Call methods

Last Updated: Nov 15, 2016

The REST API of application management will be accessed from the cluster’s management endpoint. And it is required HTTPS communication with the cluster certificate.

Obtain the management endpoint and certificates of the cluster

Console

Access the Container Service management console and select the connection information of the specified cluster to download the certificates. For details, refer to Connect to a cluster using Docker tools.

connect

If you use API, change tcp in the endpoint to https.

Programming

You need to obtain the following items through the API to describe cluster.

  1. Value of the master_url field. For details, refer to View a cluster instance.
  2. The cluster certificate. For details, refer to Obtain cluster certificate information.

Results returned from the API:

  1. {
  2. "ca": "string", ##Certificate issued by the Certification Authority, ca.pem
  3. "cert": "string", ##Your public key certificate, cert.pem
  4. "key": "string" ##Your private key certificate, key.pem
  5. }

It is recommended to save the three strings in the returned results as three files, namely, ca.pem, cert.pem, and key.pem, in one directory. The HTTPS certificate files can be used in tools or programming frameworks.

Call the application management API

Assume that your cluster name is ClusterName, and the above three certificates are saved to the ~/.docker/aliyun/ClusterName directory.

Assume that the obtained master_url address is https://123.123.123.123:1234.

Example of listing applications

The following describes how to list applications with REST API (the context path is /projects/).

For details, refer to View application instances.

CURL

  1. # TIP: You may need to upgrade your CURL to the correct version.
  2. curl --insecure --cert ~/.docker/aliyun/ClusterName/cert.pem --key ~/.docker/aliyun/ClusterName/key.pem https://123.123.123.123:1234/projects/

PHP

  1. <?php
  2. $ch = curl_init();
  3. curl_setopt($ch, CURLOPT_URL, "https://123.123.123.123:1234/projects/");
  4. curl_setopt($ch, CURLOPT_SSLKEY, "~/.docker/aliyun/ClusterName/key.pem");
  5. curl_setopt($ch, CURLOPT_CAINFO, "~/.docker/aliyun/ClusterName/ca.pem");
  6. curl_setopt($ch, CURLOPT_SSLCERT, "~/.docker/aliyun/ClusterName/cert.pem");
  7. $result=curl_exec($ch);
  8. echo $result;
  9. curl_close($ch);
  10. ?>

Python

  1. import requests
  2. res = requests.get('https://123.123.123.123:1234/projects/', verify='~/.docker/aliyun/ClusterName/ca.pem', cert=('~/.docker/aliyun/ClusterName/cert.pem', '~/.docker/aliyun/ClusterName/key.pem'))
  3. print res.content

Java

Add maven dependency

  1. <dependency>
  2. <groupId>org.apache.httpcomponents</groupId>
  3. <artifactId>httpclient</artifactId>
  4. <version>4.5.1</version>
  5. </dependency>
  6. <dependency>
  7. <groupId>org.bouncycastle</groupId>
  8. <artifactId>bcpkix-jdk15on</artifactId>
  9. <version>1.52</version>
  10. </dependency>

Code sample

  1. import java.nio.file.Path;
  2. import java.nio.charset.Charset;
  3. import java.nio.file.Files;
  4. import java.nio.file.Paths;
  5. import java.security.KeyFactory;
  6. import java.security.KeyStore;
  7. import java.security.PrivateKey;
  8. import java.security.cert.Certificate;
  9. import java.security.cert.CertificateFactory;
  10. import java.security.spec.PKCS8EncodedKeySpec;
  11. import javax.net.ssl.SSLContext;
  12. import org.bouncycastle.openssl.PEMKeyPair;
  13. import org.bouncycastle.openssl.PEMParser;
  14. import org.apache.http.client.methods.CloseableHttpResponse;
  15. import org.apache.http.client.methods.HttpGet;
  16. import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
  17. import org.apache.http.impl.client.CloseableHttpClient;
  18. import org.apache.http.impl.client.HttpClients;
  19. import org.apache.http.ssl.SSLContexts;
  20. import org.apache.http.util.EntityUtils;
  21. public class Test {
  22. public static void main(String[] argc) throws Exception {
  23. final char[] KEY_STORE_PASSWORD = "".toCharArray();
  24. //Obtain the certificate address
  25. Path caCertPath = Paths.get("~/.docker/aliyun/ClusterName/ca.pem");
  26. Path clientCertPath = Paths.get("~/.docker/aliyun/ClusterName/cert.pem");
  27. Path clientKeyPath = Paths.get("~/.docker/aliyun/ClusterName/key.pem");
  28. final CertificateFactory cf = CertificateFactory.getInstance("X.509");
  29. final Certificate caCert = cf.generateCertificate(Files.newInputStream(caCertPath));
  30. final Certificate clientCert = cf.generateCertificate(
  31. Files.newInputStream(clientCertPath));
  32. final PEMKeyPair clientKeyPair = (PEMKeyPair) new PEMParser(
  33. Files.newBufferedReader(clientKeyPath,
  34. Charset.defaultCharset()))
  35. .readObject();
  36. final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(
  37. clientKeyPair.getPrivateKeyInfo().getEncoded());
  38. final KeyFactory kf = KeyFactory.getInstance("RSA");
  39. final PrivateKey clientKey = kf.generatePrivate(spec);
  40. //Set the trusted certificate
  41. final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
  42. trustStore.load(null, null);
  43. trustStore.setEntry("ca", new KeyStore.TrustedCertificateEntry(caCert), null);
  44. //Set the private key
  45. final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
  46. keyStore.load(null, null);
  47. keyStore.setCertificateEntry("client", clientCert);
  48. keyStore.setKeyEntry("key", clientKey, KEY_STORE_PASSWORD, new Certificate[]{clientCert});
  49. SSLContext sslContext = SSLContexts.custom()
  50. .loadTrustMaterial(trustStore, null)
  51. .loadKeyMaterial(keyStore, KEY_STORE_PASSWORD)
  52. .build();
  53. SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
  54. sslContext,
  55. SSLConnectionSocketFactory.getDefaultHostnameVerifier());
  56. //httpclient connection
  57. CloseableHttpClient httpclient = HttpClients.custom()
  58. .setSSLSocketFactory(sslsf)
  59. .build();
  60. try {
  61. HttpGet httpget = new HttpGet("https://123.123.123.123:1234/projects/");
  62. CloseableHttpResponse response = httpclient.execute(httpget);
  63. try {
  64. System.out.println("----------------------------------------");
  65. String bodyAsString = EntityUtils.toString(response.getEntity());
  66. System.out.println(bodyAsString);
  67. } finally {
  68. response.close();
  69. }
  70. } finally {
  71. httpclient.close();
  72. }
  73. }
  74. }
Thank you! We've received your feedback.