
- Service通过Broadcast更新UI
- 通过回调实现Service中更新UI。
- 【Android】Service通过广播更新UI
- Android 通过ContentProvider数据库更新UI
- 通过 Service 访问 Pod - 每天5分钟玩转 Docker 容器技术(136)
- Service和广播联合更新UI的例子
- 《Handler: Activity 之间通过 Handler 通信》 & 《通过Handler更新UI》
- Android Service更新UI的方法之AIDL
- Docker的web端管理平台对比(DockerUI 、Shipyard、Portainer、Daocloud)