主机配置规划

ConfigMap概述

ConfigMap 是一种 API 对象,用来将非机密性的数据保存到健值对中。使用时可以用作环境变量命令行参数或者存储卷中的配置文件。

ConfigMap 将环境配置信息和容器镜像解耦,便于应用配置的修改。当你需要储存机密信息时可以使用 Secret 对象。

备注:ConfigMap 并不提供保密或者加密功能。如果你想存储的数据是机密的,请使用 Secret;或者使用其他第三方工具来保证数据的私密性,而不是用 ConfigMap。

ConfigMap创建方式

通过目录创建

配置文件目录

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# ll /root/k8s_practice/storage/configmap    # 配置文件存在哪个目录下
 4 total 8
 5 -rw-r--r-- 1 root root 159 Jun  7 14:52 game.properties
 6 -rw-r--r-- 1 root root  83 Jun  7 14:53 ui.properties
 7 [root@k8s-master storage]#
 8 [root@k8s-master storage]# cat configmap/game.properties    # 涉及文件1
 9 enemies=aliens
10 lives=3
11 enemies.cheat=true
12 enemies.cheat.level=noGoodRotten
13 secret.code.passphrase=UUDDLRLRBABAs
14 secret.code.allowed=true
15 secret.code.lives=30
16
17 [root@k8s-master storage]#
18 [root@k8s-master storage]# cat configmap/ui.properties   # 涉及文件2
19 color.good=purple
20 color.bad=yellow
21 allow.textmode=true
22 how.nice.to.look=fairlyNice

创建ConfigMap并查看状态

1 [root@k8s-master storage]# kubectl create configmap game-config --from-file=/root/k8s_practice/storage/configmap
2 configmap/game-config created
3 [root@k8s-master storage]#
4 [root@k8s-master storage]# kubectl get configmap
5 NAME          DATA   AGE
6 game-config   2      14s

查看ConfigMap有哪些数据

 1 [root@k8s-master storage]# kubectl get configmap -o yaml   ##### 查看方式1
 2 apiVersion: v1
 3 items:
 4 - apiVersion: v1
 5   data:
 6     game.properties: |+   ##### 本段最后有一行空格,+ 表示保留字符串行末尾的换行
 7       enemies=aliens
 8       lives=3
 9       enemies.cheat=true
10       enemies.cheat.level=noGoodRotten
11       secret.code.passphrase=UUDDLRLRBABAs
12       secret.code.allowed=true
13       secret.code.lives=30
14
15     ui.properties: |
16       color.good=purple
17       color.bad=yellow
18       allow.textmode=true
19       how.nice.to.look=fairlyNice
20   kind: ConfigMap
21   metadata:
22     creationTimestamp: "2020-06-07T06:57:28Z"
23     name: game-config
24     namespace: default
25     resourceVersion: "889177"
26     selfLink: /api/v1/namespaces/default/configmaps/game-config
27     uid: 6952ac85-ded0-4c5e-89fd-b0c6f0546ecf
28 kind: List
29 metadata:
30   resourceVersion: ""
31   selfLink: ""
32 [root@k8s-master storage]#
33 [root@k8s-master storage]# kubectl describe configmap game-config   ##### 查看方式2
34 Name:         game-config
35 Namespace:    default
36 Labels:       <none>
37 Annotations:  <none>
38
39 Data
40 ====
41 game.properties:
42 ----
43 enemies=aliens
44 lives=3
45 enemies.cheat=true
46 enemies.cheat.level=noGoodRotten
47 secret.code.passphrase=UUDDLRLRBABAs
48 secret.code.allowed=true
49 secret.code.lives=30
50
51
52 ui.properties:
53 ----
54 color.good=purple
55 color.bad=yellow
56 allow.textmode=true
57 how.nice.to.look=fairlyNice
58
59 Events:  <none>

通过文件创建

配置文件位置

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# cat /root/k8s_practice/storage/configmap/game.properties
 4 enemies=aliens
 5 lives=3
 6 enemies.cheat=true
 7 enemies.cheat.level=noGoodRotten
 8 secret.code.passphrase=UUDDLRLRBABAs
 9 secret.code.allowed=true
10 secret.code.lives=30

