DigitalOcean Kubernetes API Reference

Validated on 1 Oct 2018 • Last edited on 23 Mar 2026

View full API reference

DigitalOcean Kubernetes allows you to quickly deploy scalable and secure Kubernetes clusters. By sending requests to the /v2/kubernetes/clusters endpoint, you can list, create, or delete clusters as well as scale node pools up and down, recycle individual nodes, and retrieve the kubeconfig file for use with a cluster.

Base URL https://api.digitalocean.com

Endpoints

GET List All Kubernetes Clusters POST Create a New Kubernetes Cluster GET Retrieve an Existing Kubernetes Cluster PUT Update a Kubernetes Cluster DELETE Delete a Kubernetes Cluster GET Fetch Clusterlint Diagnostics for a Kubernetes Cluster POST Run Clusterlint Checks on a Kubernetes Cluster GET Retrieve Credentials for a Kubernetes Cluster GET List Associated Resources for Cluster Deletion DELETE Delete a Cluster and All of its Associated Resources (Dangerous) DELETE Selectively Delete a Cluster and its Associated Resources GET Retrieve the kubeconfig for a Kubernetes Cluster GET List All Node Pools in a Kubernetes Clusters POST Add a Node Pool to a Kubernetes Cluster GET Retrieve a Node Pool for a Kubernetes Cluster PUT Update a Node Pool in a Kubernetes Cluster DELETE Delete a Node Pool in a Kubernetes Cluster DELETE Delete a Node in a Kubernetes Cluster POST Recycle a Kubernetes Node Pool GET Fetch Status Messages for a Kubernetes Cluster POST Upgrade a Kubernetes Cluster GET Retrieve Available Upgrades for an Existing Kubernetes Cluster GET Retrieve User Information for a Kubernetes Cluster GET List Available Regions, Node Sizes, and Versions of Kubernetes POST Add Container Registries to Kubernetes Clusters DELETE Remove Container Registries from Kubernetes Clusters POST Add Container Registry to Kubernetes Clusters DELETE Remove Container Registry from Kubernetes Clusters

GET List All Kubernetes Clusters

/v2/kubernetes/clusters
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To list all of the Kubernetes clusters on your account, send a GET request to /v2/kubernetes/clusters.

Query Parameters

per_page integer 1 – 200 optional
Example: 2

Number of items returned per page

Default: 20
page integer >= 1 optional
Example: 1

Which 'page' of paginated results to return.

Default: 1
Request: /v2/kubernetes/clusters
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    opt := &godo.ListOptions{
        Page:    1,
        PerPage: 200,
    }

    clusters, _, err := client.Kubernetes.List(ctx, opt)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

clusters = client.kubernetes_clusters.all
clusters.each
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.list_clusters()

Responses

200

The response will be a JSON object with a key called kubernetes_clusters. This will be set to an array of objects, each of which will contain the standard Kubernetes cluster attributes.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
kubernetes_clusters array of object optional
Show child properties
amd_gpu_device_metrics_exporter_plugin object optional Nullable

An object specifying whether the AMD Device Metrics Exporter should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD Device Metrics Exporter is enabled.

amd_gpu_device_plugin object optional Nullable

An object specifying whether the AMD GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an AMD GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD GPU Device Plugin is enabled.

auto_upgrade boolean optional
Example: true

A boolean value indicating whether the cluster will be automatically upgraded to new patch releases during its maintenance window.

cluster_autoscaler_configuration object optional Nullable

An object specifying custom cluster autoscaler configuration.

Show child properties
expanders array of string, one of: random, priority, least_waste optional
Example: ["priority","random"]

Customizes expanders used by cluster-autoscaler. The autoscaler will apply each expander from the provided list to narrow down the selection of node types created to scale up, until either a single node type is left, or the list of expanders is exhausted. If this flag is unset, autoscaler will use its default expander random. Passing an empty list (not null) will unset any previous expander customizations.

Available expanders:

  • random: Randomly selects a node group to scale.
  • priority: Selects the node group with the highest priority as per user-provided configuration
  • least_waste: Selects the node group that will result in the least amount of idle resources.
scale_down_unneeded_time string optional
Example: 1m0s

Used to customize how long a node is unneeded before being scaled down.

scale_down_utilization_threshold number optional
Example: 0.65

Used to customize when cluster autoscaler scales down non-empty nodes by setting the node utilization threshold.

cluster_subnet string (cidr) optional
Example: 192.168.0.0/20

The range of IP addresses for the overlay network of the Kubernetes cluster in CIDR notation.

control_plane_firewall object optional Nullable

An object specifying the control plane firewall for the Kubernetes cluster. Control plane firewall is in early availability (invite only).

Show child properties
allowed_addresses array of string optional
Example: ["1.2.3.4/32","1.1.0.0/16"]

An array of public addresses (IPv4 or CIDR) allowed to access the control plane.

enabled boolean optional
Example: true

Indicates whether the control plane firewall is enabled.

created_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was created.

endpoint string optional read-only
Example: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com

The base URL of the API server on the Kubernetes master node.

ha boolean optional
Example: true

A boolean value indicating whether the control plane is run in a highly available configuration in the cluster. Highly available control planes incur less downtime. The property cannot be disabled.

id string (uuid) optional read-only
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to identify and reference a Kubernetes cluster.

ipv4 string optional read-only
Example: 68.183.121.157

The public IPv4 address of the Kubernetes master node. This will not be set if high availability is configured on the cluster (v1.21+)

maintenance_policy object optional Nullable

An object specifying the maintenance window policy for the Kubernetes cluster.

Show child properties
day string (enum) optional
Example: any

The day of the maintenance window policy. May be one of monday through sunday, or any to indicate an arbitrary week day.

duration string optional read-only
Example: 4h0m0s

The duration of the maintenance window policy in human-readable format.

start_time string optional
Example: 12:00

The start time in UTC of the maintenance window policy in 24-hour clock format / HH:MM notation (e.g., 15:00).

name string required
Example: prod-cluster-01

A human-readable name for a Kubernetes cluster.

node_pools array of object required

An object specifying the details of the worker nodes available to the Kubernetes cluster.

Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Additional nested properties not shown. Refer to the full API spec for details.
updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

nvidia_gpu_device_plugin object optional Nullable

An object specifying whether the Nvidia GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an Nvidia GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the Nvidia GPU Device Plugin is enabled.

rdma_shared_dev_plugin object optional Nullable

An object specifying whether the RDMA shared device plugin should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the RDMA shared device plugin is enabled.

region string required
Example: nyc1

The slug identifier for the region where the Kubernetes cluster is located.

registries array of string optional Nullable
Example: ["registry-a","registry-b"]

An array of integrated DOCR registries.

registry_enabled boolean optional read-only
Example: true

A read-only boolean value indicating if a container registry is integrated with the cluster.

routing_agent object optional Nullable

An object specifying whether the routing-agent component should be enabled for the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the routing-agent component is enabled.

service_subnet string (cidr) optional
Example: 192.168.16.0/24

The range of assignable IP addresses for services running in the Kubernetes cluster in CIDR notation.

status object optional read-only

An object containing a state attribute whose value is set to a string indicating the current status of the cluster.

Show child properties
message string optional
Example: provisioning

An optional message providing additional information about the current cluster state.

state string (enum) optional
Example: provisioning

A string indicating the current status of the cluster.

surge_upgrade boolean optional
Example: true

A boolean value indicating whether surge upgrade is enabled/disabled for the cluster. Surge upgrade makes cluster upgrades fast and reliable by bringing up new nodes before destroying the outdated nodes.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","production","web-team"]

An array of tags applied to the Kubernetes cluster. All clusters are automatically tagged k8s and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

updated_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was last updated.

version string required
Example: 1.18.6-do.0

The slug identifier for the version of Kubernetes used for the cluster. If set to a minor version (e.g. "1.14"), the latest version within it will be used (e.g. "1.14.6-do.1"); if set to "latest", the latest published version will be used. See the /v2/kubernetes/options endpoint to find all currently available versions.

vpc_uuid string (uuid) optional
Example: c33931f2-a26a-4e61-b85c-4e95a2ec431b

A string specifying the UUID of the VPC to which the Kubernetes cluster is assigned.

Requires vpc:read scope.

links object optional
Show child properties
pages anyOf optional
One of:
Forward Links
last string optional
Example: https://api.digitalocean.com/v2/images?page=2

URI of the last page of the results.

next string optional
Example: https://api.digitalocean.com/v2/images?page=2

URI of the next page of the results.

Backward Links
first string optional
Example: https://api.digitalocean.com/v2/images?page=1

URI of the first page of the results.

prev string optional
Example: https://api.digitalocean.com/v2/images?page=1

URI of the previous page of the results.

meta object required
401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "kubernetes_clusters": [
    {
      "amd_gpu_device_metrics_exporter_plugin": {
        "enabled": false
      },
      "amd_gpu_device_plugin": {
        "enabled": false
      },
      "auto_upgrade": false,
      "cluster_autoscaler_configuration": {
        "expanders": [
          "priority",
          "random"
        ],
        "scale_down_unneeded_time": "1m",
        "scale_down_utilization_threshold": 0.65
      },
      "cluster_subnet": "10.244.0.0/16",
      "control_plane_firewall": {
        "allowed_addresses": [
          "1.2.3.4/32",
          "1.1.0.0/16"
        ],
        "enabled": true
      },
      "created_at": "2018-11-15T16:00:11Z",
      "endpoint": "https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com",
      "ha": false,
      "id": "bd5f5959-5e1e-4205-a714-a914373942af",
      "ipv4": "68.183.121.157",
      "maintenance_policy": {
        "day": "any",
        "duration": "4h0m0s",
        "start_time": "00:00"
      },
      "name": "prod-cluster-01",
      "node_pools": [
        {
          "auto_scale": false,
          "count": 3,
          "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
          "labels": null,
          "max_nodes": 0,
          "min_nodes": 0,
          "name": "frontend-pool",
          "nodes": [
            {
              "created_at": "2018-11-15T16:00:11Z",
              "droplet_id": "205545370",
              "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
              "name": "adoring-newton-3niq",
              "status": {
                "state": "provisioning"
              },
              "updated_at": "2018-11-15T16:00:11Z"
            },
            {
              "created_at": "2018-11-15T16:00:11Z",
              "droplet_id": "205545371",
              "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
              "name": "adoring-newton-3nim",
              "status": {
                "state": "provisioning"
              },
              "updated_at": "2018-11-15T16:00:11Z"
            },
            {
              "created_at": "2018-11-15T16:00:11Z",
              "droplet_id": "205545372",
              "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
              "name": "adoring-newton-3ni7",
              "status": {
                "state": "provisioning"
              },
              "updated_at": "2018-11-15T16:00:11Z"
            }
          ],
          "size": "s-1vcpu-2gb",
          "tags": [
            "production",
            "web-team",
            "k8s",
            "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
            "k8s:worker"
          ],
          "taints": []
        },
        {
          "auto_scale": true,
          "count": 2,
          "id": "f49f4379-7e7f-4af5-aeb6-0354bd840778",
          "labels": {
            "priority": "high",
            "service": "backend"
          },
          "max_nodes": 5,
          "min_nodes": 2,
          "name": "backend-pool",
          "nodes": [
            {
              "created_at": "2018-11-15T16:00:11Z",
              "droplet_id": "205545373",
              "id": "3385619f-8ec3-42ba-bb23-8d21b8ba7518",
              "name": "affectionate-nightingale-3nif",
              "status": {
                "state": "provisioning"
              },
              "updated_at": "2018-11-15T16:00:11Z"
            },
            {
              "created_at": "2018-11-15T16:00:11Z",
              "droplet_id": "205545374",
              "id": "4b8f60ff-ba06-4523-a6a4-b8148244c7e6",
              "name": "affectionate-nightingale-3niy",
              "status": {
                "state": "provisioning"
              },
              "updated_at": "2018-11-15T16:00:11Z"
            }
          ],
          "size": "g-4vcpu-16gb",
          "tags": [
            "production",
            "web-team",
            "k8s",
            "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
            "k8s:worker"
          ],
          "taints": []
        }
      ],
      "nvidia_gpu_device_plugin": {
        "enabled": false
      },
      "rdma_shared_dev_plugin": {
        "enabled": false
      },
      "region": "nyc1",
      "registries": [
        "registry-a",
        "registry-b"
      ],
      "registry_enabled": false,
      "routing_agent": {
        "enabled": false
      },
      "service_subnet": "10.245.0.0/16",
      "status": {
        "message": "provisioning",
        "state": "provisioning"
      },
      "surge_upgrade": false,
      "tags": [
        "production",
        "web-team",
        "k8s",
        "k8s:bd5f5959-5e1e-4205-a714-a914373942af"
      ],
      "updated_at": "2018-11-15T16:00:11Z",
      "version": "1.18.6-do.0",
      "vpc_uuid": "c33931f2-a26a-4e61-b85c-4e95a2ec431b"
    }
  ],
  "meta": {
    "total": 1
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Create a New Kubernetes Cluster

/v2/kubernetes/clusters
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:create

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To create a new Kubernetes cluster, send a POST request to /v2/kubernetes/clusters. The request must contain at least one node pool with at least one worker.

The request may contain a maintenance window policy describing a time period when disruptive maintenance tasks may be carried out. Omitting the policy implies that a window will be chosen automatically. See here for details.

Request Body: application/json

amd_gpu_device_metrics_exporter_plugin object optional Nullable

An object specifying whether the AMD Device Metrics Exporter should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD Device Metrics Exporter is enabled.

amd_gpu_device_plugin object optional Nullable

An object specifying whether the AMD GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an AMD GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD GPU Device Plugin is enabled.

auto_upgrade boolean optional
Example: true

A boolean value indicating whether the cluster will be automatically upgraded to new patch releases during its maintenance window.

cluster_autoscaler_configuration object optional Nullable

An object specifying custom cluster autoscaler configuration.

Show child properties
expanders array of string, one of: random, priority, least_waste optional
Example: ["priority","random"]

Customizes expanders used by cluster-autoscaler. The autoscaler will apply each expander from the provided list to narrow down the selection of node types created to scale up, until either a single node type is left, or the list of expanders is exhausted. If this flag is unset, autoscaler will use its default expander random. Passing an empty list (not null) will unset any previous expander customizations.

