美文网首页k8s原理
k8s存储之configmap学习

k8s存储之configmap学习

作者: wowshiwoniu | 来源:发表于2020-05-25 01:27 被阅读0次

k8s存储主要有以下几种类型

  • configmap
  • secret
  • volume
  • PersistentVolume

configmap

在k8s1.2版本引入,应用程序可能会从配置文件、命令行参数或环境变量中读取配置信息。configmap给我们提供了这样一种机制,可以用来保存单个属性、整个配置文件或者josn二进制大对象。

环境变量

在pod模板内添加容器变量

kind: Pod
spec:
  containers:
    - image: nginx
      name: nginx
      env:
        - name: nginx_port
          value: "8080"

使用configmap,可以将其解耦


image.png 
# 添加单个变量
kubectl create configmap fortune-config -- from-literal=nginx_port=80

# 添加多个变量
kubectl create configmap myconfigmap --from-literal=nginx_port=80 --from-literal=server_name=www.example.com

# 查看cm
➜  .kube kubectl get cm
NAME           DATA   AGE
nginx-config   2      38s

# 获取yaml文件
➜  .kube kubectl get cm nginx-config -o yaml
apiVersion: v1
data:
  nginx_port: "80"
  server_name: www.example.com
kind: ConfigMap
metadata:
  creationTimestamp: "2020-05-24T16:28:10Z"
  name: nginx-config
  namespace: default
  resourceVersion: "684"
  selfLink: /api/v1/namespaces/default/configmaps/nginx-config
  uid: dc6e4574-9500-41ce-bcba-e2066c30452c

示例pod文件,使用configmap中的key-value

apiVersion: v1
kind: Pod
metadata:
  name: pod-cm-1
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: woshiwoniu/nginx-test:v1.0
    ports:
    - name: http
      containerPort: 80
    - name: https
      containerPort: 443
    env:
    - name: NGINX_SERVER_PORT
      valueFrom:
        configMapKeyRef:
          name: nginx-config
          key: nginx_port
    - name: NGINX_SERVER_NAME
      valueFrom:
        configMapKeyRef:
          name: nginx-config
          key: server_name

运行查看pod环境变量

➜ kubectl get pods
NAME       READY   STATUS    RESTARTS   AGE
pod-cm-1   1/1     Running   0          11m
➜ kubectl exec -it pod-cm-1 bash
root@pod-cm-1:/# printenv
KUBERNETES_SERVICE_PORT_HTTPS=443
KUBERNETES_SERVICE_PORT=443
HOSTNAME=pod-cm-1
PWD=/
NGINX_SERVER_PORT=80
PKG_RELEASE=1~buster
HOME=/root
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
NJS_VERSION=0.3.7
TERM=xterm
SHLVL=1
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
KUBERNETES_SERVICE_HOST=10.96.0.1
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_PORT_443_TCP_PORT=443
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
NGINX_VERSION=1.17.7
NGINX_SERVER_NAME=www.example.com
_=/usr/bin/printenv

PS:此处以环境变量的方式传进去,只在pod创建时生效,后续更改config文件不会影响pod内的环境变量的值。如果变量需要调整,我们可以采用volume的方式来挂载变量。下面这种方式,采用将configmap中的key-value数据以文件的形式挂载到pod内,key作为文件名,value作为文件内容,可以用于一些简单的配置文件、证书文件之类的,直接以字符串的形式添加到configmap内,不用考虑源文件路径的问题。

apiVersion: v1
kind: Pod
metadata:
  name: pod-cm-3
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: woshiwoniu/nginx-test:v1.0
    ports:
    - name: http
      containerPort: 80
    volumeMounts:
    - name: nginxconf
      mountPath: /etc/nginx/config.d/
      readOnly: true
  volumes:
  - name: nginxconf
    configMap:
      name: nginx-config

变量在当前文件下链接到cm

➜  kubectl exec -it pod-cm-3 bash
root@pod-cm-3:/# cd /etc/nginx/conf
conf.d/   config.d/
root@pod-cm-3:/# cd /etc/nginx/config.d/
root@pod-cm-3:/etc/nginx/config.d# ls
nginx_port  server_name
root@pod-cm-3:/etc/nginx/config.d# cat nginx_port
80root@pod-cm-3:/etc/nginx/config.d# ls -la
total 12
drwxrwxrwx 3 root root 4096 May 24 17:24 .
drwxr-xr-x 1 root root 4096 May 24 17:24 ..
drwxr-xr-x 2 root root 4096 May 24 17:24 ..2020_05_24_17_24_14.541551667
lrwxrwxrwx 1 root root   31 May 24 17:24 ..data -> ..2020_05_24_17_24_14.541551667
lrwxrwxrwx 1 root root   17 May 24 17:24 nginx_port -> ..data/nginx_port
lrwxrwxrwx 1 root root   18 May 24 17:24 server_name -> ..data/server_name
从文件内容创建configmap
# www.conf文件
server {
    server_name www.example.comi;
    listen 80;
    root /data/web/html/;
}