创建ConfigMap并查看状态

1 [root@k8s-master storage]# kubectl create configmap game-config-2 --from-file=/root/k8s_practice/storage/configmap/game.properties
2 configmap/game-config-2 created
3 [root@k8s-master storage]#
4 [root@k8s-master storage]# kubectl get configmap game-config-2
5 NAME            DATA   AGE
6 game-config-2   1      29s

查看ConfigMap有哪些数据

 1 [root@k8s-master storage]# kubectl get configmap game-config-2 -o yaml   ##### 查看方式1
 2 apiVersion: v1
 3 data:
 4   game.properties: |+   ##### 本段最后有一行空格,+ 表示保留字符串行末尾的换行
 5     enemies=aliens
 6     lives=3
 7     enemies.cheat=true
 8     enemies.cheat.level=noGoodRotten
 9     secret.code.passphrase=UUDDLRLRBABAs
10     secret.code.allowed=true
11     secret.code.lives=30
12
13 kind: ConfigMap
14 metadata:
15   creationTimestamp: "2020-06-07T07:05:47Z"
16   name: game-config-2
17   namespace: default
18   resourceVersion: "890437"
19   selfLink: /api/v1/namespaces/default/configmaps/game-config-2
20   uid: 02d99802-c23f-45ad-b4e1-dea9bcb166d8
21 [root@k8s-master storage]#
22 [root@k8s-master storage]# kubectl describe configmap game-config-2    ##### 查看方式2
23 Name:         game-config-2
24 Namespace:    default
25 Labels:       <none>
26 Annotations:  <none>
27
28 Data
29 ====
30 game.properties:
31 ----
32 enemies=aliens
33 lives=3
34 enemies.cheat=true
35 enemies.cheat.level=noGoodRotten
36 secret.code.passphrase=UUDDLRLRBABAs
37 secret.code.allowed=true
38 secret.code.lives=30
39
40
41 Events:  <none>

通过命令行创建

创建ConfigMap并查看状态

1 [root@k8s-master storage]# pwd
2 /root/k8s_practice/storage
3 [root@k8s-master storage]# kubectl create configmap special-config --from-literal=special.how=very --from-literal="special.type=charm"
4 configmap/special-config created
5 [root@k8s-master storage]#
6 [root@k8s-master storage]# kubectl get configmap special-config
7 NAME             DATA   AGE
8 special-config   2      23s

查看ConfigMap有哪些数据

 1 [root@k8s-master storage]# kubectl get configmap special-config -o yaml    ##### 查看方式1
 2 apiVersion: v1
 3 data:
 4   special.how: very
 5   special.type: charm
 6 kind: ConfigMap
 7 metadata:
 8   creationTimestamp: "2020-06-07T09:32:04Z"
 9   name: special-config
10   namespace: default
11   resourceVersion: "912702"
12   selfLink: /api/v1/namespaces/default/configmaps/special-config
13   uid: 76698e78-1380-4826-b5ac-d9c81f746eac
14 [root@k8s-master storage]#
15 [root@k8s-master storage]# kubectl describe configmap special-config    ##### 查看方式2
16 Name:         special-config
17 Namespace:    default
18 Labels:       <none>
19 Annotations:  <none>
20
21 Data
22 ====
23 special.how:
24 ----
25 very
26 special.type:
27 ----
28 charm
29 Events:  <none>

通过yaml文件创建

yaml文件

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# cat configmap.yaml
 4 apiVersion: v1
 5 kind: ConfigMap
 6 metadata:
 7   name: configmap-demo
 8 data:
 9   # 类属性键;每一个键都映射到一个简单的值
10   player_initial_lives: "3"
11   ui_properties_file_name: 'user-interface.properties'
12   #
13   # 类文件键
14   game.properties: |
15     enemy.types=aliens,monsters
16     player.maximum-lives=5
17   user-interface.properties: |
18     color.good=purple
19     color.bad=yellow
20     allow.textmode=true

