Kubernetes之儲存ConfigMap詳解
阿新 • • 發佈:2021-09-09
1.ConfigMap概述
ConfigMap 是一種 API 物件,用來將非機密性的資料儲存到健值對中。使用時可以用作環境變數、命令列引數或者儲存卷中的配置檔案。
ConfigMap 將環境配置資訊和容器映象解耦,便於應用配置的修改。當你需要儲存機密資訊時可以使用 Secret 物件。
備註:ConfigMap 並不提供保密或者加密功能。如果你想儲存的資料是機密的,請使用 Secret;或者使用其他第三方工具來保證資料的私密性,而不是用 ConfigMap。
2.ConfigMap建立方式
2.1通過目錄建立
1)配置檔案目錄
[root@k8s-master storage]# pwd/root/k8s_practice/storage [root@k8s-master storage]# ll /root/k8s_practice/storage/configmap # 配置檔案存在哪個目錄下 total 8 -rw-r--r-- 1 root root 159 Jun 7 14:52 game.properties -rw-r--r-- 1 root root 83 Jun 7 14:53 ui.properties [root@k8s-master storage]# [root@k8s-master storage]# cat configmap/game.properties # 涉及檔案1 enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAs secret.code.allowed=true secret.code.lives=30 [root@k8s-master storage]# [root@k8s-master storage]# cat configmap/ui.properties # 涉及檔案2 color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice
2)建立ConfigMap並檢視狀態
[root@k8s-master storage]# kubectl create configmap game-config --from-file=/root/k8s_practice/storage/configmap configmap/game-config created [root@k8s-master storage]# [root@k8s-master storage]# kubectl get configmap NAME DATA AGE game-config 2 14s
3)檢視ConfigMap有哪些資料
[root@k8s-master storage]# kubectl get configmap -o yaml #檢視方式1 apiVersion: v1 items: - apiVersion: v1 data: game.properties: |+ #本段最後有一行空格,+ 表示保留字串行末尾的換行 enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAs secret.code.allowed=true secret.code.lives=30 ui.properties: | color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice kind: ConfigMap metadata: creationTimestamp: "2021-09-09T02:36:35Z" name: game-config namespace: default resourceVersion: "889177" selfLink: /api/v1/namespaces/default/configmaps/game-config uid: 6952ac85-ded0-4c5e-89fd-b0c6f0546ecf kind: List metadata: resourceVersion: "" selfLink: "" [root@k8s-master storage]# kubectl describe configmap game-config #檢視方式2 Name: game-config Namespace: default Labels: <none> Annotations: <none> Data ==== game.properties: ---- enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAs secret.code.allowed=true secret.code.lives=30 ui.properties: ---- color.good=purple color.bad=yellow allow.textmode=true how.nice.to.look=fairlyNice Events: <none>
2.2通過檔案建立
1)配置檔案位置
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# cat /root/k8s_practice/storage/configmap/game.properties enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAs secret.code.allowed=true secret.code.lives=30
2)建立ConfigMap並檢視狀態
[root@k8s-master storage]# kubectl create configmap game-config-2 --from-file=/root/k8s_practice/storage/configmap/game.properties configmap/game-config-2 created [root@k8s-master storage]# [root@k8s-master storage]# kubectl get configmap game-config-2 NAME DATA AGE game-config-2 1 29s
3)檢視ConfigMap有哪些資料
[root@k8s-master storage]# kubectl get configmap game-config-2 -o yaml #檢視方式1 apiVersion: v1 data: game.properties: |+ ##### 本段最後有一行空格,+ 表示保留字串行末尾的換行 enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAs secret.code.allowed=true secret.code.lives=30 kind: ConfigMap metadata: creationTimestamp: "2020-06-07T07:05:47Z" name: game-config-2 namespace: default resourceVersion: "890437" selfLink: /api/v1/namespaces/default/configmaps/game-config-2 uid: 02d99802-c23f-45ad-b4e1-dea9bcb166d8 [root@k8s-master storage]# kubectl describe configmap game-config-2 # 檢視方式2 Name: game-config-2 Namespace: default Labels: <none> Annotations: <none> Data ==== game.properties: ---- enemies=aliens lives=3 enemies.cheat=true enemies.cheat.level=noGoodRotten secret.code.passphrase=UUDDLRLRBABAs secret.code.allowed=true secret.code.lives=30 Events: <none>
2.3通過命令列建立
1)建立ConfigMap並檢視狀態
