Kubernetes configmap 笔记
ConigMap
什么是ConfigMap
ConfigMap 采用 key-value 格式进行保存数据,一般用来保存非敏感数据,Pods可以将configmap作为环境变量、命令行参数或卷中的配置文件使用。ConfigMap 将特定环境的配置从容器中解耦。
创建ConfigMap
-
从目录创建
-
从文件创建
-
从envfile创建
-
从 literal values 创建
-
...
使用ConfigMap
-
以key-value为例
创建 ConfigMap
kubectl create configmap special-config --from-literal=special.how=very
[root@master01 ~]# kubectl create configmap special-config --from-literal=special.how=very
configmap/special-config created
[root@master01 ~]# kubectl get configmap
NAME DATA AGE
kube-root-ca.crt 1 42d
special-config 1 9s
[root@master01 ~]# kubectl describe configmap special-config
Name: special-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
special.how:
----
very
Events: <none>
** 创建Pod**
[root@master01 configmap]# cat configmap.yaml
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: busybox
command: [ "/bin/sh", "-c", "env" ]
env:
# Define the environment variable
- name: SPECIAL_LEVEL_KEY
valueFrom:
configMapKeyRef:
# The ConfigMap containing the value you want to assign to SPECIAL_LEVEL_KEY
name: special-config
# Specify the key associated with the value
key: special.how
restartPolicy: Never
查看pod信息
[root@master01 configmap]# kubectl describe po dapi-test-pod
Name: dapi-test-pod
Namespace: default
Priority: 0
Node: node01/192.168.44.13
Start Time: Tue, 06 Dec 2022 22:06:41 +0800
Labels: <none>
Annotations: <none>
Status: Succeeded
IP: 172.29.55.34
IPs:
IP: 172.29.55.34
Containers:
test-container:
Container ID: docker://341fdf9b58e1254265de902d6fd5e23be205fb66353e400174b7abd869afc2e7
Image: busybox
Image ID: docker-pullable://busybox@sha256:59f225fdf34f28a07d22343ee415ee417f6b8365cf4a0d3a2933cbd8fd7cf8c1
Port: <none>
Host Port: <none>
Command:
/bin/sh
-c
env
State: Terminated
Reason: Completed
Exit Code: 0
Started: Tue, 06 Dec 2022 22:07:01 +0800
Finished: Tue, 06 Dec 2022 22:07:01 +0800
Ready: False
Restart Count: 0
Environment:
SPECIAL_LEVEL_KEY: <set to the key 'special.how' of config map 'special-config'> Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-c7jnm (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-c7jnm:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-c7jnm
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 6m32s default-scheduler Successfully assigned default/dapi-test-pod to node01
Normal Pulling 6m31s kubelet Pulling image "busybox"
Normal Pulled 6m12s kubelet Successfully pulled image "busybox" in 18.272935062s
Normal Created 6m12s kubelet Created container test-container
Normal Started 6m12s kubelet Started container test-container
- 使用 yaml 创建 configmap
[root@master01 configmap]# cat config-mutikeys.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
[root@master01 configmap]# kubectl create -f config-mutikeys.yaml
[root@master01 configmap]# kubectl get configmap
NAME DATA AGE
kube-root-ca.crt 1 42d
special-config 3 19m
[root@master01 configmap]# kubectl describe configmap special-config
Name: special-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
SPECIAL_LEVEL:
----
very
SPECIAL_TYPE:
----
charm
Events: <none>
创建Pod
[root@master01 configmap]# cat muti-keys-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: config-map-demo
spec:
containers:
- name: test-config-map-1
image: busybox
command:
- sleep
- "3600"
envFrom:
- configMapRef:
name:
[root@master01 configmap]# cat muti-keys-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: config-map-demo
spec:
containers:
- name: test-config-map-1
image: busybox
command:
- sleep
- "3600"
envFrom:
- configMapRef:
name: special-config
[root@master01 configmap]# kubectl create -f muti-keys-demo.yaml
pod/config-map-demo created
[root@master01 configmap]# kubectl get po
NAME READY STATUS RESTARTS AGE
busybox 1/1 Terminating 8 33d
config-map-demo 1/1 Running 0 4s
nginx-deployment-5787596d54-42qfx 1/1 Running 0 50m
nginx-deployment-5787596d54-6ffh4 1/1 Terminating 3 28d