创建ConfigMap并查看状态

1 [root@k8s-master storage]# kubectl apply -f configmap.yaml
2 configmap/configmap-demo created
3 [root@k8s-master storage]# kubectl get configmap configmap-demo
4 NAME             DATA   AGE
5 configmap-demo   4      2m59s

查看ConfigMap有哪些数据

 1 [root@k8s-master storage]# kubectl get configmap configmap-demo -o yaml    ##### 查看方式1
 2 apiVersion: v1
 3 data:
 4   game.properties: |
 5     enemy.types=aliens,monsters
 6     player.maximum-lives=5
 7   player_initial_lives: "3"
 8   ui_properties_file_name: user-interface.properties
 9   user-interface.properties: |
10     color.good=purple
11     color.bad=yellow
12     allow.textmode=true
13 kind: ConfigMap
14 metadata:
15   annotations:
16     kubectl.kubernetes.io/last-applied-configuration: |
17       {"apiVersion":"v1","data":{"game.properties":"enemy.types=aliens,monsters\nplayer.maximum-lives=5\n","player_initial_lives":"3","ui_properties_file_name":"user-interface.properties","user-interface.properties":"color.good=purple\ncolor.bad=yellow\nallow.textmode=true\n"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"configmap-demo","namespace":"default"}}
18   creationTimestamp: "2020-06-07T11:36:46Z"
19   name: configmap-demo
20   namespace: default
21   resourceVersion: "931685"
22   selfLink: /api/v1/namespaces/default/configmaps/configmap-demo
23   uid: fdad7000-87bd-4b72-be98-40dd8fe6400a
24 [root@k8s-master storage]#
25 [root@k8s-master storage]#
26 [root@k8s-master storage]# kubectl describe configmap configmap-demo     ##### 查看方式2
27 Name:         configmap-demo
28 Namespace:    default
29 Labels:       <none>
30 Annotations:  kubectl.kubernetes.io/last-applied-configuration:
31                 {"apiVersion":"v1","data":{"game.properties":"enemy.types=aliens,monsters\nplayer.maximum-lives=5\n","player_initial_lives":"3","ui_proper...
32
33 Data
34 ====
35 game.properties:
36 ----
37 enemy.types=aliens,monsters
38 player.maximum-lives=5
39
40 player_initial_lives:
41 ----
42 3
43 ui_properties_file_name:
44 ----
45 user-interface.properties
46 user-interface.properties:
47 ----
48 color.good=purple
49 color.bad=yellow
50 allow.textmode=true
51
52 Events:  <none>

Pod中使用ConfigMap

如何在Pod中使用上述的ConfigMap信息。

当前存在的ConfigMap

1 [root@k8s-master storage]# kubectl get configmap
2 NAME             DATA   AGE
3 configmap-demo   4      30m
4 game-config      2      5h9m
5 game-config-2    1      5h1m
6 special-config   2      5m48s

使用ConfigMap来替代环境变量

yaml文件

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# cat pod_configmap_env.yaml
 4 apiVersion: v1
 5 kind: Pod
 6 metadata:
 7   name: pod-configmap-env
 8 spec:
 9   containers:
10   - name: myapp
11     image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1
12     command: ["/bin/sh", "-c", "env"]
13     ### 引用方式1
14     env:
15     - name: SPECAIL_HOW_KEY
16       valueFrom:
17         configMapKeyRef:
18           name: special-config   ### 这个name的值来自 ConfigMap
19           key: special.how       ### 这个key的值为需要取值的键
20     - name: SPECAIL_TPYE_KEY
21       valueFrom:
22         configMapKeyRef:
23           name: special-config
24           key: special.type
25     ### 引用方式2
26     envFrom:
27     - configMapRef:
28         name: game-config-2   ### 这个name的值来自 ConfigMap
29     restartPolicy: Never

