Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
11 changed files
with
392 additions
and
73 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
.idea/ | ||
out/ | ||
/target/ | ||
*.iml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
FROM maven:3.8.7-openjdk-18-slim as builder | ||
# TARGETPLATFORM | ||
|
||
WORKDIR /app | ||
COPY src/main/java/com/alibabacloud/Demo.java ./src/main/java/com/alibabacloud/ | ||
COPY pom.xml ./ | ||
RUN mvn package | ||
|
||
|
||
FROM openjdk:18-slim-buster | ||
|
||
WORKDIR /app | ||
|
||
COPY --from=builder /app/target/demo-1.0-SNAPSHOT-jar-with-dependencies.jar ./ | ||
|
||
CMD java -jar ./demo-1.0-SNAPSHOT-jar-with-dependencies.jar |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
# java-sdk | ||
|
||
## Usage | ||
|
||
1. Enable RRSA: | ||
|
||
``` | ||
export CLUSTER_ID=<cluster_id> | ||
ack-ram-tool rrsa enable --cluster-id "${CLUSTER_ID}" | ||
``` | ||
|
||
2. Install ack-pod-identity-webhook: | ||
|
||
``` | ||
ack-ram-tool rrsa install-helper-addon --cluster-id "${CLUSTER_ID}" | ||
``` | ||
|
||
|
||
3. Create an RAM Policy: | ||
|
||
``` | ||
aliyun ram CreatePolicy --PolicyName oss-list-buckets --PolicyDocument '{ | ||
"Version": "1", | ||
"Statement": [ | ||
{ | ||
"Effect": "Allow", | ||
"Action": [ | ||
"oss:ListBuckets" | ||
], | ||
"Resource": [ | ||
"*" | ||
], | ||
"Condition": {} | ||
} | ||
] | ||
}' | ||
``` | ||
|
||
4. Associate an RAM Role to the service account and attach the policy to the role: | ||
|
||
``` | ||
ack-ram-tool rrsa associate-role --cluster-id "${CLUSTER_ID}" \ | ||
--namespace rrsa-demo-oss-java-sdk \ | ||
--service-account demo-sa \ | ||
--role-name test-rrsa-demo \ | ||
--create-role-if-not-exist \ | ||
--attach-custom-policy oss-list-buckets | ||
``` | ||
|
||
5. Deploy demo job: | ||
|
||
``` | ||
ack-ram-tool credential-plugin get-kubeconfig --cluster-id "${CLUSTER_ID}" > kubeconfig | ||
kubectl --kubeconfig ./kubeconfig apply -f deploy.yaml | ||
``` | ||
|
||
6. Get logs: | ||
|
||
``` | ||
kubectl --kubeconfig ./kubeconfig -n rrsa-demo-oss-java-sdk wait --for=condition=complete job/demo --timeout=240s | ||
kubectl --kubeconfig ./kubeconfig -n rrsa-demo-oss-java-sdk logs job/demo | ||
``` | ||
|
||
Outputs: | ||
|
||
``` | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
--- | ||
apiVersion: v1 | ||
kind: Namespace | ||
metadata: | ||
name: rrsa-demo-java-sdk | ||
labels: | ||
pod-identity.alibabacloud.com/injection: 'on' | ||
|
||
--- | ||
apiVersion: v1 | ||
kind: ServiceAccount | ||
metadata: | ||
name: demo-sa | ||
namespace: rrsa-demo-java-sdk | ||
annotations: | ||
pod-identity.alibabacloud.com/role-name: test-rrsa-demo | ||
|
||
--- | ||
apiVersion: batch/v1 | ||
kind: Job | ||
metadata: | ||
name: demo | ||
namespace: rrsa-demo-java-sdk | ||
spec: | ||
template: | ||
spec: | ||
serviceAccountName: demo-sa | ||
restartPolicy: Never | ||
containers: | ||
- image: registry.cn-hangzhou.aliyuncs.com/acs/ack-ram-tool:0.13.2-rrsa-example-oss-java | ||
imagePullPolicy: "Always" | ||
name: test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<groupId>com.alibabacloud</groupId> | ||
<artifactId>demo</artifactId> | ||
<version>1.0-SNAPSHOT</version> | ||
|
||
<dependencies> | ||
|
||
<dependency> | ||
<groupId>com.aliyun</groupId> | ||
<artifactId>credentials-java</artifactId> | ||
<version>0.2.10</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>com.aliyun.oss</groupId> | ||
<artifactId>aliyun-sdk-oss</artifactId> | ||
<version>3.16.1</version> | ||
</dependency> | ||
|
||
</dependencies> | ||
|
||
<properties> | ||
<maven.version>3.8.0</maven.version> | ||
<maven.compiler.source>18</maven.compiler.source> | ||
<maven.compiler.target>18</maven.compiler.target> | ||
</properties> | ||
|
||
<build> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-jar-plugin</artifactId> | ||
<version>3.3.0</version> | ||
<configuration> | ||
<archive> | ||
<manifest> | ||
<addClasspath>true</addClasspath> | ||
<mainClass>com.alibabacloud.Demo</mainClass> | ||
</manifest> | ||
</archive> | ||
</configuration> | ||
</plugin> | ||
|
||
<plugin> | ||
<artifactId>maven-assembly-plugin</artifactId> | ||
<version>3.4.2</version> | ||
<configuration> | ||
<archive> | ||
<manifest> | ||
<mainClass>com.alibabacloud.Demo</mainClass> | ||
</manifest> | ||
</archive> | ||
<descriptorRefs> | ||
<descriptorRef>jar-with-dependencies</descriptorRef> | ||
</descriptorRefs> | ||
</configuration> | ||
<executions> | ||
<execution> | ||
<id>make-assembly</id> <!-- this is used for inheritance merges --> | ||
<phase>package</phase> <!-- bind to the packaging phase --> | ||
<goals> | ||
<goal>single</goal> | ||
</goals> | ||
</execution> | ||
</executions> | ||
</plugin> | ||
</plugins> | ||
</build> | ||
|
||
</project> |
Oops, something went wrong.