Available expanders:

  • random: Randomly selects a node group to scale.
  • priority: Selects the node group with the highest priority as per user-provided configuration
  • least_waste: Selects the node group that will result in the least amount of idle resources.
scale_down_unneeded_time string optional
Example: 1m0s

Used to customize how long a node is unneeded before being scaled down.

scale_down_utilization_threshold number optional
Example: 0.65

Used to customize when cluster autoscaler scales down non-empty nodes by setting the node utilization threshold.

cluster_subnet string (cidr) optional
Example: 192.168.0.0/20

The range of IP addresses for the overlay network of the Kubernetes cluster in CIDR notation.

control_plane_firewall object optional Nullable

An object specifying the control plane firewall for the Kubernetes cluster. Control plane firewall is in early availability (invite only).

Show child properties
allowed_addresses array of string optional
Example: ["1.2.3.4/32","1.1.0.0/16"]

An array of public addresses (IPv4 or CIDR) allowed to access the control plane.

enabled boolean optional
Example: true

Indicates whether the control plane firewall is enabled.

created_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was created.

endpoint string optional read-only
Example: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com

The base URL of the API server on the Kubernetes master node.

ha boolean optional
Example: true

A boolean value indicating whether the control plane is run in a highly available configuration in the cluster. Highly available control planes incur less downtime. The property cannot be disabled.

id string (uuid) optional read-only
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to identify and reference a Kubernetes cluster.

ipv4 string optional read-only
Example: 68.183.121.157

The public IPv4 address of the Kubernetes master node. This will not be set if high availability is configured on the cluster (v1.21+)

maintenance_policy object optional Nullable

An object specifying the maintenance window policy for the Kubernetes cluster.

Show child properties
day string (enum) optional
Example: any

The day of the maintenance window policy. May be one of monday through sunday, or any to indicate an arbitrary week day.

duration string optional read-only
Example: 4h0m0s

The duration of the maintenance window policy in human-readable format.

start_time string optional
Example: 12:00

The start time in UTC of the maintenance window policy in 24-hour clock format / HH:MM notation (e.g., 15:00).

name string required
Example: prod-cluster-01

A human-readable name for a Kubernetes cluster.

node_pools array of object required

An object specifying the details of the worker nodes available to the Kubernetes cluster.

Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

nvidia_gpu_device_plugin object optional Nullable

An object specifying whether the Nvidia GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an Nvidia GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the Nvidia GPU Device Plugin is enabled.

rdma_shared_dev_plugin object optional Nullable

An object specifying whether the RDMA shared device plugin should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the RDMA shared device plugin is enabled.

region string required
Example: nyc1

The slug identifier for the region where the Kubernetes cluster is located.

registry_enabled boolean optional read-only
Example: true

A read-only boolean value indicating if a container registry is integrated with the cluster.

routing_agent object optional Nullable

An object specifying whether the routing-agent component should be enabled for the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the routing-agent component is enabled.

service_subnet string (cidr) optional
Example: 192.168.16.0/24

The range of assignable IP addresses for services running in the Kubernetes cluster in CIDR notation.

status object optional read-only

An object containing a state attribute whose value is set to a string indicating the current status of the cluster.

Show child properties
message string optional
Example: provisioning

An optional message providing additional information about the current cluster state.

state string (enum) optional
Example: provisioning

A string indicating the current status of the cluster.

surge_upgrade boolean optional
Example: true

A boolean value indicating whether surge upgrade is enabled/disabled for the cluster. Surge upgrade makes cluster upgrades fast and reliable by bringing up new nodes before destroying the outdated nodes.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","production","web-team"]

An array of tags to apply to the Kubernetes cluster. All clusters are automatically tagged k8s and k8s:$K8S_CLUSTER_ID.

Requires tag:read and tag:create scope, as well as tag:delete if existing tags are getting removed.

updated_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was last updated.

version string required
Example: 1.18.6-do.0

The slug identifier for the version of Kubernetes used for the cluster. If set to a minor version (e.g. "1.14"), the latest version within it will be used (e.g. "1.14.6-do.1"); if set to "latest", the latest published version will be used. See the /v2/kubernetes/options endpoint to find all currently available versions.

vpc_uuid string (uuid) optional
Example: c33931f2-a26a-4e61-b85c-4e95a2ec431b

A string specifying the UUID of the VPC to which the Kubernetes cluster is assigned.

Requires vpc:read scope.

Request: /v2/kubernetes/clusters
Content type application/json
Example 
{
  "name": "prod-cluster-01",
  "node_pools": [
    {
      "count": 3,
      "name": "worker-pool",
      "size": "s-1vcpu-2gb"
    }
  ],
  "region": "nyc1",
  "version": "1.18.6-do.0"
}
curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name": "prod-cluster-01","region": "nyc1","version": "1.14.1\
  -do.4","tags": ["production","web-team"],"node_pools": [{"size": "s-1vcpu-2gb","count": 3,"name": "frontend-pool","tags": ["frontend"],"labels": {"service": "frontend", "priority": "high"}},{"size": "c-4","count": 2,"name": "backend-pool"}]}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    createRequest := &godo.KubernetesClusterCreateRequest{
        Name:        "prod-cluster-01",
        RegionSlug:  "nyc1",
        VersionSlug: "1.14.1-do.4",
        Tags:        []string{"production", "web-team"},
        NodePools: []*godo.KubernetesNodePoolCreateRequest{
            &godo.KubernetesNodePoolCreateRequest{
                Name:  "frontend-pool",
                Size:  "s-2vcpu-2gb",
                Count: 3,
                Tags:  []string{"frontend"},
                Labels:  map[string]string{"service": "frontend", "priority": "high"},
            },
            &godo.KubernetesNodePoolCreateRequest{
                Name:  "backend-pool",
                Size:  "c-4",
                Count: 2,
            },
        },
    }

    cluster, _, err := client.Kubernetes.Create(ctx, createRequest)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

cluster = DropletKit::KubernetesCluster.new(
  name: 'prod-cluster-01',
  region: 'nyc1',
  version: '1.14.1-do.4',
  tags: ['production', 'web-team'],
  node_pools: [
    {
      name: 'frontend-pool',
      size: 's-2vcpu-2gb',
      count: 3,
      tags: ['frontend'],
      labels: {service: 'frontend', priority: 'high'}
    },
    {
      name: 'backend-pool',
      size: 'c-4',
      count: 2
    }
  ]
)

client.kubernetes_clusters.create(cluster)
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "name": "prod-cluster-01",
  "region": "nyc1",
  "version": "1.18.6-do.0",
  "node_pools": [
    {
      "size": "s-1vcpu-2gb",
      "count": 3,
      "name": "worker-pool"
    }
  ]
}

resp = client.kubernetes.create_cluster(body=req)

Responses

201

The response will be a JSON object with a key called kubernetes_cluster. The value of this will be an object containing the standard attributes of a Kubernetes cluster.

The IP address and cluster API server endpoint will not be available until the cluster has finished provisioning. The initial value of the cluster's status.state attribute will be provisioning. When the cluster is ready, this will transition to running.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
kubernetes_cluster object optional
Show child properties
amd_gpu_device_metrics_exporter_plugin object optional Nullable

An object specifying whether the AMD Device Metrics Exporter should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD Device Metrics Exporter is enabled.

amd_gpu_device_plugin object optional Nullable

An object specifying whether the AMD GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an AMD GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD GPU Device Plugin is enabled.

auto_upgrade boolean optional
Example: true

A boolean value indicating whether the cluster will be automatically upgraded to new patch releases during its maintenance window.

cluster_autoscaler_configuration object optional Nullable

An object specifying custom cluster autoscaler configuration.

Show child properties
expanders array of string, one of: random, priority, least_waste optional
Example: ["priority","random"]

Customizes expanders used by cluster-autoscaler. The autoscaler will apply each expander from the provided list to narrow down the selection of node types created to scale up, until either a single node type is left, or the list of expanders is exhausted. If this flag is unset, autoscaler will use its default expander random. Passing an empty list (not null) will unset any previous expander customizations.

Available expanders:

  • random: Randomly selects a node group to scale.
  • priority: Selects the node group with the highest priority as per user-provided configuration
  • least_waste: Selects the node group that will result in the least amount of idle resources.
scale_down_unneeded_time string optional
Example: 1m0s

Used to customize how long a node is unneeded before being scaled down.

scale_down_utilization_threshold number optional
Example: 0.65

Used to customize when cluster autoscaler scales down non-empty nodes by setting the node utilization threshold.

cluster_subnet string (cidr) optional
Example: 192.168.0.0/20

The range of IP addresses for the overlay network of the Kubernetes cluster in CIDR notation.

control_plane_firewall object optional Nullable

An object specifying the control plane firewall for the Kubernetes cluster. Control plane firewall is in early availability (invite only).

Show child properties
allowed_addresses array of string optional
Example: ["1.2.3.4/32","1.1.0.0/16"]

An array of public addresses (IPv4 or CIDR) allowed to access the control plane.

enabled boolean optional
Example: true

Indicates whether the control plane firewall is enabled.

created_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was created.

endpoint string optional read-only
Example: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com

The base URL of the API server on the Kubernetes master node.

ha boolean optional
Example: true

A boolean value indicating whether the control plane is run in a highly available configuration in the cluster. Highly available control planes incur less downtime. The property cannot be disabled.

id string (uuid) optional read-only
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to identify and reference a Kubernetes cluster.

ipv4 string optional read-only
Example: 68.183.121.157

The public IPv4 address of the Kubernetes master node. This will not be set if high availability is configured on the cluster (v1.21+)

maintenance_policy object optional Nullable

An object specifying the maintenance window policy for the Kubernetes cluster.

Show child properties
day string (enum) optional
Example: any

The day of the maintenance window policy. May be one of monday through sunday, or any to indicate an arbitrary week day.

duration string optional read-only
Example: 4h0m0s

The duration of the maintenance window policy in human-readable format.

start_time string optional
Example: 12:00

The start time in UTC of the maintenance window policy in 24-hour clock format / HH:MM notation (e.g., 15:00).

name string required
Example: prod-cluster-01

A human-readable name for a Kubernetes cluster.

node_pools array of object required

An object specifying the details of the worker nodes available to the Kubernetes cluster.

Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Additional nested properties not shown. Refer to the full API spec for details.
updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

nvidia_gpu_device_plugin object optional Nullable

An object specifying whether the Nvidia GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an Nvidia GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the Nvidia GPU Device Plugin is enabled.

rdma_shared_dev_plugin object optional Nullable

An object specifying whether the RDMA shared device plugin should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the RDMA shared device plugin is enabled.

region string required
Example: nyc1

The slug identifier for the region where the Kubernetes cluster is located.

registry_enabled boolean optional read-only
Example: true

A read-only boolean value indicating if a container registry is integrated with the cluster.

routing_agent object optional Nullable

An object specifying whether the routing-agent component should be enabled for the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the routing-agent component is enabled.

service_subnet string (cidr) optional
Example: 192.168.16.0/24

The range of assignable IP addresses for services running in the Kubernetes cluster in CIDR notation.

status object optional read-only

An object containing a state attribute whose value is set to a string indicating the current status of the cluster.

Show child properties
message string optional
Example: provisioning

An optional message providing additional information about the current cluster state.

state string (enum) optional
Example: provisioning

A string indicating the current status of the cluster.

surge_upgrade boolean optional
Example: true

A boolean value indicating whether surge upgrade is enabled/disabled for the cluster. Surge upgrade makes cluster upgrades fast and reliable by bringing up new nodes before destroying the outdated nodes.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","production","web-team"]

An array of tags to apply to the Kubernetes cluster. All clusters are automatically tagged k8s and k8s:$K8S_CLUSTER_ID.

Requires tag:read and tag:create scope, as well as tag:delete if existing tags are getting removed.

updated_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was last updated.

version string required
Example: 1.18.6-do.0

The slug identifier for the version of Kubernetes used for the cluster. If set to a minor version (e.g. "1.14"), the latest version within it will be used (e.g. "1.14.6-do.1"); if set to "latest", the latest published version will be used. See the /v2/kubernetes/options endpoint to find all currently available versions.

vpc_uuid string (uuid) optional
Example: c33931f2-a26a-4e61-b85c-4e95a2ec431b

A string specifying the UUID of the VPC to which the Kubernetes cluster is assigned.

Requires vpc:read scope.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
Example 
{
  "kubernetes_cluster": {
    "amd_gpu_device_metrics_exporter_plugin": {
      "enabled": false
    },
    "amd_gpu_device_plugin": {
      "enabled": false
    },
    "auto_upgrade": false,
    "cluster_autoscaler_configuration": {
      "expanders": [
        "priority",
        "random"
      ],
      "scale_down_unneeded_time": "1m",
      "scale_down_utilization_threshold": 0.65
    },
    "cluster_subnet": "10.244.0.0/16",
    "control_plane_firewall": {
      "allowed_addresses": [
        "1.2.3.4/32",
        "1.1.0.0/16"
      ],
      "enabled": true
    },
    "created_at": "2018-11-15T16:00:11Z",
    "endpoint": "",
    "ha": false,
    "id": "bd5f5959-5e1e-4205-a714-a914373942af",
    "ipv4": "",
    "maintenance_policy": {
      "day": "any",
      "duration": "4h0m0s",
      "start_time": "00:00"
    },
    "name": "prod-cluster-01",
    "node_pools": [
      {
        "auto_scale": false,
        "count": 3,
        "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
        "labels": null,
        "max_nodes": 0,
        "min_nodes": 0,
        "name": "worker-pool",
        "nodes": [
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "",
            "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
            "name": "",
            "status": {
              "state": "provisioning"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "",
            "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
            "name": "",
            "status": {
              "state": "provisioning"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "",
            "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
            "name": "",
            "status": {
              "state": "provisioning"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          }
        ],
        "size": "s-1vcpu-2gb",
        "tags": [
          "k8s",
          "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
          "k8s:worker"
        ],
        "taints": []
      }
    ],
    "nvidia_gpu_device_plugin": {
      "enabled": false
    },
    "rdma_shared_dev_plugin": {
      "enabled": false
    },
    "region": "nyc1",
    "registries": [
      "registry-a",
      "registry-b"
    ],
    "registry_enabled": false,
    "routing_agent": {
      "enabled": false
    },
    "service_subnet": "10.245.0.0/16",
    "status": {
      "message": "provisioning",
      "state": "provisioning"
    },
    "surge_upgrade": false,
    "tags": [
      "k8s",
      "k8s:bd5f5959-5e1e-4205-a714-a914373942af"
    ],
    "updated_at": "2018-11-15T16:00:11Z",
    "version": "1.18.6-do.0",
    "vpc_uuid": "c33931f2-a26a-4e61-b85c-4e95a2ec431b"
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Retrieve an Existing Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To show information about an existing Kubernetes cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    cluster, _, err := client.Kubernetes.Get(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_clusters.find(id: 'bd5f5959-5e1e-4205-a714-a914373942af')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_cluster(cluster_id="da8fda8")

Responses

200

The response will be a JSON object with a key called kubernetes_cluster. The value of this will be an object containing the standard attributes of a Kubernetes cluster.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
kubernetes_cluster object optional
Show child properties
amd_gpu_device_metrics_exporter_plugin object optional Nullable

An object specifying whether the AMD Device Metrics Exporter should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD Device Metrics Exporter is enabled.

amd_gpu_device_plugin object optional Nullable

An object specifying whether the AMD GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an AMD GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD GPU Device Plugin is enabled.

auto_upgrade boolean optional
Example: true

A boolean value indicating whether the cluster will be automatically upgraded to new patch releases during its maintenance window.

cluster_autoscaler_configuration object optional Nullable

An object specifying custom cluster autoscaler configuration.