启动pod并查看状态

1 [root@k8s-master storage]# kubectl apply -f pod_configmap_env.yaml
2 pod/pod-configmap-env created
3 [root@k8s-master storage]#
4 [root@k8s-master storage]# kubectl get pod -o wide
5 NAME                READY   STATUS      RESTARTS   AGE   IP             NODE         NOMINATED NODE   READINESS GATES
6 pod-configmap-env   0/1     Completed   0          6s    10.244.2.147   k8s-node02   <none>           <none>

查看打印日志

 1 [root@k8s-master storage]# kubectl logs pod-configmap-env
 2 MYAPP_SVC_PORT_80_TCP_ADDR=10.98.57.156
 3 KUBERNETES_SERVICE_PORT=443
 4 KUBERNETES_PORT=tcp://10.96.0.1:443
 5 MYAPP_SVC_PORT_80_TCP_PORT=80
 6 HOSTNAME=pod-configmap-env
 7 SHLVL=1
 8 MYAPP_SVC_PORT_80_TCP_PROTO=tcp
 9 HOME=/root
10 SPECAIL_HOW_KEY=very  ### 来自ConfigMap
11 game.properties=enemies=aliens  ### 来自ConfigMap
12 lives=3  ### 来自ConfigMap
13 enemies.cheat=true  ### 来自ConfigMap
14 enemies.cheat.level=noGoodRotten  ### 来自ConfigMap
15 secret.code.passphrase=UUDDLRLRBABAs  ### 来自ConfigMap
16 secret.code.allowed=true  ### 来自ConfigMap
17 secret.code.lives=30  ### 来自ConfigMap
18
19
20 SPECAIL_TPYE_KEY=charm  ### 来自ConfigMap
21 MYAPP_SVC_PORT_80_TCP=tcp://10.98.57.156:80
22 NGINX_VERSION=1.12.2
23 KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
24 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
25 KUBERNETES_PORT_443_TCP_PORT=443
26 KUBERNETES_PORT_443_TCP_PROTO=tcp
27 MYAPP_SVC_SERVICE_HOST=10.98.57.156
28 KUBERNETES_SERVICE_PORT_HTTPS=443
29 KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
30 PWD=/
31 KUBERNETES_SERVICE_HOST=10.96.0.1
32 MYAPP_SVC_SERVICE_PORT=80
33 MYAPP_SVC_PORT=tcp://10.98.57.156:80

使用ConfigMap设置命令行参数

yaml文件

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# cat pod_configmap_cmd.yaml
 4 apiVersion: v1
 5 kind: Pod
 6 metadata:
 7   name: pod-configmap-cmd
 8 spec:
 9   containers:
10   - name: myapp
11     image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1
12     command: ["/bin/sh", "-c", "echo \"===$(SPECAIL_HOW_KEY)===$(SPECAIL_TPYE_KEY)===\""]
13     env:
14     - name: SPECAIL_HOW_KEY
15       valueFrom:
16         configMapKeyRef:
17           name: special-config
18           key: special.how
19     - name: SPECAIL_TPYE_KEY
20       valueFrom:
21         configMapKeyRef:
22           name: special-config
23           key: special.type
24   restartPolicy: Never

启动pod并查看状态

1 [root@k8s-master storage]# kubectl apply -f pod_configmap_cmd.yaml
2 pod/pod-configmap-cmd created
3 [root@k8s-master storage]#
4 [root@k8s-master storage]# kubectl get pod -o wide
5 NAME                READY   STATUS      RESTARTS   AGE   IP             NODE         NOMINATED NODE   READINESS GATES
6 pod-configmap-cmd   0/1     Completed   0          5s    10.244.4.125   k8s-node01   <none>           <none>