创建configmap

# 通过文件创建
➜  configmap kubectl create configmap nginx-www --from-file=./www.conf
configmap/nginx-www created

# 查看
➜  configmap kubectl get configmap/nginx-www -o yaml
apiVersion: v1
data:
  www.conf: |
    server {
        server_name www.example.comi;
        listen 80;
        root /data/web/html/;
    }
kind: ConfigMap
metadata:
  creationTimestamp: "2020-05-24T16:35:01Z"
  name: nginx-www
  namespace: default
  resourceVersion: "1585"
  selfLink: /api/v1/namespaces/default/configmaps/nginx-www
  uid: ae1fa92b-a99d-442a-a02d-1eeff29fdfe4

示例pod文件,使用configmap中的key-value

apiVersion: v1
kind: Pod
metadata:
  name: pod-cm-2
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: woshiwoniu/nginx-test:v1.0
    ports:
    - name: http
      containerPort: 80
    volumeMounts:
    - name: nginxconf
      mountPath: /etc/nginx/conf.d/
      readOnly: true
  volumes:
  - name: nginxconf
    configMap:
      name: nginx-www

查看pod内配置文件

➜  ~ kubectl exec -it pod-cm-2 bash
root@pod-cm-2:/# cd /etc/nginx/
conf.d/         fastcgi_params  koi-utf         koi-win         mime.types      modules/        nginx.conf      scgi_params     uwsgi_params    win-utf
root@pod-cm-2:/# cd /etc/nginx/conf.d/
..2020_05_24_17_14_29.874874255/ ..data/                          www.conf
root@pod-cm-2:/# cd /etc/nginx/conf.d/
root@pod-cm-2:/etc/nginx/conf.d# ls
www.conf
root@pod-cm-2:/etc/nginx/conf.d# ll
bash: ll: command not found
root@pod-cm-2:/etc/nginx/conf.d# cat www.conf
server {
    server_name www.example.comi;
    listen 80;
    root /data/web/html/;
}

# 编辑cm内的端口号80为8080
➜  ~ kubectl edit cm nginx-www
configmap/nginx-www edited

# 可以看到pod内更新
root@pod-cm-2:/etc/nginx/conf.d# cat www.conf
server {
    server_name www.example.comi;
    listen 8080;
    root /data/web/html/;
}

secret

用来保存一些账号密码,通过简单的base64对数据进行加密
简单的密码创建

➜  kubectl create secret generic mysql-password --from-literal=password=123456
secret/mysql-password created
➜  kubectl get secret
NAME                  TYPE                                  DATA   AGE
default-token-js5vc   kubernetes.io/service-account-token   3      65m
mysql-password        Opaque                                1      9s

➜  ~ kubectl describe secret mysql-password
Name:         mysql-password
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
password:  6 bytes

➜  ~ kubectl describe secret mysql-password
Name:         mysql-password
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
password:  6 bytes
➜  ~ kubectl get secret mysql-password -o yaml
apiVersion: v1
data:
  password: MTIzNDU2
kind: Secret
metadata:
  creationTimestamp: "2020-05-24T17:30:53Z"
  name: mysql-password
  namespace: default
  resourceVersion: "9042"
  selfLink: /api/v1/namespaces/default/secrets/mysql-password
  uid: 683f6337-c5d0-4cc7-abef-85d6d0b322c1
type: Opaque

➜  ~ echo MTIzNDU2 | base64 -D
123456

volume

PersistentVolume

相关文章

网友评论

    本文标题:k8s存储之configmap学习

    本文链接:https://www.haomeiwen.com/subject/mledahtx.html

    延伸阅读

    深度阅读

    • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

    栏目导航

    热点阅读

    k8s原理

    关于我们|服务条款|联系我们|k8s存储之configmap学习|投稿指南|网站地图|RSS订阅|排版工具|手机版

    提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

    Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

    备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

    本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

    所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!