k8s之Secret

  一、密钥配置,简单一点就是重要的密钥管理。

  、阿里云(其他docker仓库也适用)的密钥管理

  1)登录自己的docker仓库

docker login --username=<email> registry.cn-chengdu.aliyuncs.com

  2)获取密钥并转成base64

cat ~/.docker/config.json | base64

  

   3)编写Secret

apiVersion: v1
kind: Secret
metadata:
  name: aliyun-secret
  namespace: default
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJ...

  三、镜像拉取配置

apiVersion: apps/v1
kind: Deployment
metadata:
  name: xbd-nacos
spec:
  replicas: 2
  selector:
    matchLabels:
      app: xbd-nacos
  template:
    metadata:
      labels:
        app: xbd-nacos
    spec:
      containers:
        - name: xbd-nacos
          image: registry.cn-chengdu.aliyuncs.com/xbd/xbd-nacos:1.0
          imagePullPolicy: IfNotPresent
          env:
            - name: MODE
              value: standalone
            - name: SPRING_DATASOURCE_PLATFORM
              value: mysql
            - name: MYSQL_SERVICE_HOST
              value: xbd-mysql
            - name: MYSQL_SERVICE_PORT
              value: "3306"
            - name: MYSQL_SERVICE_DB_NAME
              value: xbd_nacos
            - name: MYSQL_SERVICE_USER
              value: root
            - name: MYSQL_SERVICE_PASSWORD
              value: root
            - name: MYSQL_SERVICE_DB_PARAM
              value: characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=GMT%2B8&allowMultiQueries=true&allowPublicKeyRetrieval=true
      imagePullSecrets:
        - name: aliyun-secret
apiVersion: v1
kind: Service
metadata:
  name: xbd-nacos
spec:
  ports:
    - port: 8848
      targetPort: 8848
  selector:
    app: xbd-nacos
  type: ClusterIP

 

posted @ 2022-09-27 16:46  小不点丶  阅读(245)  评论(0编辑  收藏  举报