nginx-deployment-5787596d54-7m47n 1/1 Running 4 28d
nginx-deployment-5787596d54-cnjb8 1/1 Terminating 3 28d
nginx-deployment-5787596d54-d4lkw 1/1 Running 0 50m
[root@master01 configmap]# kubectl describe po config-map-demo
Name: config-map-demo
Namespace: default
Priority: 0
Node: node01/192.168.44.13
Start Time: Tue, 06 Dec 2022 22:38:37 +0800
Labels: <none>
Annotations: <none>
Status: Running
IP: 172.29.55.39
IPs:
IP: 172.29.55.39
Containers:
test-config-map-1:
Container ID: docker://d6c068ee4c3d771c0ce73f3be41fcb8abffe17f56b968974ed579af5b007edfc
Image: busybox
Image ID: docker-pullable://busybox@sha256:59f225fdf34f28a07d22343ee415ee417f6b8365cf4a0d3a2933cbd8fd7cf8c1
Port: <none>
Host Port: <none>
Command:
sleep
3600
State: Running
Started: Tue, 06 Dec 2022 22:38:40 +0800
Ready: True
Restart Count: 0
Environment Variables from:
special-config ConfigMap Optional: false
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-c7jnm (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-c7jnm:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-c7jnm
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 16s default-scheduler Successfully assigned default/config-map-demo to node01
Normal Pulling 15s kubelet Pulling image "busybox"
Normal Pulled 13s kubelet Successfully pulled image "busybox" in 1.951543384s
Normal Created 13s kubelet Created container test-config-map-1
Normal Started 13s kubelet Started container test-config-map-1
[root@master01 configmap]# kubectl exec -ti config-map-demo -- sh
/ # echo $SPECIAL_LEVEL
very
/ # echo $very
/ # echo $SPECIAL_TYPE
charm
用存储在ConfigMap中的数据填充卷
[root@master01 configmap]# cat configmap-volume.yaml
apiVersion: v1
kind: Pod
metadata:
name: test-container-pod
spec:
containers:
- name: test-container-1
image: busybox
command:
- sleep
- "3600"
volumeMounts:
- name: config-volume
mountPath: /etc/config #挂载到 /etc/config
volumes:
- name: config-volume
configMap:
name: special-config
[root@master01 configmap]# kubectl create -f configmap-volume.yaml
pod/test-container-pod created
[root@master01 configmap]# kubectl get po
NAME READY STATUS RESTARTS AGE
busybox 1/1 Terminating 8 33d
nginx-deployment-5787596d54-42qfx 1/1 Running 0 63m
nginx-deployment-5787596d54-6ffh4 1/1 Terminating 3 28d
nginx-deployment-5787596d54-7m47n 1/1 Running 4 28d
nginx-deployment-5787596d54-cnjb8 1/1 Terminating 3 28d
nginx-deployment-5787596d54-d4lkw 1/1 Running 0 63m
test-container-pod 1/1 Running 0 4s
[root@master01 configmap]# kubectl exec -ti test-container-pod -- sh
/ # ls
bin dev etc home proc root sys tmp usr var
/ # ls /etc/
config/ group hostname hosts localtime mtab network/ passwd resolv.conf shadow
/ # ls /etc/config/
SPECIAL_LEVEL SPECIAL_TYPE special.how
/ # ll /etc/config/
sh: ll: not found
/ # ls -al /etc/config/
total 0
drwxrwxrwx 3 root root 119 Dec 6 14:51 .
drwxr-xr-x 1 root root 20 Dec 6 14:51 ..
drwxr-xr-x 2 root root 66 Dec 6 14:51 ..2022_12_06_14_51_09.874549422
lrwxrwxrwx 1 root root 31 Dec 6 14:51 ..data -> ..2022_12_06_14_51_09.874549422
lrwxrwxrwx 1 root root 20 Dec 6 14:51 SPECIAL_LEVEL -> ..data/SPECIAL_LEVEL
lrwxrwxrwx 1 root root 19 Dec 6 14:51 SPECIAL_TYPE -> ..data/SPECIAL_TYPE
lrwxrwxrwx 1 root root 18 Dec 6 14:51 special.how -> ..data/special.how
If there are some files in the /etc/config/ directory, they will be deleted.
注意事项
-
在 Pod 规约中引用某个
ConfigMap之前,必须先创建这个对象, 或者在 Pod 规约中将 ConfigMap 标记为optional如果所引用的 ConfigMap 不存在,并且没有将应用标记为optional则 Pod 将无法启动。 -
如果你使用
envFrom来基于 ConfigMap 定义环境变量,那么无效的键将被忽略。 Pod 可以被启动,但无效名称将被记录在事件日志中(InvalidVariableNames)kubectl get events -
在 Pod 规约中将对 ConfigMap 的引用标记为 可选(optional)。 如果 ConfigMap 不存在,那么它在 Pod 中为其提供数据的配置(例如环境变量、挂载的卷)将为空。 如果 ConfigMap 存在,但引用的键不存在,那么数据也是空的
-
ConfigMap 如果是以 subPath 的形式挂载的,那么 Pod 是不会感知到ConfigMap 和Secret 的更新。
-
如果 Pod 的变量来自于 ConfigMap中定义的变量,那么 ConfigMap 更新后,也不会更新Pod中的变量
