K8s configmap配置管理
K8S ConfigMap介绍:
一、ConfigMap的作用
configmap和secret是两种特殊的存储卷,它们不是给pod提供存储空间用的,而是给管理员或者用户提供了从外部向pod内部注入信息的方式.
configmap:把配置文件放在配置中心上,然后多个pod读取配置中心的配置文件,不过,configmap中的配置信息都是明文的,所以不安全;
secret:功能和configmap一样,只不过配置中心存储的配置文件不是明文的.configmap和secret也是专属于某个名称空间的.
1.Configmap用于保存配置数据,以键值对形式存储。
2.configMap 资源提供了向 Pod 注入配置数据的方法。
3.旨在让镜像和配置文件解耦,以便实现镜像的可移植性和可复用性。
二、创建ConfigMap的方式有4种:
1.通过key-value字符串创建
2.使用文件创建
3.使用目录创建
4.编写configmap的yaml文件创建
2.1、通过key-value字符串的方式创建
#创建configmap其中cm1是名字,key1是键,config1是值 [root@k8s-master ~]# kubectl create configmap cm1 --from-literal=key1=config1 --from-literal=key2=config2 configmap/cm1 created [root@k8s-master ~]# kubectl get cm NAME DATA AGE cm1 2 5s [root@k8s-master ~]# [root@k8s-master ~]# kubectl get cm cm1 NAME DATA AGE cm1 2 13s [root@k8s-master ~]# kubectl describe cm cm1 Name: cm1 Namespace: default Labels: <none> Annotations: <none> Data ==== key1: ---- config1 key2: ---- config2 Events: <none> [root@k8s-master ~]# #cm1配置以yaml文件方式输出 [root@k8s-master ~]# kubectl get cm cm1 -o yaml apiVersion: v1 data: key1: config1 key2: config2 kind: ConfigMap metadata: creationTimestamp: "2021-01-02T09:26:34Z" name: cm1 namespace: default resourceVersion: "160052" selfLink: /api/v1/namespaces/default/configmaps/cm1 uid: 0ad32521-f0c5-4490-a0e9-34bb0ff59f9c [root@k8s-master ~]#
2.2、文件创建是通过--from-file参数来设定,key的名称是文件名称,value的值是文件的内容.
[root@k8s-master ~]# kubectl create configmap cm2 --from-file=/etc/resolv.conf configmap/cm2 created [root@k8s-master ~]# kubectl get cm cm2 NAME DATA AGE cm2 1 6s [root@k8s-master ~]# kubectl describe cm cm2 Name: cm2 Namespace: default Labels: <none> Annotations: <none> Data ==== resolv.conf: ---- # Generated by NetworkManager nameserver 192.168.10.2 Events: <none> [root@k8s-master ~]# 其中,--from-file可以使用多次,比如: # kubectl create configmap cm2 --from-file=file1 --from-file=file2
2.3、使用目录创建configmap,也是通过--from-file参数来设定。
# 目录中的文件名为key,文件内容是value # kubectl create configmap cm3 --from-file=/path
2.4、通过编写configmap的yaml/json文件创建(推荐)
[root@k8s-master ~]# cat cm4.yaml apiVersion: v1 kind: ConfigMap metadata: name: cm4 data: host_name: "k8s-master" host_port: "22" host_ip: "192.168.10.10" [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f cm4.yaml configmap/cm4 created [root@k8s-master ~]# kubectl get cm cm4 NAME DATA AGE cm4 3 12s [root@k8s-master ~]# [root@k8s-master ~]# kubectl get cm cm4 -o yaml apiVersion: v1 data: host_ip: 192.168.10.10 host_name: k8s-master host_port: "22" kind: ConfigMap metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"v1","data":{"host_ip":"192.168.10.10","host_name":"k8s-master","host_port":"22"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"cm4","namespace":"default"}} creationTimestamp: "2021-01-02T09:54:22Z" name: cm4 namespace: default resourceVersion: "162402" selfLink: /api/v1/namespaces/default/configmaps/cm4 uid: 85e48e8a-e3fb-4821-ade8-658882709277 [root@k8s-master ~]#
2.5 编写cm文件的推荐方式:
# cat mongo-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: mongo-config labels: app: mongo-config data: mongod.conf: | storage: dbPath: /data/db journal: enabled: true systemLog: destination: file logAppend: true path: /var/log/mongodb/mongod.log net: port: 27017 bindIp: 0.0.0.0 processManagement: timeZoneInfo: /usr/share/zoneinfo
三、如何使用configmap
1.通过环境变量的方式直接传递给pod
2.通过在pod的命令行下运行的方式
3.作为volume的方式挂载到pod内
3.1 使用configmap设置环境变量
方式1:通过引用cm4中的变量方式,供pod使用.