Show child properties
expanders array of string, one of: random, priority, least_waste optional
Example: ["priority","random"]

Customizes expanders used by cluster-autoscaler. The autoscaler will apply each expander from the provided list to narrow down the selection of node types created to scale up, until either a single node type is left, or the list of expanders is exhausted. If this flag is unset, autoscaler will use its default expander random. Passing an empty list (not null) will unset any previous expander customizations.

Available expanders:

  • random: Randomly selects a node group to scale.
  • priority: Selects the node group with the highest priority as per user-provided configuration
  • least_waste: Selects the node group that will result in the least amount of idle resources.
scale_down_unneeded_time string optional
Example: 1m0s

Used to customize how long a node is unneeded before being scaled down.

scale_down_utilization_threshold number optional
Example: 0.65

Used to customize when cluster autoscaler scales down non-empty nodes by setting the node utilization threshold.

cluster_subnet string (cidr) optional
Example: 192.168.0.0/20

The range of IP addresses for the overlay network of the Kubernetes cluster in CIDR notation.

control_plane_firewall object optional Nullable

An object specifying the control plane firewall for the Kubernetes cluster. Control plane firewall is in early availability (invite only).

Show child properties
allowed_addresses array of string optional
Example: ["1.2.3.4/32","1.1.0.0/16"]

An array of public addresses (IPv4 or CIDR) allowed to access the control plane.

enabled boolean optional
Example: true

Indicates whether the control plane firewall is enabled.

created_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was created.

endpoint string optional read-only
Example: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com

The base URL of the API server on the Kubernetes master node.

ha boolean optional
Example: true

A boolean value indicating whether the control plane is run in a highly available configuration in the cluster. Highly available control planes incur less downtime. The property cannot be disabled.

id string (uuid) optional read-only
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to identify and reference a Kubernetes cluster.

ipv4 string optional read-only
Example: 68.183.121.157

The public IPv4 address of the Kubernetes master node. This will not be set if high availability is configured on the cluster (v1.21+)

maintenance_policy object optional Nullable

An object specifying the maintenance window policy for the Kubernetes cluster.

Show child properties
day string (enum) optional
Example: any

The day of the maintenance window policy. May be one of monday through sunday, or any to indicate an arbitrary week day.

duration string optional read-only
Example: 4h0m0s

The duration of the maintenance window policy in human-readable format.

start_time string optional
Example: 12:00

The start time in UTC of the maintenance window policy in 24-hour clock format / HH:MM notation (e.g., 15:00).

name string required
Example: prod-cluster-01

A human-readable name for a Kubernetes cluster.

node_pools array of object required

An object specifying the details of the worker nodes available to the Kubernetes cluster.

Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Additional nested properties not shown. Refer to the full API spec for details.
updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

nvidia_gpu_device_plugin object optional Nullable

An object specifying whether the Nvidia GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an Nvidia GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the Nvidia GPU Device Plugin is enabled.

rdma_shared_dev_plugin object optional Nullable

An object specifying whether the RDMA shared device plugin should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the RDMA shared device plugin is enabled.

region string required
Example: nyc1

The slug identifier for the region where the Kubernetes cluster is located.

registries array of string optional Nullable
Example: ["registry-a","registry-b"]

An array of integrated DOCR registries.

registry_enabled boolean optional read-only
Example: true

A read-only boolean value indicating if a container registry is integrated with the cluster.

routing_agent object optional Nullable

An object specifying whether the routing-agent component should be enabled for the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the routing-agent component is enabled.

service_subnet string (cidr) optional
Example: 192.168.16.0/24

The range of assignable IP addresses for services running in the Kubernetes cluster in CIDR notation.

status object optional read-only

An object containing a state attribute whose value is set to a string indicating the current status of the cluster.

Show child properties
message string optional
Example: provisioning

An optional message providing additional information about the current cluster state.

state string (enum) optional
Example: provisioning

A string indicating the current status of the cluster.

surge_upgrade boolean optional
Example: true

A boolean value indicating whether surge upgrade is enabled/disabled for the cluster. Surge upgrade makes cluster upgrades fast and reliable by bringing up new nodes before destroying the outdated nodes.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","production","web-team"]

An array of tags applied to the Kubernetes cluster. All clusters are automatically tagged k8s and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

updated_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was last updated.

version string required
Example: 1.18.6-do.0

The slug identifier for the version of Kubernetes used for the cluster. If set to a minor version (e.g. "1.14"), the latest version within it will be used (e.g. "1.14.6-do.1"); if set to "latest", the latest published version will be used. See the /v2/kubernetes/options endpoint to find all currently available versions.

vpc_uuid string (uuid) optional
Example: c33931f2-a26a-4e61-b85c-4e95a2ec431b

A string specifying the UUID of the VPC to which the Kubernetes cluster is assigned.

Requires vpc:read scope.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "kubernetes_cluster": {
    "amd_gpu_device_metrics_exporter_plugin": {
      "enabled": false
    },
    "amd_gpu_device_plugin": {
      "enabled": false
    },
    "auto_upgrade": false,
    "cluster_autoscaler_configuration": {
      "expanders": [
        "priority",
        "random"
      ],
      "scale_down_unneeded_time": "1m",
      "scale_down_utilization_threshold": 0.65
    },
    "cluster_subnet": "10.244.0.0/16",
    "control_plane_firewall": {
      "allowed_addresses": [
        "1.2.3.4/32",
        "1.1.0.0/16"
      ],
      "enabled": true
    },
    "created_at": "2018-11-15T16:00:11Z",
    "endpoint": "https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com",
    "ha": false,
    "id": "bd5f5959-5e1e-4205-a714-a914373942af",
    "ipv4": "68.183.121.157",
    "maintenance_policy": {
      "day": "any",
      "duration": "4h0m0s",
      "start_time": "00:00"
    },
    "name": "prod-cluster-01",
    "node_pools": [
      {
        "auto_scale": false,
        "count": 3,
        "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
        "labels": null,
        "max_nodes": 0,
        "min_nodes": 0,
        "name": "frontend-pool",
        "nodes": [
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545370",
            "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
            "name": "adoring-newton-3niq",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545371",
            "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
            "name": "adoring-newton-3nim",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545372",
            "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
            "name": "adoring-newton-3ni7",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          }
        ],
        "size": "s-1vcpu-2gb",
        "tags": [
          "production",
          "web-team",
          "k8s",
          "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
          "k8s:worker"
        ],
        "taints": []
      },
      {
        "auto_scale": true,
        "count": 2,
        "id": "f49f4379-7e7f-4af5-aeb6-0354bd840778",
        "labels": {
          "priority": "high",
          "service": "backend"
        },
        "max_nodes": 5,
        "min_nodes": 2,
        "name": "backend-pool",
        "nodes": [
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545373",
            "id": "3385619f-8ec3-42ba-bb23-8d21b8ba7518",
            "name": "affectionate-nightingale-3nif",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545374",
            "id": "4b8f60ff-ba06-4523-a6a4-b8148244c7e6",
            "name": "affectionate-nightingale-3niy",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          }
        ],
        "size": "g-4vcpu-16gb",
        "tags": [
          "production",
          "web-team",
          "k8s",
          "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
          "k8s:worker"
        ],
        "taints": []
      }
    ],
    "nvidia_gpu_device_plugin": {
      "enabled": false
    },
    "rdma_shared_dev_plugin": {
      "enabled": false
    },
    "region": "nyc1",
    "registries": [
      "registry-a",
      "registry-b"
    ],
    "registry_enabled": false,
    "routing_agent": {
      "enabled": false
    },
    "service_subnet": "10.245.0.0/16",
    "status": {
      "state": "running"
    },
    "surge_upgrade": false,
    "tags": [
      "production",
      "web-team",
      "k8s",
      "k8s:bd5f5959-5e1e-4205-a714-a914373942af"
    ],
    "updated_at": "2018-11-15T16:00:11Z",
    "version": "1.18.6-do.0",
    "vpc_uuid": "c33931f2-a26a-4e61-b85c-4e95a2ec431b"
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

PUT Update a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To update a Kubernetes cluster, send a PUT request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID and specify one or more of the attributes below.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request Body: application/json

amd_gpu_device_metrics_exporter_plugin object optional Nullable

An object specifying whether the AMD Device Metrics Exporter should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD Device Metrics Exporter is enabled.

amd_gpu_device_plugin object optional Nullable

An object specifying whether the AMD GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an AMD GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD GPU Device Plugin is enabled.

auto_upgrade boolean optional
Example: true

A boolean value indicating whether the cluster will be automatically upgraded to new patch releases during its maintenance window.

cluster_autoscaler_configuration object optional Nullable

An object specifying custom cluster autoscaler configuration.

Show child properties
expanders array of string, one of: random, priority, least_waste optional
Example: ["priority","random"]

Customizes expanders used by cluster-autoscaler. The autoscaler will apply each expander from the provided list to narrow down the selection of node types created to scale up, until either a single node type is left, or the list of expanders is exhausted. If this flag is unset, autoscaler will use its default expander random. Passing an empty list (not null) will unset any previous expander customizations.

Available expanders:

  • random: Randomly selects a node group to scale.
  • priority: Selects the node group with the highest priority as per user-provided configuration
  • least_waste: Selects the node group that will result in the least amount of idle resources.
scale_down_unneeded_time string optional
Example: 1m0s

Used to customize how long a node is unneeded before being scaled down.

scale_down_utilization_threshold number optional
Example: 0.65

Used to customize when cluster autoscaler scales down non-empty nodes by setting the node utilization threshold.

control_plane_firewall object optional Nullable

An object specifying the control plane firewall for the Kubernetes cluster. Control plane firewall is in early availability (invite only).

Show child properties
allowed_addresses array of string optional
Example: ["1.2.3.4/32","1.1.0.0/16"]

An array of public addresses (IPv4 or CIDR) allowed to access the control plane.

enabled boolean optional
Example: true

Indicates whether the control plane firewall is enabled.

ha boolean optional
Example: true

A boolean value indicating whether the control plane is run in a highly available configuration in the cluster. Highly available control planes incur less downtime. The property cannot be disabled.

maintenance_policy object optional Nullable

An object specifying the maintenance window policy for the Kubernetes cluster.

Show child properties
day string (enum) optional
Example: any

The day of the maintenance window policy. May be one of monday through sunday, or any to indicate an arbitrary week day.

duration string optional read-only
Example: 4h0m0s

The duration of the maintenance window policy in human-readable format.

start_time string optional
Example: 12:00

The start time in UTC of the maintenance window policy in 24-hour clock format / HH:MM notation (e.g., 15:00).

name string required
Example: prod-cluster-01

A human-readable name for a Kubernetes cluster.

nvidia_gpu_device_plugin object optional Nullable

An object specifying whether the Nvidia GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an Nvidia GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the Nvidia GPU Device Plugin is enabled.

rdma_shared_dev_plugin object optional Nullable

An object specifying whether the RDMA shared device plugin should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the RDMA shared device plugin is enabled.

routing_agent object optional Nullable

An object specifying whether the routing-agent component should be enabled for the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the routing-agent component is enabled.

surge_upgrade boolean optional
Example: true

A boolean value indicating whether surge upgrade is enabled/disabled for the cluster. Surge upgrade makes cluster upgrades fast and reliable by bringing up new nodes before destroying the outdated nodes.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","production","web-team"]

An array of tags applied to the Kubernetes cluster. All clusters are automatically tagged k8s and k8s:$K8S_CLUSTER_ID.

