kubernetes配置管理中的ConfigMap

ConfigMap 是一种 API 对象,用来将非机密性的数据保存到健值对中。使用时可以用作环境变量、命令行参数或者存储卷中的配置文件。

ConfigMap 将您的环境配置信息和 容器镜像 解耦,便于应用配置的修改。当您需要储存机密信息时可以使用 Secret 对象。

ConfigMap 和 Secret 同为配置管理中的传参内容,但是 ConfigMap 的数据为明文传输,而 Secret 的数据是 base64 加密以后的传参过程;

使用 ConfigMap 将配置数据和应用程序代码分开。

首先定义一个 configmap 类型配置信息,采用键值对,然后我们用 pod 根据 valueFrom.configMapKeyRef 字段引用 configmap 中定义的键值对。

k8s官方文档地址:https://kubernetes.io/zh/docs/concepts/configuration/configmap/

[root@master1 secret]# vim configmap1.yaml
[root@master1 secret]# cat configmap1.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: myconfig
  namespace: default
data:
  special.level: info
  special.type: hello

---

apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: busybox
      image: busybox
      command: [ "/bin/sh", "-c", "echo $(LEVEL) $(TYPE)" ]
      env:
        - name: LEVEL
          valueFrom:
            configMapKeyRef:
              name: myconfig
              key: special.level
        - name: TYPE
          valueFrom:
            configMapKeyRef:
              name: myconfig
              key: special.type
  restartPolicy: Never
[root@master1 secret]# kubectl apply -f configmap1.yaml 
configmap/myconfig created
pod/mypod created
[root@master1 secret]# kubectl get pods
NAME                               READY   STATUS      RESTARTS   AGE
mypod                              0/1     Completed   0          20s
nginx-deployment-9cdc9bd5c-pzzst   1/1     Running     1          3d14h
secret-env-pod                     1/1     Running     0          37m
web-nginx-dep2-66ccfd7fb7-z2x84    1/1     Running     1          8d
[root@master1 secret]# kubectl get cm
NAME       DATA   AGE
myconfig   2      7m30s
[root@master1 secret]# kubectl describe cm myconfig
Name:         myconfig
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"v1","data":{"special.level":"info","special.type":"hello"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"myconfig...

Data
====
special.level:
----
info
special.type:
----
hello
Events:  <none>
# 通过查看日志得到我们定义的configmap配置管理信息
[root@master1 secret]# kubectl logs mypod
info hello

通过 configmap 定义一个redis的配置文件;

[root@master1 secret]# vim configmap2.yaml 
[root@master1 secret]# cat configmap2.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: redis-config
data:
  redis.properties: |
    redis.host=127.0.0.1
    redis.port=6379
    redis.password=123456

---

apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: busybox
      image: busybox
      command: [ "/bin/sh","-c","cat /etc/config/redis.properties" ]
      volumeMounts:
      - name: config-volume
        mountPath: /etc/config
  volumes:
    - name: config-volume
      configMap:
        name: redis-config
  restartPolicy: Never
[root@master1 secret]# kubectl apply -f configmap2.yaml 
configmap/redis-config created
pod/mypod created
[root@master1 secret]# kubectl get cm
NAME           DATA   AGE
redis-config   1      7s
[root@master1 secret]# kubectl describe  cm redis-config
Name:         redis-config
Namespace:    default
Labels:       <none>
Annotations:  kubectl.kubernetes.io/last-applied-configuration:
                {"apiVersion":"v1","data":{"redis.properties":"redis.host=127.0.0.1\nredis.port=6379\nredis.password=123456\n"},"kind":"ConfigMap","metada...

Data
====
redis.properties:
----
redis.host=127.0.0.1
redis.port=6379
redis.password=123456

Events:  <none>

[root@master1 secret]# kubectl get pods 
NAME                               READY   STATUS      RESTARTS   AGE
mypod                              0/1     Completed   0          49s
nginx-deployment-9cdc9bd5c-pzzst   1/1     Running     1          3d15h
secret-env-pod                     1/1     Running     0          48m
web-nginx-dep2-66ccfd7fb7-z2x84    1/1     Running     1          8d
[root@master1 secret]# kubectl logs mypod
redis.host=127.0.0.1
redis.port=6379
redis.password=123456

kubernetes配置管理中的ConfigMap

上一篇:kubernetes中常用的存储卷


下一篇:Kubernetes 二进制部署