The Kubernetes API

    The core of Kubernetes’ control plane is the . The API server exposes an HTTP API that lets end users, different parts of your cluster, and external components communicate with one another.

    The Kubernetes API lets you query and manipulate the state of API objects in Kubernetes (for example: Pods, Namespaces, ConfigMaps, and Events).

    Most operations can be performed through the kubectl command-line interface or other command-line tools, such as , which in turn use the API. However, you can also access the API directly using REST calls.

    Consider using one of the client libraries if you are writing an application using the Kubernetes API.

    Complete API details are documented using OpenAPI.

    The Kubernetes API server serves an aggregated OpenAPI v2 spec via the endpoint. You can request the response format using request headers as follows:

    Kubernetes implements an alternative Protobuf based serialization format that is primarily intended for intra-cluster communication. For more information about this format, see the Kubernetes Protobuf serialization design proposal and the Interface Definition Language (IDL) files for each schema located in the Go packages that define the API objects.

    FEATURE STATE: Kubernetes v1.24 [beta]

    A discovery endpoint is provided to see a list of all group/versions available. This endpoint only returns JSON. These group/versions are provided in the following format:

    The relative URLs are pointing to immutable OpenAPI descriptions, in order to improve client-side caching. The proper HTTP caching headers are also set by the API server for that purpose (Expires to 1 year in the future, and Cache-Control to immutable). When an obsolete URL is used, the API server returns a redirect to the newest URL.

    The Kubernetes API server publishes an OpenAPI v3 spec per Kubernetes group version at the /openapi/v3/apis/<group>/<version>?hash=<hash> endpoint.

    Refer to the table below for accepted request headers.

    Valid request header values for OpenAPI v3 queries
    HeaderPossible valuesNotes
    Accept-Encodinggzipnot supplying this header is also acceptable
    Acceptapplication/com.github.proto-openapi.spec.v3@v1.0+protobufmainly for intra-cluster use
    application/jsondefault
    serves application/json

    Kubernetes stores the serialized state of objects by writing them into .

    To make it easier to eliminate fields or restructure resource representations, Kubernetes supports multiple API versions, each at a different API path, such as /api/v1 or /apis/rbac.authorization.k8s.io/v1alpha1.

    Versioning is done at the API level rather than at the resource or field level to ensure that the API presents a clear, consistent view of system resources and behavior, and to enable controlling access to end-of-life and/or experimental APIs.

    To make it easier to evolve and to extend its API, Kubernetes implements that can be enabled or disabled.

    For example, suppose there are two API versions, v1 and v1beta1, for the same resource. If you originally created an object using the v1beta1 version of its API, you can later read, update, or delete that object using either the v1beta1 or the v1 API version, until the v1beta1 version is deprecated and removed. At that point you can continue accessing and modifying the object using the API.

    Any system that is successful needs to grow and change as new use cases emerge or existing ones change. Therefore, Kubernetes has designed the Kubernetes API to continuously change and grow. The Kubernetes project aims to not break compatibility with existing clients, and to maintain that compatibility for a length of time so that other projects have an opportunity to adapt.

    In general, new API resources and new resource fields can be added often and frequently. Elimination of resources or fields requires following the API deprecation policy.

    Kubernetes makes a strong commitment to maintain compatibility for official Kubernetes APIs once they reach general availability (GA), typically at API version v1. Additionally, Kubernetes maintains compatibility with data persisted via beta API versions of official Kubernetes APIs, and ensures that data can be converted and accessed via GA API versions when the feature goes stable.

    If you adopt a beta API version, you will need to transition to a subsequent beta or stable API version once the API graduates. The best time to do this is while the beta API is in its deprecation period, since objects are simultaneously accessible via both API versions. Once the beta API completes its deprecation period and is no longer served, the replacement API version must be used.

    Note: Although Kubernetes also aims to maintain compatibility for alpha APIs versions, in some circumstances this is not possible. If you use any alpha API versions, check the release notes for Kubernetes when upgrading your cluster, in case the API did change in incompatible ways that require deleting all existing alpha objects prior to upgrade.

    Refer to for more details on the API version level definitions.

    The Kubernetes API can be extended in one of two ways:

    1. let you declaratively define how the API server should provide your chosen resource API.
    • Learn how to extend the Kubernetes API by adding your own .
    • Controlling Access To The Kubernetes API describes how the cluster manages authentication and authorization for API access.
    • Learn about API endpoints, resource types and samples by reading .
    • Learn about what constitutes a compatible change, and how to change the API, from API changes.