1.开启相关参数KUBE_API_ARGS="--service-node-port-range=30000-32767 --enable-swagger-ui=true --apiserver-count=3 --audit-log-maxage=30 --audit-log-maxbackup=3 --audit-log-maxsize=100 --audit-log-path=/var/log/k8s/audit.log --event-ttl=1h"

2.创建用户，给cluster—admin角色，执行(kubectl create -f “yaml文件名”)kind: ClusterRoleBinding

apiVersion: rbac.authorization.k8s.io/v1beta1

metadata:

name: admin

annotations:

rbac.authorization.kubernetes.io/autoupdate: "true"

roleRef:

kind: ClusterRole

name: cluster-admin

apiGroup: rbac.authorization.k8s.io

subjects:

- kind: ServiceAccount

name: admin

namespace: kube-system

---

apiVersion: v1

kind: ServiceAccount

metadata:

name: admin

namespace: kube-system

labels:

kubernetes.io/cluster-service: "true"

addonmanager.kubernetes.io/mode: Reconcile

3.获取tokenkubectl get secret -n kube-system|grep admin

kubectl describe secret “上条命令执行结果(例：ecdataapi-token-9w7zj)” -n kube-system

4. 拿到token后，postman(6.7.1)中file>settings>General>ssl certficate verification关闭

5.获取服务地址kubectl cluster-info获取地址后复制地址到postman，将刚才生成的token复制到Authorization>type>bearer-Token

6.访问目标地址