ConfigMap 将您的环境配置信息和 容器镜像 解耦,便于应用配置的修改。当您需要储存机密信息时可以使用 Secret 对象。
ConfigMap 和 Secret 同为配置管理中的传参内容,但是 ConfigMap 的数据为明文传输,而 Secret 的数据是 base64 加密以后的传参过程;
使用 ConfigMap 将配置数据和应用程序代码分开。
首先定义一个 configmap 类型配置信息,采用键值对,然后我们用 pod 根据 valueFrom.configMapKeyRef 字段引用 configmap 中定义的键值对。
k8s官方文档地址:https://kubernetes.io/zh/docs/concepts/configuration/configmap/
[root@master1 secret]# vim configmap1.yaml
[root@master1 secret]# cat configmap1.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfig
namespace: default
data:
special.level: info
special.type: hello
---
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: busybox
image: busybox
command: [ "/bin/sh", "-c", "echo $(LEVEL) $(TYPE)" ]
env:
- name: LEVEL
valueFrom:
configMapKeyRef:
name: myconfig
key: special.level
- name: TYPE
valueFrom:
configMapKeyRef:
name: myconfig
key: special.type
restartPolicy: Never
[root@master1 secret]# kubectl apply -f configmap1.yaml
configmap/myconfig created
pod/mypod created
[root@master1 secret]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mypod 0/1 Completed 0 20s
nginx-deployment-9cdc9bd5c-pzzst 1/1 Running 1 3d14h
secret-env-pod 1/1 Running 0 37m
web-nginx-dep2-66ccfd7fb7-z2x84 1/1 Running 1 8d
[root@master1 secret]# kubectl get cm
NAME DATA AGE
myconfig 2 7m30s
[root@master1 secret]# kubectl describe cm myconfig
Name: myconfig
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"special.level":"info","special.type":"hello"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"myconfig...
Data
====
special.level:
----
info
special.type:
----
hello
Events: <none>
# 通过查看日志得到我们定义的configmap配置管理信息
[root@master1 secret]# kubectl logs mypod
info hello通过 configmap 定义一个redis的配置文件;
[root@master1 secret]# vim configmap2.yaml
[root@master1 secret]# cat configmap2.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: redis-config
data:
redis.properties: |
redis.host=127.0.0.1
redis.port=6379
redis.password=123456
---
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: busybox
image: busybox
command: [ "/bin/sh","-c","cat /etc/config/redis.properties" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
configMap:
name: redis-config
restartPolicy: Never
[root@master1 secret]# kubectl apply -f configmap2.yaml
configmap/redis-config created
pod/mypod created
[root@master1 secret]# kubectl get cm
NAME DATA AGE
redis-config 1 7s
[root@master1 secret]# kubectl describe cm redis-config
Name: redis-config
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"redis.properties":"redis.host=127.0.0.1\nredis.port=6379\nredis.password=123456\n"},"kind":"ConfigMap","metada...
Data
====
redis.properties:
----
redis.host=127.0.0.1
redis.port=6379
redis.password=123456
Events: <none>
[root@master1 secret]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mypod 0/1 Completed 0 49s
nginx-deployment-9cdc9bd5c-pzzst 1/1 Running 1 3d15h
secret-env-pod 1/1 Running 0 48m
web-nginx-dep2-66ccfd7fb7-z2x84 1/1 Running 1 8d
[root@master1 secret]# kubectl logs mypod
redis.host=127.0.0.1
redis.port=6379
redis.password=123456