Request: /v2/kubernetes/clusters/{cluster_id}
Content type application/json 
{
  "amd_gpu_device_metrics_exporter_plugin": {
    "enabled": true
  },
  "amd_gpu_device_plugin": {
    "enabled": true
  },
  "auto_upgrade": true,
  "cluster_autoscaler_configuration": {
    "expanders": [
      "priority",
      "random"
    ],
    "scale_down_unneeded_time": "1m0s",
    "scale_down_utilization_threshold": 0.65
  },
  "control_plane_firewall": {
    "allowed_addresses": [
      "1.2.3.4/32",
      "1.1.0.0/16"
    ],
    "enabled": true
  },
  "ha": true,
  "maintenance_policy": {
    "day": "any",
    "start_time": "12:00"
  },
  "name": "prod-cluster-01",
  "nvidia_gpu_device_plugin": {
    "enabled": true
  },
  "rdma_shared_dev_plugin": {
    "enabled": true
  },
  "routing_agent": {
    "enabled": true
  },
  "surge_upgrade": true,
  "tags": [
    "k8s",
    "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
    "production",
    "web-team"
  ]
}
curl -X PUT \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name": "stage-cluster-01", "tags":["staging", "web-team"]}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    updateRequest := &godo.KubernetesClusterUpdateRequest{
        Name: "stage-cluster-01",
        Tags: []string{"staging", "web-team"},
    }

    cluster, _, err := client.Kubernetes.Update(ctx, "bd5f5959-5e1e-4205-a714-a914373942af", updateRequest)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

cluster = DropletKit::KubernetesCluster.new(
  name: 'foo',
  tags: ['staging', 'web-team']
)

client.kubernetes_clusters.update(cluster, id: 'bd5f5959-5e1e-4205-a714-a914373942af')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "name": "prod-cluster-01",
  "tags": [
    "k8s",
    "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
    "production",
    "web-team"
  ],
  "maintenance_policy": {
    "start_time": "12:00",
    "day": "any"
  },
  "auto_upgrade": True,
  "surge_upgrade": True,
  "ha": True
}

resp = client.kubernetes.update_cluster(cluster_id="1fd32a", body=req)

Responses

202

The response will be a JSON object with a key called kubernetes_cluster. The value of this will be an object containing the standard attributes of a Kubernetes cluster.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
kubernetes_cluster object optional
Show child properties
amd_gpu_device_metrics_exporter_plugin object optional Nullable

An object specifying whether the AMD Device Metrics Exporter should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD Device Metrics Exporter is enabled.

amd_gpu_device_plugin object optional Nullable

An object specifying whether the AMD GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an AMD GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the AMD GPU Device Plugin is enabled.

auto_upgrade boolean optional
Example: true

A boolean value indicating whether the cluster will be automatically upgraded to new patch releases during its maintenance window.

cluster_autoscaler_configuration object optional Nullable

An object specifying custom cluster autoscaler configuration.

Show child properties
expanders array of string, one of: random, priority, least_waste optional
Example: ["priority","random"]

Customizes expanders used by cluster-autoscaler. The autoscaler will apply each expander from the provided list to narrow down the selection of node types created to scale up, until either a single node type is left, or the list of expanders is exhausted. If this flag is unset, autoscaler will use its default expander random. Passing an empty list (not null) will unset any previous expander customizations.

Available expanders:

  • random: Randomly selects a node group to scale.
  • priority: Selects the node group with the highest priority as per user-provided configuration
  • least_waste: Selects the node group that will result in the least amount of idle resources.
scale_down_unneeded_time string optional
Example: 1m0s

Used to customize how long a node is unneeded before being scaled down.

scale_down_utilization_threshold number optional
Example: 0.65

Used to customize when cluster autoscaler scales down non-empty nodes by setting the node utilization threshold.

cluster_subnet string (cidr) optional
Example: 192.168.0.0/20

The range of IP addresses for the overlay network of the Kubernetes cluster in CIDR notation.

control_plane_firewall object optional Nullable

An object specifying the control plane firewall for the Kubernetes cluster. Control plane firewall is in early availability (invite only).

Show child properties
allowed_addresses array of string optional
Example: ["1.2.3.4/32","1.1.0.0/16"]

An array of public addresses (IPv4 or CIDR) allowed to access the control plane.

enabled boolean optional
Example: true

Indicates whether the control plane firewall is enabled.

created_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was created.

endpoint string optional read-only
Example: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com

The base URL of the API server on the Kubernetes master node.

ha boolean optional
Example: true

A boolean value indicating whether the control plane is run in a highly available configuration in the cluster. Highly available control planes incur less downtime. The property cannot be disabled.

id string (uuid) optional read-only
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to identify and reference a Kubernetes cluster.

ipv4 string optional read-only
Example: 68.183.121.157

The public IPv4 address of the Kubernetes master node. This will not be set if high availability is configured on the cluster (v1.21+)

maintenance_policy object optional Nullable

An object specifying the maintenance window policy for the Kubernetes cluster.

Show child properties
day string (enum) optional
Example: any

The day of the maintenance window policy. May be one of monday through sunday, or any to indicate an arbitrary week day.

duration string optional read-only
Example: 4h0m0s

The duration of the maintenance window policy in human-readable format.

start_time string optional
Example: 12:00

The start time in UTC of the maintenance window policy in 24-hour clock format / HH:MM notation (e.g., 15:00).

name string required
Example: prod-cluster-01

A human-readable name for a Kubernetes cluster.

node_pools array of object required

An object specifying the details of the worker nodes available to the Kubernetes cluster.

Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Additional nested properties not shown. Refer to the full API spec for details.
updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

nvidia_gpu_device_plugin object optional Nullable

An object specifying whether the Nvidia GPU Device Plugin should be enabled in the Kubernetes cluster. It's enabled by default for clusters with an Nvidia GPU node pool.

Show child properties
enabled boolean optional
Example: true

Indicates whether the Nvidia GPU Device Plugin is enabled.

rdma_shared_dev_plugin object optional Nullable

An object specifying whether the RDMA shared device plugin should be enabled in the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the RDMA shared device plugin is enabled.

region string required
Example: nyc1

The slug identifier for the region where the Kubernetes cluster is located.

registry_enabled boolean optional read-only
Example: true

A read-only boolean value indicating if a container registry is integrated with the cluster.

routing_agent object optional Nullable

An object specifying whether the routing-agent component should be enabled for the Kubernetes cluster.

Show child properties
enabled boolean optional
Example: true

Indicates whether the routing-agent component is enabled.

service_subnet string (cidr) optional
Example: 192.168.16.0/24

The range of assignable IP addresses for services running in the Kubernetes cluster in CIDR notation.

status object optional read-only

An object containing a state attribute whose value is set to a string indicating the current status of the cluster.

Show child properties
message string optional
Example: provisioning

An optional message providing additional information about the current cluster state.

state string (enum) optional
Example: provisioning

A string indicating the current status of the cluster.

surge_upgrade boolean optional
Example: true

A boolean value indicating whether surge upgrade is enabled/disabled for the cluster. Surge upgrade makes cluster upgrades fast and reliable by bringing up new nodes before destroying the outdated nodes.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","production","web-team"]

An array of tags to apply to the Kubernetes cluster. All clusters are automatically tagged k8s and k8s:$K8S_CLUSTER_ID.

Requires tag:read and tag:create scope, as well as tag:delete if existing tags are getting removed.

updated_at string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the Kubernetes cluster was last updated.

version string required
Example: 1.18.6-do.0

The slug identifier for the version of Kubernetes used for the cluster. If set to a minor version (e.g. "1.14"), the latest version within it will be used (e.g. "1.14.6-do.1"); if set to "latest", the latest published version will be used. See the /v2/kubernetes/options endpoint to find all currently available versions.

vpc_uuid string (uuid) optional
Example: c33931f2-a26a-4e61-b85c-4e95a2ec431b

A string specifying the UUID of the VPC to which the Kubernetes cluster is assigned.

Requires vpc:read scope.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "kubernetes_cluster": {
    "amd_gpu_device_metrics_exporter_plugin": {
      "enabled": false
    },
    "amd_gpu_device_plugin": {
      "enabled": false
    },
    "auto_upgrade": true,
    "cluster_autoscaler_configuration": {
      "expanders": [
        "priority",
        "random"
      ],
      "scale_down_unneeded_time": "1m",
      "scale_down_utilization_threshold": 0.65
    },
    "cluster_subnet": "10.244.0.0/16",
    "control_plane_firewall": {
      "allowed_addresses": [
        "1.2.3.4/32",
        "1.1.0.0/16"
      ],
      "enabled": true
    },
    "created_at": "2018-11-15T16:00:11Z",
    "endpoint": "https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com",
    "ha": false,
    "id": "bd5f5959-5e1e-4205-a714-a914373942af",
    "ipv4": "68.183.121.157",
    "maintenance_policy": {
      "day": "any",
      "duration": "4h0m0s",
      "start_time": "00:00"
    },
    "name": "prod-cluster-01",
    "node_pools": [
      {
        "auto_scale": false,
        "count": 3,
        "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
        "labels": null,
        "max_nodes": 0,
        "min_nodes": 0,
        "name": "frontend-pool",
        "nodes": [
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545370",
            "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
            "name": "adoring-newton-3niq",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545371",
            "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
            "name": "adoring-newton-3nim",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545372",
            "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
            "name": "adoring-newton-3ni7",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          }
        ],
        "size": "s-1vcpu-2gb",
        "tags": [
          "production",
          "web-team",
          "k8s",
          "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
          "k8s:worker"
        ],
        "taints": []
      },
      {
        "auto_scale": true,
        "count": 2,
        "id": "f49f4379-7e7f-4af5-aeb6-0354bd840778",
        "labels": {
          "priority": "high",
          "service": "backend"
        },
        "max_nodes": 5,
        "min_nodes": 2,
        "name": "backend-pool",
        "nodes": [
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545373",
            "id": "3385619f-8ec3-42ba-bb23-8d21b8ba7518",
            "name": "affectionate-nightingale-3nif",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          },
          {
            "created_at": "2018-11-15T16:00:11Z",
            "droplet_id": "205545374",
            "id": "4b8f60ff-ba06-4523-a6a4-b8148244c7e6",
            "name": "affectionate-nightingale-3niy",
            "status": {
              "state": "running"
            },
            "updated_at": "2018-11-15T16:00:11Z"
          }
        ],
        "size": "g-4vcpu-16gb",
        "tags": [
          "production",
          "web-team",
          "k8s",
          "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
          "k8s:worker"
        ],
        "taints": []
      }
    ],
    "nvidia_gpu_device_plugin": {
      "enabled": false
    },
    "rdma_shared_dev_plugin": {
      "enabled": false
    },
    "region": "nyc1",
    "registries": [
      "registry-a",
      "registry-b"
    ],
    "registry_enabled": false,
    "routing_agent": {
      "enabled": false
    },
    "service_subnet": "10.245.0.0/16",
    "status": {
      "state": "running"
    },
    "surge_upgrade": true,
    "tags": [
      "production",
      "web-team",
      "k8s",
      "k8s:bd5f5959-5e1e-4205-a714-a914373942af"
    ],
    "updated_at": "2018-11-15T16:00:11Z",
    "version": "1.18.6-do.0",
    "vpc_uuid": "c33931f2-a26a-4e61-b85c-4e95a2ec431b"
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Delete a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:delete

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To delete a Kubernetes cluster and all services deployed to it, send a DELETE request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID.

A 204 status code with no body will be returned in response to a successful request.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Kubernetes.Delete(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_clusters.delete(id: 'bd5f5959-5e1e-4205-a714-a914373942af')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.delete_cluster(cluster_id="da8fda8")

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Fetch Clusterlint Diagnostics for a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/clusterlint
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To request clusterlint diagnostics for your cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/clusterlint. If the run_id query parameter is provided, then the diagnostics for the specific run is fetched. By default, the latest results are shown.

To find out how to address clusterlint feedback, please refer to the clusterlint check documentation.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Query Parameters

run_id string (uuid) optional
Example: 50c2f44c-011d-493e-aee5-361a4a0d1844

Specifies the clusterlint run whose results will be retrieved.

Request: /v2/kubernetes/clusters/{cluster_id}/clusterlint
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/clusterlint"
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_cluster_lint_results(cluster_id="da8fda8")

Responses

200

The response is a JSON object which contains the diagnostics on Kubernetes objects in the cluster. Each diagnostic will contain some metadata information about the object and feedback for users to act upon.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
completed_at string (date-time) optional
Example: 2019-10-30T05:34:11Z

A time value given in ISO8601 combined date and time format that represents when the schedule clusterlint run request was completed.

diagnostics array of object optional

An array of diagnostics reporting potential problems for the given cluster.

Show child properties
check_name string optional
Example: unused-config-map

The clusterlint check that resulted in the diagnostic.

message string optional
Example: Unused config map

Feedback about the object for users to fix.

object object optional

Metadata about the Kubernetes API object the diagnostic is reported on.

Show child properties
kind string optional
Example: config map

The kind of Kubernetes API object

name string optional
Example: foo

Name of the object

namespace string optional
Example: kube-system

The namespace the object resides in the cluster.

severity string optional
Example: warning

Can be one of error, warning or suggestion.

requested_at string (date-time) optional
Example: 2019-10-30T05:34:07Z

A time value given in ISO8601 combined date and time format that represents when the schedule clusterlint run request was made.

run_id string optional
Example: 50c2f44c-011d-493e-aee5-361a4a0d1844

Id of the clusterlint run that can be used later to fetch the diagnostics.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "completed_at": "2019-10-30T05:34:11Z",
  "diagnostics": [
    {
      "check_name": "unused-config-map",
      "message": "Unused config map",
      "severity": "warning"
    }
  ],
  "requested_at": "2019-10-30T05:34:07Z",
  "run_id": "50c2f44c-011d-493e-aee5-361a4a0d1844"
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Run Clusterlint Checks on a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/clusterlint
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

Clusterlint helps operators conform to Kubernetes best practices around resources, security and reliability to avoid common problems while operating or upgrading the clusters.

To request a clusterlint run on your cluster, send a POST request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/clusterlint. This will run all checks present in the doks group by default, if a request body is not specified. Optionally specify the below attributes.

For information about the available checks, please refer to the clusterlint check documentation.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request Body: application/json

exclude_checks array of string optional
Example: ["default-namespace"]

An array of checks that will be run when clusterlint executes checks.

exclude_groups array of string optional
Example: ["workload-health"]

An array of check groups that will be omitted when clusterlint executes checks.

include_checks array of string optional
Example: ["bare-pods","resource-requirements"]

An array of checks that will be run when clusterlint executes checks.

include_groups array of string optional
Example: ["basic","doks","security"]

An array of check groups that will be run when clusterlint executes checks.