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# kubectl create configmap special-config --from-literal=special.how=very --from-literal="special.type=charm" configmap/special-config created [root@k8s-master storage]# [root@k8s-master storage]# kubectl get configmap special-config NAME DATA AGE special-config 2 23s
2)檢視ConfigMap有哪些資料
[root@k8s-master storage]# kubectl get configmap special-config -o yaml ##### 檢視方式1 apiVersion: v1 data: special.how: very special.type: charm kind: ConfigMap metadata: creationTimestamp: "2021-09-09T02:43:15Z" name: special-config namespace: default resourceVersion: "912702" selfLink: /api/v1/namespaces/default/configmaps/special-config uid: 76698e78-1380-4826-b5ac-d9c81f746eac [root@k8s-master storage]# [root@k8s-master storage]# kubectl describe configmap special-config ##### 檢視方式2 Name: special-config Namespace: default Labels: <none> Annotations: <none> Data ==== special.how: ---- very special.type: ---- charm Events: <none>
2.4通過yaml檔案建立
1)yaml檔案
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# cat configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: configmap-demo data: # 類屬性鍵;每一個鍵都對映到一個簡單的值 player_initial_lives: "3" ui_properties_file_name: 'user-interface.properties' # 類檔案鍵 game.properties: | enemy.types=aliens,monsters player.maximum-lives=5 user-interface.properties: | color.good=purple color.bad=yellow allow.textmode=true
2)建立ConfigMap並檢視狀態
1 [root@k8s-master storage]# kubectl apply -f configmap.yaml 2 configmap/configmap-demo created 3 [root@k8s-master storage]# kubectl get configmap configmap-demo 4 NAME DATA AGE 5 configmap-demo 4 2m59s
3)檢視ConfigMap有哪些資料
[root@k8s-master storage]# kubectl get configmap configmap-demo -o yaml # 檢視方式1 apiVersion: v1 data: game.properties: | enemy.types=aliens,monsters player.maximum-lives=5 player_initial_lives: "3" ui_properties_file_name: user-interface.properties user-interface.properties: | color.good=purple color.bad=yellow allow.textmode=true kind: ConfigMap metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"v1","data":{"game.properties":"enemy.types=aliens,monsters\nplayer.maximum-lives=5\n","player_initial_lives":"3","ui_properties_file_name":"user-interface.properties","user-interface.properties":"color.good=purple\ncolor.bad=yellow\nallow.textmode=true\n"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"configmap-demo","namespace":"default"}} creationTimestamp: "2021-09-09T02:46:25Z" name: configmap-demo namespace: default resourceVersion: "931685" selfLink: /api/v1/namespaces/default/configmaps/configmap-demo uid: fdad7000-87bd-4b72-be98-40dd8fe6400a [root@k8s-master storage]# [root@k8s-master storage]# [root@k8s-master storage]# kubectl describe configmap configmap-demo # 檢視方式2 Name: configmap-demo Namespace: default Labels: <none> Annotations: kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"v1","data":{"game.properties":"enemy.types=aliens,monsters\nplayer.maximum-lives=5\n","player_initial_lives":"3","ui_proper... Data ==== game.properties: ---- enemy.types=aliens,monsters player.maximum-lives=5 player_initial_lives: ---- 3 ui_properties_file_name: ---- user-interface.properties user-interface.properties: ---- color.good=purple color.bad=yellow allow.textmode=true Events: <none>
3.Pod中使用ConfigMap
如何在Pod中使用上述的ConfigMap資訊。
3.1當前存在的ConfigMap
[root@k8s-master storage]# kubectl get configmap NAME DATA AGE configmap-demo 4 30m game-config 2 5h9m game-config-2 1 5h1m special-config 2 5m48s
3.2使用ConfigMap來替代環境變數
1)yaml檔案
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# cat pod_configmap_env.yaml apiVersion: v1 kind: Pod metadata: name: pod-configmap-env spec: containers: - name: myapp image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1 command: ["/bin/sh", "-c", "env"] #引用方式1 env: - name: SPECAIL_HOW_KEY valueFrom: configMapKeyRef: name: special-config # 這個name的值來自 ConfigMap key: special.how # 這個key的值為需要取值的鍵 - name: SPECAIL_TPYE_KEY valueFrom: configMapKeyRef: name: special-config key: special.type #引用方式2 envFrom: - configMapRef: name: game-config-2 # 這個name的值來自 ConfigMap restartPolicy: Never
