分享交流
合作共赢!
        找回密码
当前位置:琼杰笔记 > kubernetes > 正文

Kubernetes/K8S基础使用方法总结【八】——configMap和secret存储卷

2020-05-25 分类:kubernetes 阅读(3099) 评论(0)

一、简述

对于不同的应用场景,容器化应用需要满足不同的配置条件,更改容器化应用配置有以下几种方式:

  1. 自定义命令行参数:如通过定义arg的值[]传参来改变;
  2. 制作镜像时,把配置文件备份至镜像进行打包;
  3. 通过配置环境变量更改,如:ENTRYPOINT预处理脚本方式,如果是Cloud Native的应用可以直接通过环境变量加载配置;
  4. 存储卷方式,推荐configMap和secret存储卷;

configMap和secret存储卷向容器化应用注入配置信息的方式,支持动态修改配置文件,重载生效,可以使同一个容器化应用支持不容的应用场景。可以直接挂在configMap存储卷,也可以定义ENV环境变量的方式来使用。

二、configmap使用实例

1.简介

configMap(简称cm),创建yaml配置清单选项如下:

[root@master1 volumes]# kubectl explain configMap
KIND: ConfigMap
VERSION: v1

DESCRIPTION:
ConfigMap holds configuration data for pods to consume.

FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

binaryData <map[string]string>
BinaryData contains the binary data. Each key must consist of alphanumeric
characters, '-', '_' or '.'. BinaryData can contain byte sequences that are
not in the UTF-8 range. The keys stored in BinaryData must not overlap with
the ones in the Data field, this is enforced during validation process.
Using this field will require 1.10+ apiserver and kubelet.

data <map[string]string>
Data contains the configuration data. Each key must consist of alphanumeric
characters, '-', '_' or '.'. Values with non-UTF-8 byte sequences must use
the BinaryData field. The keys stored in Data must not overlap with the
keys in the BinaryData field, this is enforced during validation process.

immutable <boolean>
Immutable, if set to true, ensures that data stored in the ConfigMap cannot
be updated (only object metadata can be modified). If not set to true, the
field can be modified at any time. Defaulted to nil. This is an alpha field
enabled by ImmutableEphemeralVolumes feature gate.

kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

pod挂载configmap选项

如果cm包含多个配置选项,可以只引用其中部分配置项

[root@master1 volumes]# kubectl explain pods.spec.volumes.configMap
KIND:     Pod
VERSION:  v1

RESOURCE: configMap <Object>

DESCRIPTION:
     ConfigMap represents a configMap that should populate this volume

     Adapts a ConfigMap into a volume. The contents of the target ConfigMap's
     Data field will be presented in a volume as files using the keys in the
     Data field as the file names, unless the items element is populated with
     specific mappings of keys to paths. ConfigMap volumes support ownership
     management and SELinux relabeling.

FIELDS:
   defaultMode	<integer>
     Optional: mode bits to use on created files by default. Must be a value
     between 0 and 0777. Defaults to 0644. Directories within the path are not
     affected by this setting. This might be in conflict with other options that
     affect the file mode, like fsGroup, and the result can be other mode bits
     set.

   items	<[]Object>
     If unspecified, each key-value pair in the Data field of the referenced
     ConfigMap will be projected into the volume as a file whose name is the key
     and content is the value. If specified, the listed keys will be projected
     into the specified paths, and unlisted keys will not be present. If a key
     is specified which is not present in the ConfigMap, the volume setup will
     error unless it is marked optional. Paths must be relative and may not
     contain the '..' path or start with '..'.

   name	<string>
     Name of the referent. More info:
     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

   optional	<boolean>
     Specify whether the ConfigMap or its keys must be defined

2.创建和查看configmap

2.1. 通过key和value创建和查看configMap:

[root@master1 volumes]# kubectl create configmap nginx-config --from-literal=nginx_port=80 --from-literal=server_name=myapp.qjbj.com
configmap/nginx-config created
[root@master1 volumes]# kubectl get cm
NAME DATA AGE
nginx-config 2 7s
[root@master1 volumes]# kubectl describe cm nginx-config
Name: nginx-config
Namespace: default
Labels: <none>
Annotations: <none>