Request: /v2/kubernetes/clusters/{cluster_id}/clusterlint
Content type application/json 
{
  "exclude_checks": [
    "default-namespace"
  ],
  "exclude_groups": [
    "workload-health"
  ],
  "include_checks": [
    "bare-pods",
    "resource-requirements"
  ],
  "include_groups": [
    "basic",
    "doks",
    "security"
  ]
}
curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"include_groups": ["basic"], "include_checks": ["bare-pods"]}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/clusterlint"
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "include_groups": [
    "basic",
    "doks",
    "security"
  ],
  "include_checks": [
    "bare-pods",
    "resource-requirements"
  ],
  "exclude_groups": [
    "workload-health"
  ],
  "exclude_checks": [
    "default-namespace"
  ]
}

resp = client.kubernetes.run_cluster_lint(cluster_id="1fd32a", body=req)

Responses

202

The response is a JSON object with a key called run_id that you can later use to fetch the run results.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
run_id string optional
Example: 50c2f44c-011d-493e-aee5-361a4a0d1844

ID of the clusterlint run that can be used later to fetch the diagnostics.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "run_id": "50c2f44c-011d-493e-aee5-361a4a0d1844"
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Retrieve Credentials for a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/credentials
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:access_cluster

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

This endpoint returns a JSON object . It can be used to programmatically construct Kubernetes clients which cannot parse kubeconfig files.

The resulting JSON object contains token-based authentication for clusters supporting it, and certificate-based authentication otherwise. For a list of supported versions and more information, see "How to Connect to a DigitalOcean Kubernetes Cluster".

To retrieve credentials for accessing a Kubernetes cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/credentials.

Clusters supporting token-based authentication may define an expiration by passing a duration in seconds as a query parameter to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/credentials?expiry_seconds=$DURATION_IN_SECONDS. If not set or 0, then the token will have a 7 day expiry. The query parameter has no impact in certificate-based authentication.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Query Parameters

expiry_seconds integer >= 0 optional
Example: 300

The duration in seconds that the returned Kubernetes credentials will be valid. If not set or 0, the credentials will have a 7 day expiry.

Default: 0
Request: /v2/kubernetes/clusters/{cluster_id}/credentials
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/credentials"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    credentials, _, err := client.Kubernetes.GetCredentials(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_clusters.credentials(id: 'bd5f5959-5e1e-4205-a714-a914373942af')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_credentials(cluster_id="da8fda8")

Responses

200

A JSON object containing credentials for a cluster.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
certificate_authority_data string (byte) optional

A base64 encoding of bytes representing the certificate authority data for accessing the cluster.

client_certificate_data string (byte) optional Deprecated Nullable

A base64 encoding of bytes representing the x509 client certificate data for access the cluster. This is only returned for clusters without support for token-based authentication.

Newly created Kubernetes clusters do not return credentials using certificate-based authentication. For additional information, see here.

client_key_data string (byte) optional Deprecated Nullable

A base64 encoding of bytes representing the x509 client key data for access the cluster. This is only returned for clusters without support for token-based authentication.

Newly created Kubernetes clusters do not return credentials using certificate-based authentication. For additional information, see here.

expires_at string (date-time) optional
Example: 2019-11-09T11:50:28.889080521Z

A time value given in ISO8601 combined date and time format that represents when the access token expires.

server string (uri) optional
Example: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com

The URL used to access the cluster API server.

token string optional
Example: $DIGITALOCEAN_TOKEN

An access token used to authenticate with the cluster. This is only returned for clusters with support for token-based authentication.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "certificate_authority_data": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURKekNDQWcrZ0F3SUJBZ0lDQm5Vd0RRWUpLb1pJaHZjTkFRRUxCUUF3TXpFVk1CTUdBMVVFQ2hNTVJHbG4KYVhSaGJFOWpaV0Z1TVJvd0dBWURWUVFERXhGck9ITmhZWE1nUTJ4MWMzUmxjaUJEUVRBZUZ3MHlNREE0TURNeApOVEkxTWpoYUZ3MDBNREE0TURNeE5USTFNamhhTURNeEZUQVRCZ05WQkFvVERFUnBaMmwwWVd4UFkyVmhiakVhCk1CZ0dBMVVFQXhNUmF6aHpZV0Z6SUVOc2RYTjBaWElnUTBFd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUIKRHdBd2dnRUtBb0lCQVFDc21oa2JrSEpUcGhZQlN0R05VVE1ORVZTd2N3bmRtajArelQvcUZaNGsrOVNxUnYrSgpBd0lCaGpBU0JnTlZIUk1CQWY4RUNEQUdBUUgvQWdFQU1CMEdBMVVkRGdRV0JCUlRzazhhZ1hCUnFyZXdlTXJxClhwa3E1NXg5dVRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQXB6V2F6bXNqYWxXTEx3ZjVpbWdDblNINDlKcGkKYWkvbzFMdEJvVEpleGdqZzE1ZVppaG5BMUJMc0lWNE9BZGM3UEFsL040L0hlbENrTDVxandjamRnNVdaYnMzYwozcFVUQ0g5bVVwMFg1SVdhT1VKV292Q1hGUlM1R2VKYXlkSDVPUXhqTURzR2N2UlNvZGQrVnQ2MXE3aWdFZ2I1CjBOZ1l5RnRnc2p0MHpJN3hURzZFNnlsOVYvUmFoS3lIQks2eExlM1RnUGU4SXhWa2RwT3QzR0FhSDRaK0pLR3gKYisyMVZia1NnRE1QQTlyR0VKNVZwVXlBV0FEVXZDRVFHV0hmNGpQN2ZGZlc3T050S0JWY3h3YWFjcVBVdUhzWApwRG5DZVR3V1NuUVp6L05xNmQxWUtsMFdtbkwzTEowemJzRVFGbEQ4MkkwL09MY2dZSDVxMklOZHhBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
  "client_certificate_data": "string",
  "client_key_data": "string",
  "expires_at": "2019-11-09T11:50:28.889080521Z",
  "server": "https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com",
  "token": "$DIGITALOCEAN_TOKEN"
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET List Associated Resources for Cluster Deletion

/v2/kubernetes/clusters/{cluster_id}/destroy_with_associated_resources
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To list the associated billable resources that can be destroyed along with a cluster, send a GET request to the /v2/kubernetes/clusters/$K8S_CLUSTER_ID/destroy_with_associated_resources endpoint.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}/destroy_with_associated_resources
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/destroy_with_associated_resources"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Kubernetes.ListAssociatedResourcesForDeletion(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")

}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.list_associated_resources(cluster_id="da8fda8")

Responses

200

The response will be a JSON object containing load_balancers, volumes, and volume_snapshots keys. Each will be set to an array of objects containing the standard attributes for associated resources.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
load_balancers array of object optional
Example: [{"id":"4de7ac8b-495b-4884-9a69-1050c6793cd6","name":"lb-001"}]

A list of names and IDs for associated load balancers that can be destroyed along with the cluster.

Show child properties
id string optional
Example: edb0478d-7436-11ea-86e6-0a58ac144b91

The ID of a resource associated with a Kubernetes cluster.

name string optional
Example: volume-001

The name of a resource associated with a Kubernetes cluster.

volume_snapshots array of object optional
Example: [{"id":"edb0478d-7436-11ea-86e6-0a58ac144b91","name":"snapshot-001"}]

A list of names and IDs for associated volume snapshots that can be destroyed along with the cluster.

Show child properties
id string optional
Example: edb0478d-7436-11ea-86e6-0a58ac144b91

The ID of a resource associated with a Kubernetes cluster.

name string optional
Example: volume-001

The name of a resource associated with a Kubernetes cluster.

volumes array of object optional
Example: [{"id":"ba49449a-7435-11ea-b89e-0a58ac14480f","name":"volume-001"}]

A list of names and IDs for associated volumes that can be destroyed along with the cluster.

Show child properties
id string optional
Example: edb0478d-7436-11ea-86e6-0a58ac144b91

The ID of a resource associated with a Kubernetes cluster.

name string optional
Example: volume-001

The name of a resource associated with a Kubernetes cluster.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "load_balancers": [
    {
      "id": "4de7ac8b-495b-4884-9a69-1050c6793cd6",
      "name": "lb-001"
    }
  ],
  "volume_snapshots": [
    {
      "id": "edb0478d-7436-11ea-86e6-0a58ac144b91",
      "name": "snapshot-001"
    }
  ],
  "volumes": [
    {
      "id": "ba49449a-7435-11ea-b89e-0a58ac14480f",
      "name": "volume-001"
    }
  ]
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Delete a Cluster and All of its Associated Resources (Dangerous)

/v2/kubernetes/clusters/{cluster_id}/destroy_with_associated_resources/dangerous
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:delete

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To delete a Kubernetes cluster with all of its associated resources, send a DELETE request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/destroy_with_associated_resources/dangerous. A 204 status code with no body will be returned in response to a successful request.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}/destroy_with_associated_resources/dangerous
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/destroy_with_associated_resources/dangerous"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Kubernetes.DeleteDangerous(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.destroy_associated_resources_dangerous(cluster_id="da8fda8")

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Selectively Delete a Cluster and its Associated Resources

/v2/kubernetes/clusters/{cluster_id}/destroy_with_associated_resources/selective
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:delete

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To delete a Kubernetes cluster along with a subset of its associated resources, send a DELETE request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/destroy_with_associated_resources/selective.

The JSON body of the request should include load_balancers, volumes, or volume_snapshots keys each set to an array of IDs for the associated resources to be destroyed.

The IDs can be found by querying the cluster's associated resources endpoint. Any associated resource not included in the request will remain and continue to accrue changes on your account.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request Body: application/json

load_balancers array of string optional
Example: ["4de7ac8b-495b-4884-9a69-1050c6793cd6"]

A list of IDs for associated load balancers to destroy along with the cluster.

volume_snapshots array of string optional
Example: ["edb0478d-7436-11ea-86e6-0a58ac144b91"]

A list of IDs for associated volume snapshots to destroy along with the cluster.

volumes array of string optional
Example: ["ba49449a-7435-11ea-b89e-0a58ac14480f"]

A list of IDs for associated volumes to destroy along with the cluster.

Request: /v2/kubernetes/clusters/{cluster_id}/destroy_with_associated_resources/selective
Content type application/json 
{
  "load_balancers": [
    "4de7ac8b-495b-4884-9a69-1050c6793cd6"
  ],
  "volume_snapshots": [
    "edb0478d-7436-11ea-86e6-0a58ac144b91"
  ],
  "volumes": [
    "ba49449a-7435-11ea-b89e-0a58ac14480f"
  ]
}
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"load_balancers": ["4de7ac8b-495b-4884-9a69-1050c6793cd6"],"volumes": ["ba49449a-7435-11ea-b89e-0a58ac14480f"],"volume_snapshots": ["edb0478d-7436-11ea-86e6-0a58ac144b91"]}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/destroy_with_associated_resources/selective"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    deleteReq := &godo.KubernetesClusterDeleteSelectiveRequest{Volumes: []string{"ba49449a-7435-11ea-b89e-0a58ac14480f"}}, _, err := client.Kubernetes.DeleteSelective(ctx, "bd5f5959-5e1e-4205-a714-a914373942af", deleteReq)
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "load_balancers": [
    "4de7ac8b-495b-4884-9a69-1050c6793cd6"
  ],
  "volumes": [
    "ba49449a-7435-11ea-b89e-0a58ac14480f"
  ],
  "volume_snapshots": [
    "edb0478d-7436-11ea-86e6-0a58ac144b91"
  ]
}

resp = client.kubernetes.destroy_associated_resources_selective(cluster_id="da8fda8", body=req)

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Retrieve the kubeconfig for a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/kubeconfig
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:access_cluster

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

This endpoint returns a kubeconfig file in YAML format. It can be used to connect to and administer the cluster using the Kubernetes command line tool, kubectl, or other programs supporting kubeconfig files (e.g., client libraries).

The resulting kubeconfig file uses token-based authentication for clusters supporting it, and certificate-based authentication otherwise. For a list of supported versions and more information, see "How to Connect to a DigitalOcean Kubernetes Cluster".

To retrieve a kubeconfig file for use with a Kubernetes cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/kubeconfig.

Clusters supporting token-based authentication may define an expiration by passing a duration in seconds as a query parameter to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/kubeconfig?expiry_seconds=$DURATION_IN_SECONDS. If not set or 0, then the token will have a 7 day expiry. The query parameter has no impact in certificate-based authentication.

Kubernetes Roles granted to a user with a token-based kubeconfig are derived from that user's DigitalOcean role. Predefined roles (Owner, Member, Modifier etc.) have an automatic mapping to Kubernetes roles. Custom roles are not automatically mapped to any Kubernetes roles, and require additional configuration by a cluster administrator.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Query Parameters

expiry_seconds integer >= 0 optional
Example: 300

The duration in seconds that the returned Kubernetes credentials will be valid. If not set or 0, the credentials will have a 7 day expiry.