2)啟動pod並檢視狀態
[root@k8s-master storage]# kubectl apply -f pod_configmap_env.yaml pod/pod-configmap-env created [root@k8s-master storage]# [root@k8s-master storage]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod-configmap-env 0/1 Completed 0 6s 10.244.2.147 k8s-node02 <none> <none>
3)檢視列印日誌
[root@k8s-master storage]# kubectl logs pod-configmap-env MYAPP_SVC_PORT_80_TCP_ADDR=10.98.57.156 KUBERNETES_SERVICE_PORT=443 KUBERNETES_PORT=tcp://10.96.0.1:443 MYAPP_SVC_PORT_80_TCP_PORT=80 HOSTNAME=pod-configmap-env SHLVL=1 MYAPP_SVC_PORT_80_TCP_PROTO=tcp HOME=/root SPECAIL_HOW_KEY=very ### 來自ConfigMap game.properties=enemies=aliens ### 來自ConfigMap lives=3 ### 來自ConfigMap enemies.cheat=true ### 來自ConfigMap enemies.cheat.level=noGoodRotten ### 來自ConfigMap secret.code.passphrase=UUDDLRLRBABAs ### 來自ConfigMap secret.code.allowed=true ### 來自ConfigMap secret.code.lives=30 ### 來自ConfigMap SPECAIL_TPYE_KEY=charm ### 來自ConfigMap MYAPP_SVC_PORT_80_TCP=tcp://10.98.57.156:80 NGINX_VERSION=1.12.2 KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin KUBERNETES_PORT_443_TCP_PORT=443 KUBERNETES_PORT_443_TCP_PROTO=tcp MYAPP_SVC_SERVICE_HOST=10.98.57.156 KUBERNETES_SERVICE_PORT_HTTPS=443 KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443 PWD=/ KUBERNETES_SERVICE_HOST=10.96.0.1 MYAPP_SVC_SERVICE_PORT=80 MYAPP_SVC_PORT=tcp://10.98.57.156:80
3.3使用ConfigMap設定命令列引數
1)yaml檔案
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# cat pod_configmap_cmd.yaml apiVersion: v1 kind: Pod metadata: name: pod-configmap-cmd spec: containers: - name: myapp image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1 command: ["/bin/sh", "-c", "echo \"===$(SPECAIL_HOW_KEY)===$(SPECAIL_TPYE_KEY)===\""] env: - name: SPECAIL_HOW_KEY valueFrom: configMapKeyRef: name: special-config key: special.how - name: SPECAIL_TPYE_KEY valueFrom: configMapKeyRef: name: special-config key: special.type restartPolicy: Never
2)啟動pod並檢視狀態
[root@k8s-master storage]# kubectl apply -f pod_configmap_cmd.yaml pod/pod-configmap-cmd created [root@k8s-master storage]# [root@k8s-master storage]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod-configmap-cmd 0/1 Completed 0 5s 10.244.4.125 k8s-node01 <none> <none>
3)檢視列印日誌
[root@k8s-master storage]# kubectl logs pod-configmap-cmd
===very===charm===
3.4通過資料卷外掛使用ConfigMap【推薦】
在資料卷裡面使用ConfigMap,最基本的就是將檔案填入資料卷,在這個檔案中,鍵就是檔名【第一層級的鍵】,鍵值就是檔案內容。
1)yaml檔案
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# cat pod_configmap_volume.yaml apiVersion: v1 kind: Pod metadata: name: pod-configmap-volume spec: containers: - name: myapp image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1 #command: ["/bin/sh", "-c", "ls -l /etc/config/"] command: ["/bin/sh", "-c", "sleep 600"] volumeMounts: - name: config-volume mountPath: /etc/config volumes: - name: config-volume configMap: name: configmap-demo restartPolicy: Never
2)啟動pod並檢視狀態
[root@k8s-master storage]# kubectl apply -f pod_configmap_volume.yaml pod/pod-configmap-volume created [root@k8s-master storage]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod-configmap-volume 1/1 Running 0 5s 10.244.2.153 k8s-node02 <none> <none>
3)進入pod並檢視
[root@k8s-master storage]# kubectl exec -it pod-configmap-volume sh kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead. / # ls /etc/config game.properties player_initial_lives ui_properties_file_name user-interface.properties / # / # cat /etc/config/player_initial_lives 3/ # / # cat /etc/config/ui_properties_file_name user-interface.properties/ # / # / # cat /etc/config/game.properties enemy.types=aliens,monsters player.maximum-lives=5 / # / # cat /etc/config/user-interface.properties color.good=purple color.bad=yellow allow.textmode=true / #
