k8s之Secret
一、密钥配置,简单一点就是重要的密钥管理。
二、阿里云(其他docker仓库也适用)的密钥管理
1)登录自己的docker仓库
docker login --username=<email> registry.cn-chengdu.aliyuncs.com
2)获取密钥并转成base64
cat ~/.docker/config.json | base64
3)编写Secret
apiVersion: v1 kind: Secret metadata: name: aliyun-secret namespace: default type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: ewoJImF1dGhzIjogewoJ...
三、镜像拉取配置
apiVersion: apps/v1 kind: Deployment metadata: name: xbd-nacos spec: replicas: 2 selector: matchLabels: app: xbd-nacos template: metadata: labels: app: xbd-nacos spec: containers: - name: xbd-nacos image: registry.cn-chengdu.aliyuncs.com/xbd/xbd-nacos:1.0 imagePullPolicy: IfNotPresent env: - name: MODE value: standalone - name: SPRING_DATASOURCE_PLATFORM value: mysql - name: MYSQL_SERVICE_HOST value: xbd-mysql - name: MYSQL_SERVICE_PORT value: "3306" - name: MYSQL_SERVICE_DB_NAME value: xbd_nacos - name: MYSQL_SERVICE_USER value: root - name: MYSQL_SERVICE_PASSWORD value: root - name: MYSQL_SERVICE_DB_PARAM value: characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=GMT%2B8&allowMultiQueries=true&allowPublicKeyRetrieval=true imagePullSecrets: - name: aliyun-secret
apiVersion: v1 kind: Service metadata: name: xbd-nacos spec: ports: - port: 8848 targetPort: 8848 selector: app: xbd-nacos type: ClusterIP