Default: 0
Request: /v2/kubernetes/clusters/{cluster_id}/kubeconfig
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/kubeconfig"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    config, _, err := client.Kubernetes.GetKubeConfig(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")

    kubeConfigFile := string(config.KubeconfigYAML)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_clusters.kubeconfig(id: 'bd5f5959-5e1e-4205-a714-a914373942af')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_kubeconfig(cluster_id="da8fda8")

Responses

200

A kubeconfig file for the cluster in YAML format.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURUxCUUF3TXpFVk1CTUdBMVVFQ2ftTVJHbG4KYVhSaGJFOWpaV0Z1TVJvd0dUSREERXhGck9ITmhZWE1nUTJ4MWMzUmxjaUJEUVRBZUZ3MHhPREV4TVRVeApOakF3TWpCYUZ3MHpPREV4TVRVeE5qQXdNakJhTURNeEZUQVRCZ05WQkFvVERFUnBaMmwwWVd4UFkyVmhiakVhCk1CZ0dBMVVFQXhNUmF6aHpZV0Z6SUVOc2RYTjBaWElnUTBFd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUIKRHdBd2dnRUtBb0lCQVFDK2Z0L05Nd3pNaUxFZlFvTFU2bDgrY0hMbWttZFVKdjl4SmlhZUpIU0dZOGhPZFVEZQpGd1Zoc0pDTnVFWkpJUFh5Y0orcGpkU3pYc1lFSE03WVNKWk9xNkdaYThPMnZHUlJjN2ZQaUFJaFBRK0ZpUmYzCmRhMHNIUkZlM2hCTmU5ZE5SeTliQ2VCSTRSUlQrSEwzRFR3L2I5KytmRkdZQkRoVTEvTTZUWWRhUHR3WU0rdWgKb1pKcWJZVGJZZTFhb3R1ekdnYUpXaXRhdFdHdnNJYU8xYWthdkh0WEIOOHFxa2lPemdrSDdvd3RVY3JYM05iawozdmlVeFU4TW40MmlJaGFyeHNvTnlwdGhHOWZLMi9OdVdKTXJJS2R0Mzhwc0tkdDBFbng0MWg5K0dsMjUzMzhWCk1mdjBDVDF6SG1JanYwblIrakNkcFd0eFVLRyt0YjYzZFhNbkFnTUJBQUdqUlRCRE1BNEdBMVVkRHdFQi93UUUKQXdJQmhqQVNCZ05WSFJNQkFmOEVDREFHQVFIL0FnRUFNQjBHQTFVZERnUVdCQlNQMmJrOXJiUGJpQnZOd1Z1NQpUL0dwTFdvOTdEQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFEVjFMSGZyc1JiYVdONHE5SnBFVDMxMlluRDZ6Cm5rM3BpU1ZSYVEvM09qWG8wdHJ6Z2N4KzlVTUQxeDRHODI1RnYxc0ROWUExZEhFc2dHUmNyRkVmdGZJQWUrUVYKTitOR3NMRnQrOGZrWHdnUlpoNEU4ZUJsSVlrdEprOWptMzFMT25vaDJYZno0aGs3VmZwYkdvVVlsbmVoak1JZApiL3ZMUk05Y2EwVTJlYTB5OTNveE5pdU9PcXdrZGFjU1orczJtb3JNdGZxc3VRSzRKZDA3SENIbUFIeWpXT2k4ClVOQVUyTnZnSnBKY2RiZ3VzN2I5S3ppR1ZERklFUk04cEo4U1Nob1ZvVFFJd3d5Y2xVTU9EUUJreFFHOHNVRk8KRDE3ZjRod1dNbW5qVHY2MEJBM0dxaTZRcjdsWVFSL3drSEtQcnZjMjhoNXB0NndPWEY1b1M4OUZkUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    server: https://bd5f5959-5e1e-4205-a714-a914373942af.k8s.ondigitalocean.com
  name: do-nyc1-prod-cluster-01
contexts:
- context:
    cluster: do-nyc1-prod-cluster-01
    user: do-nyc1-prod-cluster-01-admin
  name: do-nyc1-prod-cluster-01
current-context: do-nyc1-prod-cluster-01
kind: Config
preferences: {}
users:
- name: do-nyc1-prod-cluster-01-admin
  user:
    token: 403d085aaa80102277d8da97ffd2db2b6a4f129d0e2146098fdfb0cec624babc

{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET List All Node Pools in a Kubernetes Clusters

/v2/kubernetes/clusters/{cluster_id}/node_pools
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To list all of the node pools in a Kubernetes clusters, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}/node_pools
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/node_pools"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    opt := &godo.ListOptions{
        Page:    1,
        PerPage: 200,
    }

    nodePools, _, err := client.Kubernetes.ListNodePools(ctx, "9b729d1c-730c-42e1-b136-59326fb1b3bb", opt)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

node_pools = client.kubernetes_clusters.node_pools(id: 'bd5f5959-5e1e-4205-a714-a914373942af')
node_pools.each
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.list_node_pools(cluster_id="a8fsa8d")

Responses

200

The response will be a JSON object with a key called node_pools. This will be set to an array of objects, each of which will contain the standard node pool attributes.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
node_pools array of object optional
Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "node_pools": [
    {
      "auto_scale": false,
      "count": 3,
      "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
      "labels": null,
      "max_nodes": 0,
      "min_nodes": 0,
      "name": "frontend-pool",
      "nodes": [
        {
          "created_at": "2018-11-15T16:00:11Z",
          "droplet_id": "205545370",
          "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
          "name": "adoring-newton-3niq",
          "status": {
            "state": "running"
          },
          "updated_at": "2018-11-15T16:00:11Z"
        },
        {
          "created_at": "2018-11-15T16:00:11Z",
          "droplet_id": "205545371",
          "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
          "name": "adoring-newton-3nim",
          "status": {
            "state": "running"
          },
          "updated_at": "2018-11-15T16:00:11Z"
        },
        {
          "created_at": "2018-11-15T16:00:11Z",
          "droplet_id": "205545372",
          "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
          "name": "adoring-newton-3ni7",
          "status": {
            "state": "running"
          },
          "updated_at": "2018-11-15T16:00:11Z"
        }
      ],
      "size": "s-1vcpu-2gb",
      "tags": [
        "production",
        "web-team",
        "k8s",
        "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
        "k8s:worker"
      ]
    },
    {
      "auto_scale": true,
      "count": 2,
      "id": "f49f4379-7e7f-4af5-aeb6-0354bd840778",
      "labels": {
        "priority": "high",
        "service": "backend"
      },
      "max_nodes": 5,
      "min_nodes": 2,
      "name": "backend-pool",
      "nodes": [
        {
          "created_at": "2018-11-15T16:00:11Z",
          "droplet_id": "205545373",
          "id": "3385619f-8ec3-42ba-bb23-8d21b8ba7518",
          "name": "affectionate-nightingale-3nif",
          "status": {
            "state": "running"
          },
          "updated_at": "2018-11-15T16:00:11Z"
        },
        {
          "created_at": "2018-11-15T16:00:11Z",
          "droplet_id": "205545374",
          "id": "4b8f60ff-ba06-4523-a6a4-b8148244c7e6",
          "name": "affectionate-nightingale-3niy",
          "status": {
            "state": "running"
          },
          "updated_at": "2018-11-15T16:00:11Z"
        }
      ],
      "size": "g-4vcpu-16gb",
      "tags": [
        "production",
        "web-team",
        "k8s",
        "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
        "k8s:worker"
      ]
    }
  ]
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Add a Node Pool to a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/node_pools
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To add an additional node pool to a Kubernetes clusters, send a POST request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools with the following attributes.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request Body: application/json

size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

Request: /v2/kubernetes/clusters/{cluster_id}/node_pools
Content type application/json 
{
  "auto_scale": true,
  "count": 3,
  "max_nodes": 6,
  "min_nodes": 3,
  "name": "new-pool",
  "size": "s-1vcpu-2gb",
  "tags": [
    "frontend"
  ]
}
curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"size": "s-2vcpu-4gb","count": 1,"name": "pool-02","tags": ["web"], "labels": {"service": "web", "priority": "high"}}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/node_pools"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    createRequest := &godo.KubernetesNodePoolCreateRequest{
        Name:  "pool-02",
        Size:  "s-2vcpu-4gb",
        Count: 1,
        Tags:  []string{"web"},
        Labels:  map[string]string{"service": "web", "priority": "high"},
    }

    nodePool, _, err := client.Kubernetes.CreateNodePool(ctx, "bd5f5959-5e1e-4205-a714-a914373942af", createRequest)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

node_pool = DropletKit::KubernetesNodePool.new(
  name: 'pool-02',
  size: 's-2vcpu-4gb',
  count: 1,
  tags: ['web']
  labels: {service: 'web', priority: 'high'}
)

client.kubernetes_clusters.create_node_pool(node_pool, id: 'bd5f5959-5e1e-4205-a714-a914373942af')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "size": "s-1vcpu-2gb",
  "count": 3,
  "name": "new-pool",
  "tags": [
    "frontend"
  ],
  "auto_scale": True,
  "min_nodes": 3,
  "max_nodes": 6
}

resp = client.kubernetes.add_node_pool(cluster_id="ba9d8da", body=req)

Responses

201

The response will be a JSON object with a key called node_pool. The value of this will be an object containing the standard attributes of a node pool.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
node_pool object optional
Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "node_pool": {
    "auto_scale": true,
    "count": 3,
    "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
    "labels": null,
    "max_nodes": 6,
    "min_nodes": 3,
    "name": "new-pool",
    "nodes": [
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": " ",
        "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
        "name": " ",
        "status": {
          "state": "provisioning"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      },
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": " ",
        "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
        "name": " ",
        "status": {
          "state": "provisioning"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      },
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": " ",
        "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
        "name": " ",
        "status": {
          "state": "provisioning"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      }
    ],
    "size": "s-1vcpu-2gb",
    "tags": [
      "production",
      "web-team",
      "front-end",
      "k8s",
      "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
      "k8s:worker"
    ],
    "taints": []
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Retrieve a Node Pool for a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To show information about a specific node pool in a Kubernetes cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools/$NODE_POOL_ID.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

node_pool_id string (uuid) >= 1 required
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to reference a Kubernetes node pool.

Request: /v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/credentials"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    nodePool, _, err := client.Kubernetes.GetNodePool(ctx, "bd5f5959-5e1e-4205-a714-a914373942af", "cdda885e-7663-40c8-bc74-3a036c66545d")
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_clusters.find_node_pool(id: 'bd5f5959-5e1e-4205-a714-a914373942af', pool_id: 'cdda885e-7663-40c8-bc74-3a036c66545d')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_node_pool(cluster_id="da8fda8", node_pool_id="a8a8fsa")

Responses

200

The response will be a JSON object with a key called node_pool. The value of this will be an object containing the standard attributes of a node pool.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
node_pool object optional
Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "node_pool": {
    "auto_scale": false,
    "count": 3,
    "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
    "labels": {
      "priority": "high",
      "service": "backend"
    },
    "max_nodes": 0,
    "min_nodes": 0,
    "name": "frontend-pool",
    "nodes": [
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": "205545370",
        "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
        "name": "adoring-newton-3niq",
        "status": {
          "state": "running"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      },
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": "205545371",
        "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
        "name": "adoring-newton-3nim",
        "status": {
          "state": "running"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      },
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": "205545372",
        "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
        "name": "adoring-newton-3ni7",
        "status": {
          "state": "running"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      }
    ],
    "size": "s-1vcpu-2gb",
    "tags": [
      "production",
      "web-team",
      "k8s",
      "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
      "k8s:worker"
    ],
    "taints": [
      {
        "effect": "NoSchedule",
        "key": "priority",
        "value": "high"
      }
    ]
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

PUT Update a Node Pool in a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To update the name of a node pool, edit the tags applied to it, or adjust its number of nodes, send a PUT request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools/$NODE_POOL_ID with the following attributes.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

node_pool_id string (uuid) >= 1 required
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to reference a Kubernetes node pool.

Request Body: application/json

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

Request: /v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}
Content type application/json 
{
  "auto_scale": true,
  "count": 3,
  "max_nodes": 6,
  "min_nodes": 3,
  "name": "frontend-pool",
  "tags": [
    "k8s",
    "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
    "k8s-worker",
    "production",
    "web-team"
  ],
  "taints": [
    {
      "effect": "NoSchedule",
      "key": "priority",
      "value": "high"
    }
  ]
}
curl -X PUT \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"name": "frontend","count": 1, "tags":["frontend"], "labels": {"service": "frontend", "priority": "high"}}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/node_pools/86c9bc8c-b2c3-4d40-8000-b0c7bee27305"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    updateRequest := &godo.KubernetesNodePoolUpdateRequest{
            Name:  "frontend",
            Count: 1,
            Tags:  []string{"frontend"},
        Labels:  map[string]string{"service": "frontend", "priority": "high"},
        }

    nodePool, _, err := client.Kubernetes.UpdateNodePool(ctx, "9b729d1c-730c-42e1-b136-59326fb1b3bb", "e7ed8f7c-6c1e-472f-adfb-4a9a1688b999", updateRequest)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

node_pool = DropletKit::KubernetesNodePool.new(
  name: 'frontend',
  count: 1,
  tags: ['frontend']
  labels: {service: 'frontend', priority: 'high'}
)

client.kubernetes_clusters.update_node_pool(node_pool, id: 'bd5f5959-5e1e-4205-a714-a914373942af', pool_id: '86c9bc8c-b2c3-4d40-8000-b0c7bee27305')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "name": "frontend-pool",
  "count": 3,
  "tags": [
    "k8s",
    "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
    "k8s-worker",
    "production",
    "web-team"
  ],
  "labels": None,
  "taints": [
    {
      "key": "priority",
      "value": "high",
      "effect": "NoSchedule"
    }
  ],
  "auto_scale": True,
  "min_nodes": 3,
  "max_nodes": 6
}

resp = client.kubernetes.update_node_pool(cluster_id="1fd32a", node_pool_id="392fa3a", body=req)

Responses

202

The response will be a JSON object with a key called node_pool. The value of this will be an object containing the standard attributes of a node pool.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
node_pool object optional
Show child properties
size string optional
Example: s-1vcpu-2gb

The slug identifier for the type of Droplet used as workers in the node pool.

auto_scale boolean optional
Example: true

A boolean value indicating whether auto-scaling is enabled for this node pool.

count integer optional
Example: 3

The number of Droplet instances in the node pool.

id string (uuid) optional read-only
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to identify and reference a specific node pool.

labels object optional Nullable

An object of key/value mappings specifying labels to apply to all nodes in a pool. Labels will automatically be applied to all existing nodes and any subsequent nodes added to the pool. Note that when a label is removed, it is not deleted from the nodes in the pool.

max_nodes integer optional
Example: 6

The maximum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

min_nodes integer optional
Example: 3

The minimum number of nodes that this node pool can be auto-scaled to. The value will be 0 if auto_scale is set to false.

name string optional
Example: frontend-pool

A human-readable name for the node pool.

nodes array of object optional read-only

An object specifying the details of a specific worker node in a node pool.

Show child properties
created_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was created.

droplet_id string optional
Example: 205545370

The ID of the Droplet used for the worker node.

id string (uuid) optional
Example: e78247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to identify and reference the node.

name string optional
Example: adoring-newton-3niq

An automatically generated, human-readable name for the node.

status object optional

An object containing a state attribute whose value is set to a string indicating the current status of the node.

Show child properties
state string, one of: provisioning, running, draining, deleting optional
Example: provisioning

A string indicating the current status of the node.

updated_at string (date-time) optional
Example: 2018-11-15T16:00:11Z

A time value given in ISO8601 combined date and time format that represents when the node was last updated.

tags array of string optional
Example: ["k8s","k8s:bd5f5959-5e1e-4205-a714-a914373942af","k8s-worker","production","web-team"]

An array containing the tags applied to the node pool. All node pools are automatically tagged k8s, k8s-worker, and k8s:$K8S_CLUSTER_ID.