# configMap 定义的cm4文件 [root@k8s-master ~]# cat cm4.yaml apiVersion: v1 kind: ConfigMap metadata: name: cm4 data: host_name: "k8s-master" host_port: "22" host_ip: "192.168.10.10" #pod引用cm4中的变量 [root@k8s-master ~]# cat pod.yaml apiVersion: v1 kind: Pod metadata: name: cm-pod spec: containers: - name: busy-pod image: busybox command: ["/bin/sh","-c","env"] env: - name: key1 #定义的key值 valueFrom: configMapKeyRef: name: cm4 #configmap文件名称 key: host_ip #value的值 - name: key2 valueFrom: configMapKeyRef: name: cm4 key: host_name - name: key3 valueFrom: configMapKeyRef: name: cm4 key: host_port restartPolicy: Never [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f pod.yaml pod/cm-pod created [root@k8s-master ~]# kubectl get pod cm-pod NAME READY STATUS RESTARTS AGE cm-pod 0/1 Completed 0 98s [root@k8s-master ~]# kubectl logs cm-pod KUBERNETES_SERVICE_PORT=443 KUBERNETES_PORT=tcp://10.1.0.1:443 HOSTNAME=cm-pod SHLVL=1 key1=192.168.10.10 key2=k8s-master key3=22 ...只列出部分变量 [root@k8s-master ~]#
方式2:直接导入cm4中的变量
[root@k8s-master ~]# cat pod.yaml apiVersion: v1 kind: Pod metadata: name: cm4-pod spec: containers: - name: busy-pod image: busybox command: ["/bin/sh","-c","env"] envFrom: - configMapRef: name: cm4 restartPolicy: Never [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f pod.yaml pod/cm4-pod created [root@k8s-master ~]# kubectl get pod cm4-pod NAME READY STATUS RESTARTS AGE cm4-pod 0/1 Completed 0 27s [root@k8s-master ~]# kubectl logs cm4-pod KUBERNETES_SERVICE_PORT=443 KUBERNETES_PORT=tcp://10.1.0.1:443 HOSTNAME=cm4-pod host_ip=192.168.10.10 host_port=22 HOME=/root host_name=k8s-master ... KUBERNETES_SERVICE_HOST=10.1.0.1 [root@k8s-master ~]#
3.2 使用configmap设置命令行参数,通过在pod的命令行下运行的方式.
[root@k8s-master ~]# cat pod.yaml apiVersion: v1 kind: Pod metadata: name: test-pod spec: containers: - name: pod1 image: busybox command: ["/bin/sh","-c","echo $(host_ip) $(host_port) $(host_name)"] //命令行参数 envFrom: - configMapRef: name: cm4 restartPolicy: Never [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f pod.yaml pod/test-pod created [root@k8s-master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE test-pod 0/1 Completed 0 3s [root@k8s-master ~]# kubectl logs test-pod 192.168.10.10 22 k8s-master [root@k8s-master ~]#
3.3 将数据卷cm4以volume的方式挂载到pod内.
# configMap中定义的cm4文件 [root@k8s-master ~]# cat cm4.yaml apiVersion: v1 kind: ConfigMap metadata: name: cm4 data: host_name: "k8s-master" host_port: "22" host_ip: "192.168.10.10" [root@k8s-master ~]# #pod挂载cm4文件 [root@k8s-master ~]# cat pod.yaml apiVersion: v1 kind: Pod metadata: name: v-pod spec: containers: - name: pod1 image: busybox:latest command: - sleep - "3600" imagePullPolicy: IfNotPresent volumeMounts: - name: config-volume mountPath: /config #挂载到容器的这个目录中 volumes: - name: config-volume #定义的卷名,和volumeMounts中的name要一直. configMap: name: cm4 #挂载的configMap文件名称 restartPolicy: Never [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f pod.yaml pod/v-pod created [root@k8s-master ~]# kubectl get pod v-pod NAME READY STATUS RESTARTS AGE v-pod 1/1 Running 0 6s [root@k8s-master ~]# kubectl exec -it v-pod -- sh / # cd /config/ /config # ls -ltr total 0 lrwxrwxrwx 1 root root 16 Jan 4 14:07 host_port -> ..data/host_port lrwxrwxrwx 1 root root 16 Jan 4 14:07 host_name -> ..data/host_name lrwxrwxrwx 1 root root 14 Jan 4 14:07 host_ip -> ..data/host_ip /config # cat host_port 22 /config # cat host_ip 192.168.10.10 /config # # cm4里面的key是挂载在pod 的/config目录下的文件名 文件内容value值 如:host_ip: "192.168.10.10"