Data
====
nginx_port:
----
80
server_name:
----
myapp.qjbj.com
Events: <none>

2.2.通过文件创建和查看configmap:

先创建文件www.conf,文件名为configmap的key,文件内容为configmap的value。

[root@master1 volumes]# vim www.conf
server{
listen 80;
server_name myapp.qjbj.com;
root /data/web/html;
}

创建和查看cm:

[root@master1 volumes]# kubectl create configmap nginx-www --from-file=./www.conf
configmap/nginx-www created
[root@master1 volumes]# kubectl get cm
NAME DATA AGE
nginx-config 2 6m41s
nginx-www 1 9s
[root@master1 volumes]# kubectl describe cm nginx-www
Name: nginx-www
Namespace: default
Labels: <none>
Annotations: <none>

Data
====
www.conf:
----
server{
listen 80;
server_name myapp.qjbj.com;
root /data/web/html;
}

Events: <none>

3.使用configmap

3.1通过env使用configmap

编写yaml配置清单,创建pod并配置和使用configmap

apiVersion: v1
kind: Pod
metadata:
  name: podcm1
  namespace: default
  labels:
    app: myapp
    tier: frontend
  annotations:
    qjbj.com/created.by: "cluster admin"
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    env:
    - name: NGINX_SERVER_PORT
      valueFrom:
        configMapKeyRef:
          name: nginx-config
          key: nginx_port
    - name: NGINX_SERVER_NAME
      valueFrom:
        configMapKeyRef:
          name: nginx-config
          key: server_name

创建pod后查看传递的环境变量,如下表示成功!

[root@master1 volumes]# kubectl exec -it podcm1 -- /bin/sh -c printenv
MYAPP_SVC_PORT_80_TCP_ADDR=10.98.57.156
MYAPP_SERVICE_PORT_HTTP=80
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT=443
TOMCAT_PORT_8080_TCP=tcp://10.106.230.183:8080
TOMCAT_PORT_8009_TCP=tcp://10.106.230.183:8009
MYAPP_SVC_PORT_80_TCP_PORT=80
HOSTNAME=podcm1
SHLVL=1
MYAPP_SVC_PORT_80_TCP_PROTO=tcp
HOME=/root
MYAPP_SERVICE_HOST=10.108.232.236
NGINX_SERVER_PORT=80
NGINX_SERVER_NAME=myapp.qjbj.com

3.2.通过挂载存储卷使用configmap

您暂时无权查看此隐藏内容!

3.pod中使用secret

编写yaml配置文件挂载secret

查看pod环境变量,如下显示MYSQL-ROOT-PASSWORD变量即表示成功!

[root@master1 volumes]# kubectl exec -it podsecret1 -- /bin/sh -c printenv
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
TOMCAT_SERVICE_PORT_HTTP=8080
KUBERNETES_PORT_443_TCP_PROTO=tcp
MYAPP_PORT_80_TCP_PORT=80
MYAPP_PORT_80_TCP_PROTO=tcp
MYAPP_SVC_SERVICE_HOST=10.98.57.156
MYSQL-ROOT-PASSWORD=MyP@ss123
内容查看价格3.99立即支付
注意:本站少数资源收集于网络,如涉及版权等问题请及时与站长联系,我们会在第一时间内与您协商解决。如非特殊说明,本站所有资源解压密码均为:zhangqiongjie.com。 作者:1923002089
赞(0) 打赏
未经允许不得转载:琼杰笔记 » Kubernetes/K8S基础使用方法总结【八】——configMap和secret存储卷
标签:

相关推荐

评论 抢沙发

评论前必须登录!

 

2024年 11月
 1234
567891011
12131415161718
19202122232425
262728293031  
吐血推荐

wordpress转型docker运行,数据持久化并定期与github更新同步

将wordpress传统的lnmp等部署架构转型为docker容器化,所有数据包括mysql数据库、wordpress站点静态资源全部托管到github,并实现一键部署,数据持久化。另外这些数据会通过cronjob定期和github自动同步,目前所访问的站点极为容器托管。

分类

分享交流,合作共赢!

联系我们加入QQ群

觉得文章有用就打赏一下文章作者

非常感谢你的打赏,我们将继续给力更多优质内容,让我们一起创建更加美好的网络世界!

支付宝扫一扫打赏

微信扫一扫打赏