问题描述
我可以在lifecycl.postStart.exe.command中使用环境变量吗?我有一个必须在postStart命令中运行的脚本.该命令包含一个秘密,我可以使用valueFrom将该秘密获取给env,并在postStart命令中使用env吗?
Can I use environment variable in lifecycl.postStart.exe.command?I have a script that has to be run in postStart command.The command contains a secret, can I use valueFrom to get the secret to env, and use the env in postStart command?
推荐答案
是的,有可能.
使用此帖子创建钩子的示例,让我们读一个秘密并将其作为环境变量传递给容器,以供以后在postStart挂钩中读取.
Using the example from this post to create hooks, let's read a secret and pass it as environment variable to the container, to later read it in the postStart hook.
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: loap
spec:
replicas: 1
template:
metadata:
labels:
app: loap
spec:
containers:
-
command:
- sh
- "-c"
- "echo $(date +%s): START >> /loap/timing; sleep 10; echo $(date +%s): END >> /loap/timing;"
image: busybox
env:
- name: SECRET_THING
valueFrom:
secretKeyRef:
name: supersecret
key: password
lifecycle:
postStart:
exec:
command:
- sh
- "-c"
- "echo ${SECRET_THING} $(date +%s): POST-START >> /loap/timing"
preStop:
exec:
command:
- sh
- "-c"
- "echo $(date +%s): PRE-HOOK >> /loap/timing"
livenessProbe:
exec:
command:
- sh
- "-c"
- "echo $(date +%s): LIVENESS >> /loap/timing"
name: main
readinessProbe:
exec:
command:
- sh
- "-c"
- "echo $(date +%s): READINESS >> /loap/timing"
volumeMounts:
-
mountPath: /loap
name: timing
initContainers:
-
command:
- sh
- "-c"
- "echo $(date +%s): INIT >> /loap/timing"
image: busybox
name: init
volumeMounts:
-
mountPath: /loap
name: timing
volumes:
-
hostPath:
path: /tmp/loap
name: timing
如果查看/tmp/loap/timings的内容,则可以看到所显示的秘密
If you examine the contents of /tmp/loap/timings, you can see the secret being shown
my-secret-password 1515415872: POST-START
1515415873: READINESS
1515415879: LIVENESS
1515415882: END
1515415908: START
my-secret-password 1515415908: POST-START
1515415909: LIVENESS
1515415913: READINESS
1515415918: END
这篇关于我可以在postStart命令中使用env吗的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!