Requires tag:read scope.

taints array of object optional

An array of taints to apply to all nodes in a pool. Taints will automatically be applied to all existing nodes and any subsequent nodes added to the pool. When a taint is removed, it is deleted from all nodes in the pool.

Show child properties
effect string, one of: NoSchedule, PreferNoSchedule, NoExecute optional
Example: NoSchedule

How the node reacts to pods that it won't tolerate. Available effect values are NoSchedule, PreferNoSchedule, and NoExecute.

key string optional
Example: priority

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

value string optional
Example: high

An arbitrary string. The key and value fields of the taint object form a key-value pair. For example, if the value of the key field is "special" and the value of the value field is "gpu", the key value pair would be special=gpu.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "node_pool": {
    "auto_scale": true,
    "count": 3,
    "id": "cdda885e-7663-40c8-bc74-3a036c66545d",
    "labels": null,
    "max_nodes": 6,
    "min_nodes": 3,
    "name": "renamed-pool",
    "nodes": [
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": "205545370",
        "id": "478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f",
        "name": "adoring-newton-3niq",
        "status": {
          "state": "running"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      },
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": "205545371",
        "id": "ad12e744-c2a9-473d-8aa9-be5680500eb1",
        "name": "adoring-newton-3nim",
        "status": {
          "state": "running"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      },
      {
        "created_at": "2018-11-15T16:00:11Z",
        "droplet_id": "205545372",
        "id": "e46e8d07-f58f-4ff1-9737-97246364400e",
        "name": "adoring-newton-3ni7",
        "status": {
          "state": "running"
        },
        "updated_at": "2018-11-15T16:00:11Z"
      }
    ],
    "size": "s-1vcpu-2gb",
    "tags": [
      "production",
      "web-team",
      "front-end",
      "new-tag",
      "k8s",
      "k8s:bd5f5959-5e1e-4205-a714-a914373942af",
      "k8s:worker"
    ],
    "taints": []
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Delete a Node Pool in a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To delete a node pool, send a DELETE request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools/$NODE_POOL_ID.

A 204 status code with no body will be returned in response to a successful request. Nodes in the pool will subsequently be drained and deleted.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

node_pool_id string (uuid) >= 1 required
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to reference a Kubernetes node pool.

Request: /v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/node_pools/86c9bc8c-b2c3-4d40-8000-b0c7bee27305"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Kubernetes.DeleteNodePool(ctx, "bd5f5959-5e1e-4205-a714-a914373942af", "86c9bc8c-b2c3-4d40-8000-b0c7bee27305")
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_clusters.delete_node_pool(id: 'bd5f5959-5e1e-4205-a714-a914373942af', pool_id: '86c9bc8c-b2c3-4d40-8000-b0c7bee27305')
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.delete_node_pool(cluster_id="da8fda8", node_pool_id="a8f3da")

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Delete a Node in a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}/nodes/{node_id}
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To delete a single node in a pool, send a DELETE request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools/$NODE_POOL_ID/nodes/$NODE_ID.

Appending the skip_drain=1 query parameter to the request causes node draining to be skipped. Omitting the query parameter or setting its value to 0 carries out draining prior to deletion.

Appending the replace=1 query parameter to the request causes the node to be replaced by a new one after deletion. Omitting the query parameter or setting its value to 0 deletes without replacement.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

node_pool_id string (uuid) >= 1 required
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to reference a Kubernetes node pool.

node_id string (uuid) >= 1 required
Example: 478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f

A unique ID that can be used to reference a node in a Kubernetes node pool.

Query Parameters

skip_drain integer 0 – 1 optional
Example: 1

Specifies whether or not to drain workloads from a node before it is deleted. Setting it to 1 causes node draining to be skipped. Omitting the query parameter or setting its value to 0 carries out draining prior to deletion.

Default: 0
replace integer 0 – 1 optional
Example: 1

Specifies whether or not to replace a node after it has been deleted. Setting it to 1 causes the node to be replaced by a new one after deletion. Omitting the query parameter or setting its value to 0 deletes without replacement.

Default: 0
Request: /v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}/nodes/{node_id}
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/node_pools/86c9bc8c-b2c3-4d40-8000-b0c7bee27305/nodes/478247f8-b1bb-4f7a-8db9-2a5f8d4b8f8f?skip_drain=0&replace=1"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    recycleRequest := &godo.KubernetesNodePoolRecycleNodesRequest{
        Nodes: []string{"3385619f-8ec3-42ba-bb23-8d21b8ba7518", "4b8f60ff-ba06-4523-a6a4-b8148244c7e6"},
    }

    _, err := client.Kubernetes.RecycleNodePoolNodes(ctx, "bd5f5959-5e1e-4205-a714-a914373942af", "86c9bc8c-b2c3-4d40-8000-b0c7bee27305", recycleRequest)
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.delete_node(cluster_id="da8fda8", node_pool_id="a8f3da", node_id="fa09daf")

Responses

202

This does not indicate the success or failure of any operation, just that the request has been accepted for processing.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Recycle a Kubernetes Node Pool

Deprecated
/v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}/recycle
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:delete

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

The endpoint has been deprecated. Please use the DELETE /v2/kubernetes/clusters/$K8S_CLUSTER_ID/node_pools/$NODE_POOL_ID/nodes/$NODE_ID method instead.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

node_pool_id string (uuid) >= 1 required
Example: cdda885e-7663-40c8-bc74-3a036c66545d

A unique ID that can be used to reference a Kubernetes node pool.

Request Body: application/json

nodes array of string optional
Example: ["d8db5e1a-6103-43b5-a7b3-8a948210a9fc"]
Request: /v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}/recycle
Content type application/json 
{
  "nodes": [
    "d8db5e1a-6103-43b5-a7b3-8a948210a9fc"
  ]
}
curl -X POST \
  -H "Authorization: Bearer $API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
  "nodes": [
    "d8db5e1a-6103-43b5-a7b3-8a948210a9fc"
  ]
}' \
  "https://api.digitalocean.com/v2/kubernetes/clusters/{cluster_id}/node_pools/{node_pool_id}/recycle"

Responses

202

This does not indicate the success or failure of any operation, just that the request has been accepted for processing.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Fetch Status Messages for a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/status_messages
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To retrieve status messages for a Kubernetes cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/status_messages. Status messages inform users of any issues that come up during the cluster lifecycle.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Query Parameters

since string (date-time) optional
Example: 2018-11-15T16:00:11Z

A timestamp used to return status messages emitted since the specified time. The timestamp should be in ISO8601 format.

Request: /v2/kubernetes/clusters/{cluster_id}/status_messages
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/status_messages"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    messages, _, err := client.Kubernetes.GetClusterStatusMessages(ctx, "8d91899c-0739-4a1a-acc5-deadbeefbb8f", nil)
}

Responses

200

The response is a JSON object which contains status messages for a Kubernetes cluster. Each message object contains a timestamp and an indication of what issue the cluster is experiencing at a given time.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
messages array of object optional
Show child properties
message string optional read-only
Example: Resource provisioning may be delayed while our team resolves an incident

Status information about the cluster which impacts it's lifecycle.

timestamp string (date-time) optional read-only
Example: 2018-11-15T16:00:11Z

A timestamp in ISO8601 format that represents when the status message was emitted.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "messages": [
    {
      "message": "Resource provisioning may be delayed while our team resolves an incident",
      "timestamp": "2018-11-15T16:00:11Z"
    }
  ]
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Upgrade a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/upgrade
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To immediately upgrade a Kubernetes cluster to a newer patch release of Kubernetes, send a POST request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/upgrade. The body of the request must specify a version attribute.

Available upgrade versions for a cluster can be fetched from /v2/kubernetes/clusters/$K8S_CLUSTER_ID/upgrades.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request Body: application/json

version string optional
Example: 1.16.13-do.0

The slug identifier for the version of Kubernetes that the cluster will be upgraded to.

Request: /v2/kubernetes/clusters/{cluster_id}/upgrade
Content type application/json 
{
  "version": "1.16.13-do.0"
}
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/upgrades"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    upgradeRequest := &godo.KubernetesClusterUpgradeRequest{
    	VersionSlug: "1.12.3-do.1",
    }
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "version": "1.16.13-do.0"
}

resp = client.kubernetes.upgrade_cluster(cluster_id="1fd32a", body=req)

Responses

202

This does not indicate the success or failure of any operation, just that the request has been accepted for processing.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Retrieve Available Upgrades for an Existing Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/upgrades
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To determine whether a cluster can be upgraded, and the versions to which it can be upgraded, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/upgrades.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}/upgrades
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/upgrades"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    upgrades, _, err := client.Kubernetes.GetUpgrades(ctx, "bd5f5959-5e1e-4205-a714-a914373942af")
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_available_upgrades(cluster_id="da8fda8")

Responses

200

The response will be a JSON object with a key called available_upgrade_versions. The value of this will be an array of objects, representing the upgrade versions currently available for this cluster.

If the cluster is up-to-date (i.e. there are no upgrades currently available) available_upgrade_versions will be null.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
available_upgrade_versions array of object optional Nullable
Show child properties
kubernetes_version string optional
Example: 1.16.13

The upstream version string for the version of Kubernetes provided by a given slug.

slug string optional
Example: 1.16.13-do.0

The slug identifier for an available version of Kubernetes for use when creating or updating a cluster. The string contains both the upstream version of Kubernetes as well as the DigitalOcean revision.

supported_features array of string optional
Example: ["cluster-autoscaler","docr-integration","token-authentication"]

The features available with the version of Kubernetes provided by a given slug.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "available_upgrade_versions": [
    {
      "kubernetes_version": "1.16.13",
      "slug": "1.16.13-do.0",
      "supported_features": [
        "cluster-autoscaler",
        "docr-integration",
        "token-authentication"
      ]
    }
  ]
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET Retrieve User Information for a Kubernetes Cluster

/v2/kubernetes/clusters/{cluster_id}/user
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To show information the user associated with a Kubernetes cluster, send a GET request to /v2/kubernetes/clusters/$K8S_CLUSTER_ID/user.

Path Parameters

cluster_id string (uuid) >= 1 required
Example: bd5f5959-5e1e-4205-a714-a914373942af

A unique ID that can be used to reference a Kubernetes cluster.

Request: /v2/kubernetes/clusters/{cluster_id}/user
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/clusters/bd5f5959-5e1e-4205-a714-a914373942af/user"
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.get_cluster_user(cluster_id="da8fda8")

Responses

200

The response will be a JSON object with a key called kubernetes_cluster_user containing the username and in-cluster groups that it belongs to.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
kubernetes_cluster_user object optional
Show child properties
groups array of string optional
Example: ["k8saas:authenticated"]

A list of in-cluster groups that the user belongs to.

username string (email) optional
Example: [email protected]

The username for the cluster admin user.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "kubernetes_cluster_user": {
    "groups": [
      "k8saas:authenticated"
    ],
    "username": "[email protected]"
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

GET List Available Regions, Node Sizes, and Versions of Kubernetes

/v2/kubernetes/options
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:read

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To list the versions of Kubernetes available for use, the regions that support Kubernetes, and the available node sizes, send a GET request to /v2/kubernetes/options.

Request: /v2/kubernetes/options
curl -X GET \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/kubernetes/options"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    options, _, err := client.Kubernetes.GetOptions(ctx)
}
require 'droplet_kit'
token = ENV['DIGITALOCEAN_TOKEN']
client = DropletKit::Client.new(access_token: token)

client.kubernetes_options.all
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

resp = client.kubernetes.list_options()

Responses

200

The response will be a JSON object with a key called options which contains regions, versions, and sizes objects listing the available options and the matching slugs for use when creating a new cluster.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
options object optional
Show child properties
regions array of object optional
Show child properties
name string optional
Example: New York 3

A DigitalOcean region where Kubernetes is available.

slug string optional
Example: nyc3

The identifier for a region for use when creating a new cluster.

sizes array of object optional
Show child properties
name string optional
Example: s-1vcpu-2gb

A Droplet size available for use in a Kubernetes node pool.

slug string optional
Example: s-1vcpu-2gb

The identifier for a size for use when creating a new cluster.

versions array of object optional
Show child properties
kubernetes_version string optional
Example: 1.16.13

The upstream version string for the version of Kubernetes provided by a given slug.

slug string optional
Example: 1.16.13-do.0

The slug identifier for an available version of Kubernetes for use when creating or updating a cluster. The string contains both the upstream version of Kubernetes as well as the DigitalOcean revision.

supported_features array of string optional
Example: ["cluster-autoscaler","docr-integration","token-authentication"]

The features available with the version of Kubernetes provided by a given slug.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

