每天一点基础K8S--K8S中的configmap
ConfigMap
1、背景
为了将配置数据和代码解耦,可以将变化的配置文件单独保存为configmap,而不用每次都修改代码。
ConfigMap 是一种 API 对象,用来将非机密性的数据保存到键值对中。使用时, Pods 可以将其用作环境变量、命令行参数或者存储卷中的配置文件。
ConfigMap 将你的环境配置信息和 容器镜像 解耦,便于应用配置的修改。
ConfigMap 的名字必须是一个合法的 DNS 子域名
2、configMap的实际使用场景
1、将配置信息和镜像解耦,以便实现镜像的可移植性和可复用;
2、在微服务场景下,可能存在多个服务公用配置文件的情况。此时可以通过configMap实现配置共享。
3、configMap配置文件的创建
# 1、通过yaml文件创建
[root@master-worker-node-1 configmap]# cat configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: test-configmap
immutable: true # 不可被修改
data:
VERSION: v1.1.0
password: 1qaz@WSX
# 2、通过文件创建
[root@master-worker-node-1 configmap]# cat version.txt
v2.2.0
[root@master-worker-node-1 configmap]# kubectl create configmap version-configmap --from-file=./version.txt
configmap/version-configmap created
[root@master-worker-node-1 configmap]# kubectl create configmap mysql-password --from-literal=PASS=123456
configmap/mysql-password created
# 3、通过命令行创建
[root@master-worker-node-1 configmap]# kubectl create configmap mysql-password --from-literal=PASS=123456
configmap/mysql-password created
# 4、将目录制作为configmap
[root@master-worker-node-1 configmap]# tree ./test-dir/
./test-dir/
├── version-3
└── version-4
0 directories, 2 files
[root@master-worker-node-1 configmap]# kubectl create configmap test-dir --from-file=./test-dir/
configmap/test-dir created
[root@master-worker-node-1 configmap]# kubectl apply -f configmap.yaml
configmap/test-configmap created
# 查看configmap
[root@master-worker-node-1 configmap]# kubectl get configmap
NAME DATA AGE
kube-root-ca.crt 1 32d
test-configmap 2 21h
version-configmap 1 82s
[root@master-worker-node-1 configmap]#
# [root@master-worker-node-1 configmap]# kubectl describe configmap test-configmap
Name: test-configmap
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
VERSION:
----
v1.1.0
password:
----
1qaz@WSX
BinaryData
====
Events: <none>
[root@master-worker-node-1 configmap]# kubectl describe configmap version-configmap
Name: version-configmap
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
version.txt:
----
v2.2.0
4、ConfigMap的使用
可以使用四种方式来使用 ConfigMap 配置 Pod 中的容器:
1. 在容器命令和参数内
2. 容器的环境变量
3. 在只读卷里面添加一个文件,让应用来读取
4. 编写代码在 Pod 中运行,使用 Kubernetes API 来读取 ConfigMap
4.1 使用env.valueFrom.configMapKeyRef通过环境变量引入
[root@master-worker-node-1 configmap]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
env:
- name: version # pod内,env的名称
valueFrom:
configMapKeyRef:
name: test-configmap # configmap的name
key: VERSION # configmap对应的key
- name: pass
valueFrom:
configMapKeyRef:
name: test-configmap
key: password
# 创建pod
[root@master-worker-node-1 configmap]# kubectl apply -f pod.yaml
pod/nginx created
# 查看pod的env情况
[root@master-worker-node-1 configmap]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nfs-provisioner-9f9fc45fd-l4f6l 1/1 Running 2 (2d20h ago) 3d20h
nginx 1/1 Running 0 3s
[root@master-worker-node-1 configmap]# kubectl exec -it nginx -- env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=nginx
NGINX_VERSION=1.23.2
NJS_VERSION=0.7.7
PKG_RELEASE=1~bullseye
version=v1.1.0
pass=1qaz@WSX
4.2 使用 envFrom.configMapRef 通过环境变量引入
[root@master-worker-node-1 configmap]# cat pod-2.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-2
spec:
containers:
- name: nginx-2
image: nginx
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: test-configmap
# 创建
[root@master-worker-node-1 configmap]# kubectl apply -f pod-2.yaml
pod/nginx-2 created
[root@master-worker-node-1 configmap]# kubectl get pods -o wide nginx-2
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-2 1/1 Running 0 53s 10.244.54.15 only-worker-node-4 <none> <none>
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-2 -- env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=nginx-2
NGINX_VERSION=1.23.2
NJS_VERSION=0.7.7
PKG_RELEASE=1~bullseye
VERSION=v1.1.0
password=1qaz@WSX
4.3 将configmap做成volume,挂载到pod中使用
[root@master-worker-node-1 configmap]# cat pod-3.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-3
spec:
containers:
- name: nginx-3
image: nginx
imagePullPolicy: IfNotPresent
volumeMounts:
- name: test-volume-configmap
mountPath: /mnt
readOnly: true
volumes:
- name: test-volume-configmap
configMap:
name: test-version
[root@master-worker-node-1 configmap]# kubectl apply -f pod-3.yaml
pod/nginx-3 created
[root@master-worker-node-1 configmap]# kubectl get pods -o wide nginx-3
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-3 1/1 Running 0 65s 10.244.31.35 only-worker-node-3 <none> <none>
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- ls -l /mnt
total 0
lrwxrwxrwx. 1 root root 14 Dec 27 12:46 version -> ..data/version
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- sh
# ls -l /mnt
total 0
lrwxrwxrwx. 1 root root 14 Dec 27 12:46 version -> ..data/version
# cat /mnt/version
v2.2.0
5、configMap在线更新
[root@master-worker-node-1 configmap]# kubectl patch configmaps test-version -p '{"data":{"version":"v22.22.22"}}'
configmap/test-version patched
[root@master-worker-node-1 configmap]# kubectl patch configmaps test-version -p '{"data":{"version":"v22.22.22"}}'
configmap/test-version patched
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
v2.2.0
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
v2.2.0
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
v2.2.0
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
v2.2.0
[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
v22.22.22[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
v22.22.22[root@master-worker-node-1 configmap]# kubectl exec -it nginx-3 -- cat /mnt/version
# 等待一段时间后,configmap完成自动更新。具体等待多久,与缓存有关。
6、小结
1、configmap是以明文的形式将配置信息给pod内使用的办法。它的大小有限,不能超过1Mi
2、可以将文件、目录等多种形式做成configmap,并且通过env或者volume的形式供pod内使用。
3、configmap可以在线更新,但是需要一定时间间隔
