A lightweight REST API for restarting, stopping, and starting Kubernetes workloads via HTTP. Built with .NET 8 and deployable to any Kubernetes cluster — cloud or on-prem.
- Restart all pods in a namespace
- Scale deployments to 0 (stop)
- Restore deployments to their previous replica count (start)
- Restart individual deployments or pods
- Protected with optional Basic Authentication
- Swagger UI built-in
This service is compatible with:
- ✅ AKS (Azure Kubernetes Service)
- ✅ EKS (Amazon Elastic Kubernetes Service)
- ✅ GKE (Google Kubernetes Engine)
- ✅ On-prem clusters (e.g., kubeadm, Rancher)
- ✅ kind / minikube / k3s
As long as:
- The cluster supports standard Kubernetes RBAC
- You are running Kubernetes v1.21+
- You apply the ClusterRole + ServiceAccount + Secret setup correctly
Set the following environment variables to enable Basic Auth:
ENABLE_BASIC_AUTH=true
BASIC_AUTH_USER=admin
BASIC_AUTH_PASSWORD=secretWhen enabled, Swagger will show an "Authorize" button. Without it, the API is unauthenticated (for internal/test use only).
| Method | Endpoint | Description |
|---|---|---|
| POST | /namespace/{ns}/restart |
Restart all pods in the namespace |
| POST | /namespace/{ns}/stop |
Scale all deployments to 0 replicas |
| POST | /namespace/{ns}/start |
Restore deployments to their previous replica counts |
| POST | /namespace/{ns}/deployment/{deployment}/restart |
Restart all pods in the deployment |
| POST | /namespace/{ns}/deployment/{deployment}/stop |
Scale deployment to 0 replicas |
| POST | /namespace/{ns}/deployment/{deployment}/start |
Scale deployment to last known replica count |
| POST | /namespace/{ns}/pod/{pod}/restart |
Restart a single pod |
The service must run with a ClusterRole bound to a ServiceAccount with access to pods and deployments in all namespaces.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: k8s-restart-role
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "delete"]
- apiGroups: ["apps"]
resources: ["deployments", "replicasets"]
verbs: ["get", "list", "patch", "update"]apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: k8s-restart-binding
subjects:
- kind: ServiceAccount
name: k8s-restart
namespace: kube-system
roleRef:
kind: ClusterRole
name: k8s-restart-role
apiGroup: rbac.authorization.k8s.ioapiVersion: v1
kind: ServiceAccount
metadata:
name: k8s-restart
namespace: kube-systemkubectl create secret generic k8s-restart-auth \
--namespace kube-system \
--from-literal=user=admin \
--from-literal=password=secretkubectl apply -k k8s/baseThis deploys:
- The API service
- Ingress
- ServiceAccount
- ClusterRole + Binding
Once deployed, access the Swagger UI at:
https://<your-domain>/swagger
Log in with Basic Auth if enabled, and interact with the API directly from the browser.
This software is © 2025 Affinity7 Consulting Ltd.
It is licensed under the MIT License, allowing commercial and non-commercial use, modification, and distribution, with attribution.
Disclaimer: This software is provided "as is", without warranty of any kind. Use it at your own risk.
For support or licensing inquiries, visit Affinity7 Software.
This project is licensed under the MIT License. See LICENSE for details.
Third-party dependencies are documented in: