内容简介:configMap 是一种快捷的修改容器内 变量的方式,由k-v组成,当修改configmap时 容器中的变量也会相应修改。查看帮助文档configmap 可以直接用命令创建也可以把value保存到文件中,此时文件名为key ,文件中的内容为value.
configMap 是一种快捷的修改容器内 变量的方式,由k-v组成,当修改configmap时 容器中的变量也会相应修改。
查看帮助文档
[root@node-1 ~]# kubectl explain pod.spec.containers.env.valueFrom.configMapKeyRef [root@node-1 ~]# kubectl explain configmap
configmap 可以直接用命令创建也可以把value保存到文件中,此时文件名为key ,文件中的内容为value.
直接用命令:
[root@node-1 ~]# kubectl create configmap --help kubectl create configmap nginx-nc --from-literal=nginx_port=80 --from-literal=nginx_server=erick.com 查看创建的cm [root@node-1 ~]# kubectl get cm NAME DATA AGE nginx-nc 2 60s [root@node-1 cm]# kubectl get cm nginx-nc -o yaml apiVersion: v1 data: nginx_port: "80" nginx_server: erick.com kind: ConfigMap metadata: creationTimestamp: "2019-06-20T22:34:44Z" name: nginx-nc namespace: default resourceVersion: "432545" selfLink: /api/v1/namespaces/default/configmaps/nginx-nc uid: 9a180b6e-93ab-11e9-b0ae-080027edb92f [root@node-1 cm]#
把value以文件的方式存放
[root@node-1 cm]# cat www.conf
server {
server_name myapp.com;
port 80;
root /data/web/html;
}
[root@node-1 cm]# kubectl create configmap nginx-cm-from-file --from-file=./www.conf
configmap/nginx-cm-from-file created
[root@node-1 cm]# kubectl get cm
NAME DATA AGE
nginx-cm-from-file 1 7s
nginx-nc 2 9m7s
[root@node-1 cm]# kubectl get cm nginx-cm-from-file -o yaml
apiVersion: v1
data:
www.conf: "server {\n\tserver_name myapp.com;\n\tport 80;\n\troot /data/web/html;\n\n}\n"
kind: ConfigMap
metadata:
creationTimestamp: "2019-06-20T22:43:44Z"
name: nginx-cm-from-file
namespace: default
resourceVersion: "433432"
selfLink: /api/v1/namespaces/default/configmaps/nginx-cm-from-file
uid: dbd2aa33-93ac-11e9-b0ae-080027edb92f
[root@node-1 cm]#
也可以用describe 看
[root@node-1 cm]# kubectl describe cm nginx-nc
Name: nginx-nc
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
nginx_port:
----
80
nginx_server:
----
erick.com
Events: <none>
[root@node-1 cm]# kubectl describe cm nginx-cm-from-file
Name: nginx-cm-from-file
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
www.conf:
----
server {
server_name myapp.com;
port 80;
root /data/web/html;
}
Events: <none>
可以看到用这种方式创建,key为文件名, key 为文件中的内容.
创建一个pod 关联刚刚创建的cm
[root@node-1 cm]# cat cm-1.yml
apiVersion: v1
kind: Pod
metadata:
name: myapp-cm-1
namespace: default
annotations:
erick: "by erick"
spec:
containers:
-
name: myapp-cm-1
image: ikubernetes/myapp:v1
ports:
-
name: http
containerPort: 80
env: -
name: nginx_port
valueFrom:
configMapKeyRef:
name: nginx-nc
key: nginx_port -
name: nginx_server
valueFrom:
configMapKeyRef:
name: nginx-nc
key: nginx_server
-
name: http
[root@node-1 cm]#
进入容器并查看环境变量
[root@node-1 cm]# kubectl get pod
NAME READY STATUS RESTARTS AGE
myapp-cm-1 1/1 Running 0 2m16s
[root@node-1 cm]# kubectl exec -it myapp-cm-1 -- /bin/sh
/ # env|grep nginx_port
nginx_port=80
/ # env|grep nginx_server
nginx_server=erick.com
/ #
我们把cm 的环境变量修改下
[root@node-1 cm]# kubectl edit configmap nginx-nc # Please edit the object below. Lines beginning with a '#' will be ignored, # and an empty file will abort the edit. If an error occurs while saving this file will be # reopened with the relevant failures. # apiVersion: v1 data: nginx_port: "8080" nginx_server: erick.com kind: ConfigMap metadata: creationTimestamp: "2019-06-20T22:34:44Z" name: nginx-nc namespace: default resourceVersion: "436267" selfLink: /api/v1/namespaces/default/configmaps/nginx-nc uid: 9a180b6e-93ab-11e9-b0ae-080027edb92f ~ 把port修改成8080 再次查看环境变量是否更改 [root@node-1 cm]# kubectl exec -it myapp-cm-1 -- /bin/sh / # env|grep nginx_port nginx_port=80 / #
结论: pod中的环境变量只会在第一次创建时生效,即使 重启pod也不会生效,后期修改不会生效。
2。基于存储卷的的 pod 引用环境变量。
apiVersion: v1
kind: Pod
metadata:
name: myappcmwww
namespace: default
annotations:
erick: "by erick"
spec:
containers:
-
name: myappcmwww
image: ikubernetes/myapp:v1
ports:-
name: http
containerPort: 80
volumeMounts: -
name: nginx-conf
mountPath: /etc/nginx/conf.d/
volumes:
-
name: http
-
name: nginx-conf
configMap:
name: nginx-cm-from-file
[root@node-1 cm]#
进入容器查看 环境变量
[root@node-1 cm]# kubectl exec -it myappcmwww -- /bin/sh
/ # cat /etc/nginx/conf.d/
..2019_06_22_09_11_04.278015527/ ..data/ www.conf
/ # cat /etc/nginx/conf.d/www.conf
server {
server_name myapp.com;
listen 80;
root /data/web/html;
}
/ #
修改configmap 的端口为8080
[root@node-1 ~]# kubectl edit cm nginx-cm-from-file
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
www.conf: "server {\n\tserver_name myapp.com;\n\tlisten 8080;\n\troot /data/web/html;\n\n}\n"
kind: ConfigMap
metadata:
creationTimestamp: "2019-06-20T22:43:44Z"
name: nginx-cm-from-file
namespace: default
resourceVersion: "494403"
selfLink: /api/v1/namespaces/default/configmaps/nginx-cm-from-file
uid: dbd2aa33-93ac-11e9-b0ae-080027edb92f
在容器内查看环境变量是否更改。
/ # cat /etc/nginx/conf.d/www.conf
server {
server_name myapp.com;
listen 8080;
root /data/web/html;
}
/ #
已经动态的发生了改变。
secret
secret 是用base64 进行编码的格式
[root@node-1 cm]# kubectl create secret --help [root@node-1 cm]# kubectl create secret --help Create a secret using specified subcommand. Available Commands: docker-registry Create a secret for use with a Docker registry ## 链接私有镜像时 generic Create a secret from a local file, directory or literal value ## 储存密码时 tls Create a TLS secret ## 放入证书时 Usage: kubectl create secret [flags] [options] Use "kubectl <command> --help" for more information about a given command. Use "kubectl options" for a list of global command-line options (applies to all commands). [root@node-1 cm]#
secrete 是 用bash64 加密的, 可以被反向解密。
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网
猜你喜欢:
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