404

The resource was not found.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "options": {
    "regions": [
      {
        "name": "New York 1",
        "slug": "nyc1"
      },
      {
        "name": "Singapore 1",
        "slug": "sgp1"
      },
      {
        "name": "London 1",
        "slug": "lon1"
      },
      {
        "name": "New York 3",
        "slug": "nyc3"
      },
      {
        "name": "Amsterdam 3",
        "slug": "ams3"
      },
      {
        "name": "Frankfurt 1",
        "slug": "fra1"
      },
      {
        "name": "Toronto 1",
        "slug": "tor1"
      },
      {
        "name": "San Francisco 2",
        "slug": "sfo2"
      },
      {
        "name": "Bangalore 1",
        "slug": "blr1"
      },
      {
        "name": "San Francisco 3",
        "slug": "sfo3"
      }
    ],
    "sizes": [
      {
        "name": "s-1vcpu-2gb",
        "slug": "s-1vcpu-2gb"
      },
      {
        "name": "s-2vcpu-2gb",
        "slug": "s-2vcpu-2gb"
      },
      {
        "name": "s-1vcpu-3gb",
        "slug": "s-1vcpu-3gb"
      },
      {
        "name": "s-2vcpu-4gb",
        "slug": "s-2vcpu-4gb"
      },
      {
        "name": "s-4vcpu-8gb",
        "slug": "s-4vcpu-8gb"
      },
      {
        "name": "c-2-4GiB",
        "slug": "c-2"
      },
      {
        "name": "g-2vcpu-8gb",
        "slug": "g-2vcpu-8gb"
      },
      {
        "name": "gd-2vcpu-8gb",
        "slug": "gd-2vcpu-8gb"
      },
      {
        "name": "s-8vcpu-16gb",
        "slug": "s-8vcpu-16gb"
      },
      {
        "name": "s-6vcpu-16gb",
        "slug": "s-6vcpu-16gb"
      },
      {
        "name": "c-4-8GiB",
        "slug": "c-4"
      },
      {
        "name": "m-2vcpu-16gb",
        "slug": "m-2vcpu-16gb"
      },
      {
        "name": "m3-2vcpu-16gb",
        "slug": "m3-2vcpu-16gb"
      },
      {
        "name": "g-4vcpu-16gb",
        "slug": "g-4vcpu-16gb"
      },
      {
        "name": "gd-4vcpu-16gb",
        "slug": "gd-4vcpu-16gb"
      },
      {
        "name": "m6-2vcpu-16gb",
        "slug": "m6-2vcpu-16gb"
      },
      {
        "name": "s-8vcpu-32gb",
        "slug": "s-8vcpu-32gb"
      },
      {
        "name": "c-8-16GiB",
        "slug": "c-8"
      },
      {
        "name": "m-4vcpu-32gb",
        "slug": "m-4vcpu-32gb"
      },
      {
        "name": "m3-4vcpu-32gb",
        "slug": "m3-4vcpu-32gb"
      },
      {
        "name": "g-8vcpu-32gb",
        "slug": "g-8vcpu-32gb"
      },
      {
        "name": "s-12vcpu-48gb",
        "slug": "s-12vcpu-48gb"
      },
      {
        "name": "gd-8vcpu-32gb",
        "slug": "gd-8vcpu-32gb"
      },
      {
        "name": "m6-4vcpu-32gb",
        "slug": "m6-4vcpu-32gb"
      },
      {
        "name": "s-16vcpu-64gb",
        "slug": "s-16vcpu-64gb"
      },
      {
        "name": "c-16",
        "slug": "c-16"
      },
      {
        "name": "m-8vcpu-64gb",
        "slug": "m-8vcpu-64gb"
      },
      {
        "name": "m3-8vcpu-64gb",
        "slug": "m3-8vcpu-64gb"
      },
      {
        "name": "g-16vcpu-64gb",
        "slug": "g-16vcpu-64gb"
      },
      {
        "name": "s-20vcpu-96gb",
        "slug": "s-20vcpu-96gb"
      },
      {
        "name": "gd-16vcpu-64gb",
        "slug": "gd-16vcpu-64gb"
      },
      {
        "name": "m6-8vcpu-64gb",
        "slug": "m6-8vcpu-64gb"
      },
      {
        "name": "s-24vcpu-128gb",
        "slug": "s-24vcpu-128gb"
      },
      {
        "name": "c-32-64GiB",
        "slug": "c-32"
      },
      {
        "name": "m-16vcpu-128gb",
        "slug": "m-16vcpu-128gb"
      },
      {
        "name": "m3-16vcpu-128gb",
        "slug": "m3-16vcpu-128gb"
      },
      {
        "name": "g-32vcpu-128gb",
        "slug": "g-32vcpu-128gb"
      },
      {
        "name": "s-32vcpu-192gb",
        "slug": "s-32vcpu-192gb"
      },
      {
        "name": "gd-32vcpu-128gb",
        "slug": "gd-32vcpu-128gb"
      },
      {
        "name": "m-24vcpu-192gb",
        "slug": "m-24vcpu-192gb"
      },
      {
        "name": "m6-16vcpu-128gb",
        "slug": "m6-16vcpu-128gb"
      },
      {
        "name": "g-40vcpu-160gb",
        "slug": "g-40vcpu-160gb"
      },
      {
        "name": "gd-40vcpu-160gb",
        "slug": "gd-40vcpu-160gb"
      },
      {
        "name": "m3-24vcpu-192gb",
        "slug": "m3-24vcpu-192gb"
      },
      {
        "name": "m-32vcpu-256gb",
        "slug": "m-32vcpu-256gb"
      },
      {
        "name": "m6-24vcpu-192gb",
        "slug": "m6-24vcpu-192gb"
      },
      {
        "name": "m3-32vcpu-256gb",
        "slug": "m3-32vcpu-256gb"
      },
      {
        "name": "m6-32vcpu-256gb",
        "slug": "m6-32vcpu-256gb"
      }
    ],
    "versions": [
      {
        "kubernetes_version": "1.18.8",
        "slug": "1.18.8-do.0",
        "supported_features": [
          "cluster-autoscaler",
          "docr-integration",
          "token-authentication"
        ]
      },
      {
        "kubernetes_version": "1.17.11",
        "slug": "1.17.11-do.0",
        "supported_features": [
          "cluster-autoscaler",
          "docr-integration",
          "token-authentication"
        ]
      },
      {
        "kubernetes_version": "1.16.14",
        "slug": "1.16.14-do.0",
        "supported_features": [
          "cluster-autoscaler",
          "docr-integration",
          "token-authentication"
        ]
      }
    ]
  }
}
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "not_found",
  "message": "The resource you requested could not be found."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Add Container Registries to Kubernetes Clusters

/v2/kubernetes/registries
Authorizations: bearer_auth (2 scopes)
Http: Bearer
Required scopes: kubernetes:create kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To integrate the container registries with Kubernetes clusters, send a POST request to /v2/kubernetes/registries.

Request Body: application/json

cluster_uuids array of string optional
Example: ["bd5f5959-5e1e-4205-a714-a914373942af","50c2f44c-011d-493e-aee5-361a4a0d1844"]

An array containing the UUIDs of Kubernetes clusters.

registries array of string optional
Example: ["registry-a","registry-b"]

An array containing the registry names.

Request: /v2/kubernetes/registries
Content type application/json 
{
  "cluster_uuids": [
    "bd5f5959-5e1e-4205-a714-a914373942af",
    "50c2f44c-011d-493e-aee5-361a4a0d1844"
  ],
  "registries": [
    "registry-a",
    "registry-b"
  ]
}
curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"cluster_uuids": ["bd5f5959-5e1e-4205-a714-a914373942af", "50c2f44c-011d-493e-aee5-361a4a0d1844"], "registries": ["registry-a", "registry-b"]}' \
  "https://api.digitalocean.com/v2/kubernetes/registries"

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Remove Container Registries from Kubernetes Clusters

/v2/kubernetes/registries
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To remove the container registries from Kubernetes clusters, send a DELETE request to /v2/kubernetes/registries.

Request Body: application/json

cluster_uuids array of string optional
Example: ["bd5f5959-5e1e-4205-a714-a914373942af","50c2f44c-011d-493e-aee5-361a4a0d1844"]

An array containing the UUIDs of Kubernetes clusters.

registries array of string optional
Example: ["registry-a","registry-b"]

An array containing the registry names.

Request: /v2/kubernetes/registries
Content type application/json 
{
  "cluster_uuids": [
    "bd5f5959-5e1e-4205-a714-a914373942af",
    "50c2f44c-011d-493e-aee5-361a4a0d1844"
  ],
  "registries": [
    "registry-a",
    "registry-b"
  ]
}
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"cluster_uuids": ["bd5f5959-5e1e-4205-a714-a914373942af", "50c2f44c-011d-493e-aee5-361a4a0d1844"], "registries": ["registry-a", "registry-b"]}' \
  "https://api.digitalocean.com/v2/kubernetes/registries"

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

POST Add Container Registry to Kubernetes Clusters

/v2/kubernetes/registry
Authorizations: bearer_auth (2 scopes)
Http: Bearer
Required scopes: kubernetes:create kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To integrate the container registry with Kubernetes clusters, send a POST request to /v2/kubernetes/registry.

Request Body: application/json

cluster_uuids array of string optional
Example: ["bd5f5959-5e1e-4205-a714-a914373942af","50c2f44c-011d-493e-aee5-361a4a0d1844"]

An array containing the UUIDs of Kubernetes clusters.

Request: /v2/kubernetes/registry
Content type application/json 
{
  "cluster_uuids": [
    "bd5f5959-5e1e-4205-a714-a914373942af",
    "50c2f44c-011d-493e-aee5-361a4a0d1844"
  ]
}
curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"cluster_uuids": ["bd5f5959-5e1e-4205-a714-a914373942af", "50c2f44c-011d-493e-aee5-361a4a0d1844"]}' \
  "https://api.digitalocean.com/v2/kubernetes/registry"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Kubernetes.AddRegistry(ctx, &godo.KubernetesClusterRegistryRequest{ClusterUUIDs: []string{"bd5f5959-5e1e-4205-a714-a914373942af"}})
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "cluster_uuids": [
    "bd5f5959-5e1e-4205-a714-a914373942af",
    "50c2f44c-011d-493e-aee5-361a4a0d1844"
  ]
}

resp = client.kubernetes.add_registry(body=req)

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

DELETE Remove Container Registry from Kubernetes Clusters

/v2/kubernetes/registry
Authorizations: bearer_auth (1 scope)
Http: Bearer
Required scopes: kubernetes:update

OAuth Authentication

In order to interact with the DigitalOcean API, you or your application must authenticate.

The DigitalOcean API handles this through OAuth, an open standard for authorization. OAuth allows you to delegate access to your account. Scopes can be used to grant full access, read-only access, or access to a specific set of endpoints.

You can generate an OAuth token by visiting the Apps & API section of the DigitalOcean control panel for your account.

An OAuth token functions as a complete authentication request. In effect, it acts as a substitute for a username and password pair.

Because of this, it is absolutely essential that you keep your OAuth tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.

DigitalOcean access tokens begin with an identifiable prefix in order to distinguish them from other similar tokens.

  • dop_v1_ for personal access tokens generated in the control panel
  • doo_v1_ for tokens generated by applications using the OAuth flow
  • dor_v1_ for OAuth refresh tokens

Scopes

Scopes act like permissions assigned to an API token. These permissions determine what actions the token can perform. You can create API tokens that grant read-only access, full access, or limited access to specific endpoints by using custom scopes.

Generally, scopes are designed to match HTTP verbs and common CRUD operations (Create, Read, Update, Delete).

HTTP Verb CRUD Operation Scope
GET Read <resource>:read
POST Create <resource>:create
PUT/PATCH Update <resource>:update
DELETE Delete <resource>:delete

For example, creating a new Droplet by making a POST request to the /v2/droplets endpoint requires the droplet:create scope while listing Droplets by making a GET request to the /v2/droplets endpoint requires the droplet:read scope.

Each endpoint below specifies which scope is required to access it when using custom scopes.

How to Authenticate with OAuth

In order to make an authenticated request, include a bearer-type Authorization header containing your OAuth token. All requests must be made over HTTPS.

Authenticate with a Bearer Authorization Header

curl -X $HTTP_METHOD -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" "https://api.digitalocean.com/v2/$OBJECT"

To remove the container registry from Kubernetes clusters, send a DELETE request to /v2/kubernetes/registry.

Request Body: application/json

cluster_uuids array of string optional
Example: ["bd5f5959-5e1e-4205-a714-a914373942af","50c2f44c-011d-493e-aee5-361a4a0d1844"]

An array containing the UUIDs of Kubernetes clusters.

Request: /v2/kubernetes/registry
Content type application/json 
{
  "cluster_uuids": [
    "bd5f5959-5e1e-4205-a714-a914373942af",
    "50c2f44c-011d-493e-aee5-361a4a0d1844"
  ]
}
curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  -d '{"cluster_uuids": ["bd5f5959-5e1e-4205-a714-a914373942af", "50c2f44c-011d-493e-aee5-361a4a0d1844"]}' \
  "https://api.digitalocean.com/v2/kubernetes/registry"
import (
    "context"
    "os"

    "github.com/digitalocean/godo"
)

func main() {
    token := os.Getenv("DIGITALOCEAN_TOKEN")

    client := godo.NewFromToken(token)
    ctx := context.TODO()

    _, err := client.Kubernetes.RemoveRegistry(ctx, &godo.KubernetesClusterRegistryRequest{ClusterUUIDs: []string{"bd5f5959-5e1e-4205-a714-a914373942af"}})
}
import os
from pydo import Client

client = Client(token=os.environ.get("DIGITALOCEAN_TOKEN"))

req = {
  "cluster_uuids": [
    "bd5f5959-5e1e-4205-a714-a914373942af",
    "50c2f44c-011d-493e-aee5-361a4a0d1844"
  ]
}

resp = client.kubernetes.remove_registry(body=req)

Responses

204

The action was successful and the response body is empty.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

401

Authentication failed due to invalid credentials.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

429

The API rate limit has been exceeded.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

500

There was a server error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

default

There was an unexpected error.
Response Headers
ratelimit-limit integer

The default limit on number of requests that can be made per hour and per minute. Current rate limits are 5000 requests per hour and 250 requests per minute.

ratelimit-remaining integer

The number of requests in your hourly quota that remain before you hit your request limit. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

ratelimit-reset integer

The time when the oldest request will expire. The value is given in Unix epoch time. See https://docs.digitalocean.com/reference/api/reference/#rate-limit for information about how requests expire.

Response Schema: application/json
id string required
Example: not_found

A short identifier corresponding to the HTTP status code returned. For example, the ID for a response returning a 404 status code would be "not_found."

message string required
Example: The resource you were accessing could not be found.

A message providing additional information about the error, including details to help resolve it when possible.

request_id string optional
Example: 4d9d8375-3c56-4925-a3e7-eb137fed17e9

Optionally, some endpoints may include a request ID that should be provided when reporting bugs or opening support tickets to help identify the issue.

Response
{
  "id": "unauthorized",
  "message": "Unable to authenticate you."
}
{
  "id": "too_many_requests",
  "message": "API rate limit exceeded."
}
{
  "id": "server_error",
  "message": "Unexpected server-side error"
}
{
  "id": "example_error",
  "message": "some error message"
}

We can't find any results for your search.

Try using different keywords or simplifying your search terms.