4.ConfigMap熱更新
4.1準備工作
1)yaml檔案
[root@k8s-master storage]# pwd /root/k8s_practice/storage [root@k8s-master storage]# cat pod_configmap_hot.yaml apiVersion: v1 kind: ConfigMap metadata: name: log-config namespace: default data: log_level: INFO --- apiVersion: apps/v1 kind: Deployment metadata: name: myapp-deploy namespace: default spec: replicas: 2 selector: matchLabels: app: myapp release: v1 template: metadata: labels: app: myapp release: v1 env: test spec: containers: - name: myapp image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1 imagePullPolicy: IfNotPresent ports: - containerPort: 80 volumeMounts: - name: config-volume mountPath: /etc/config volumes: - name: config-volume configMap: name: log-config
2)應用yaml檔案並檢視狀態
[root@k8s-master storage]# kubectl apply -f pod_configmap_hot.yaml configmap/log-config created deployment.apps/myapp-deploy created [root@k8s-master storage]# kubectl get configmap log-config NAME DATA AGE log-config 1 6s [root@k8s-master storage]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES myapp-deploy-6f754c5944-dt426 1/1 Running 0 12s 10.244.2.9 k8s-node2 <none> <none> myapp-deploy-6f754c5944-tsqg7 1/1 Running 0 12s 10.244.1.13 k8s-node1 <none> <none>
3)檢視ConfigMap資訊
[root@k8s-master storage]# kubectl get configmap log-config -o yaml apiVersion: v1 data: log_level: INFO kind: ConfigMap metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"v1","data":{"log_level":"INFO"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"log-config","namespace":"default"}} creationTimestamp: "2021-09-09T03:07:17Z" managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: .: {} f:log_level: {} f:metadata: f:annotations: .: {} f:kubectl.kubernetes.io/last-applied-configuration: {} manager: kubectl-client-side-apply operation: Update time: "2021-09-09T03:07:17Z" name: log-config namespace: default resourceVersion: "434678" selfLink: /api/v1/namespaces/default/configmaps/log-config uid: 8573121e-2f63-45a7-ae15-511296b8022e
4)檢視pod中的ConfigMap資訊
[root@k8s-master storage]# kubectl exec -it myapp-deploy-6f754c5944-dt426 -- cat /etc/config/log_level INFO
4.2熱更新
1)修改ConfigMap
[root@k8s-master storage]# kubectl edit configmap log-config # 將 INFO 改為了 DEBUG # Please edit the object below. Lines beginning with a '#' will be ignored, # and an empty file will abort the edit. If an error occurs while saving this file will be # reopened with the relevant failures. # apiVersion: v1 data: log_level: DEBUG kind: ConfigMap metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"v1","data":{"log_level":"DEBUG"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"log-config","namespace":"default"}} creationTimestamp: "2021-09-09T03:07:17Z" name: log-config namespace: default resourceVersion: "971348" selfLink: /api/v1/namespaces/default/configmaps/log-config uid: 7e78e1d7-12de-4601-9915-cefbc96ca305
2)檢視ConfigMap資訊
[root@k8s-master storage]# kubectl get configmap log-config -o yaml apiVersion: v1 data: log_level: DEBUG kind: ConfigMap metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"v1","data":{"log_level":"DEBUG"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"log-config","namespace":"default"}} creationTimestamp: "2020-06-07T16:08:11Z" name: log-config namespace: default resourceVersion: "972893" selfLink: /api/v1/namespaces/default/configmaps/log-config uid: 7e78e1d7-12de-4601-9915-cefbc96ca305
稍後10秒左右,再次檢視pod中的ConfigMap資訊
[root@k8s-master storage]# kubectl exec -it myapp-deploy-6f754c5944-dt426 -- cat /etc/config/log_level DEBUG
由此可見,完成了一次熱更新
作者:傑巨集唯一 出處:http://www.cnblogs.com/wuxinchun/ 本文版權歸作者和部落格園共有,歡迎轉載,但未經作者同意必須保留此段宣告,且在文章頁面明顯位置給出原文連線,否則保留追究法律責任的權利.