查看打印日志

1 [root@k8s-master storage]# kubectl logs pod-configmap-cmd
2 ===very===charm===

通过数据卷插件使用ConfigMap【推荐】

在数据卷里面使用ConfigMap,最基本的就是将文件填入数据卷,在这个文件中,键就是文件名【第一层级的键】,键值就是文件内容。

yaml文件

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# cat pod_configmap_volume.yaml
 4 apiVersion: v1
 5 kind: Pod
 6 metadata:
 7   name: pod-configmap-volume
 8 spec:
 9   containers:
10   - name: myapp
11     image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1
12     #command: ["/bin/sh", "-c", "ls -l /etc/config/"]
13     command: ["/bin/sh", "-c", "sleep 600"]
14     volumeMounts:
15     - name: config-volume
16       mountPath: /etc/config
17   volumes:
18   - name: config-volume
19     configMap:
20       name: configmap-demo
21   restartPolicy: Never

启动pod并查看状态

1 [root@k8s-master storage]# kubectl apply -f pod_configmap_volume.yaml
2 pod/pod-configmap-volume created
3 [root@k8s-master storage]#
4 [root@k8s-master storage]# kubectl get pod -o wide
5 NAME                   READY   STATUS    RESTARTS   AGE   IP             NODE         NOMINATED NODE   READINESS GATES
6 pod-configmap-volume   1/1     Running   0          5s    10.244.2.153   k8s-node02   <none>           <none>

进入pod并查看

 1 [root@k8s-master storage]# kubectl exec -it pod-configmap-volume sh
 2 / # ls /etc/config
 3 game.properties            player_initial_lives       ui_properties_file_name    user-interface.properties
 4 / #
 5 / #
 6 / #
 7 / # cat /etc/config/player_initial_lives
 8 3/ #
 9 / #
10 / #
11 / # cat /etc/config/ui_properties_file_name
12 user-interface.properties/ #
13 / #
14 / #
15 / # cat /etc/config/game.properties
16 enemy.types=aliens,monsters
17 player.maximum-lives=5
18 / #
19 / #
20 / # cat /etc/config/user-interface.properties
21 color.good=purple
22 color.bad=yellow
23 allow.textmode=true

ConfigMap热更新

准备工作

yaml文件

 1 [root@k8s-master storage]# pwd
 2 /root/k8s_practice/storage
 3 [root@k8s-master storage]# cat pod_configmap_hot.yaml
 4 apiVersion: v1
 5 kind: ConfigMap
 6 metadata:
 7   name: log-config
 8   namespace: default
 9 data:
10   log_level: INFO
11 ---
12 apiVersion: apps/v1
13 kind: Deployment
14 metadata:
15   name: myapp-deploy
16   namespace: default
17 spec:
18   replicas: 2
19   selector:
20     matchLabels:
21       app: myapp
22       release: v1
23   template:
24     metadata:
25       labels:
26         app: myapp
27         release: v1
28         env: test
29     spec:
30       containers:
31       - name: myapp
32         image: registry.cn-beijing.aliyuncs.com/google_registry/myapp:v1
33         imagePullPolicy: IfNotPresent
34         ports:
35         - containerPort: 80
36         volumeMounts:
37         - name: config-volume
38           mountPath: /etc/config
39       volumes:
40       - name: config-volume
41         configMap:
42           name: log-config

应用yaml文件并查看状态

 1 [root@k8s-master storage]# kubectl apply -f pod_configmap_hot.yaml
 2 configmap/log-config created
 3 deployment.apps/myapp-deploy created
 4 [root@k8s-master storage]#
 5 [root@k8s-master storage]# kubectl get configmap log-config
 6 NAME         DATA   AGE
 7 log-config   1      21s
 8 [root@k8s-master storage]#
 9 [root@k8s-master storage]# kubectl get pod -o wide
10 NAME                           READY   STATUS    RESTARTS   AGE   IP             NODE         NOMINATED NODE   READINESS GATES
11 myapp-deploy-58ff9c997-drhwk   1/1     Running   0          30s   10.244.2.154   k8s-node02   <none>           <none>
12 myapp-deploy-58ff9c997-n68j2   1/1     Running   0          30s   10.244.4.126   k8s-node01   <none>           <none>

查看ConfigMap信息

 1 [root@k8s-master storage]# kubectl get configmap log-config -o yaml
 2 apiVersion: v1
 3 data:
 4   log_level: INFO
 5 kind: ConfigMap
 6 metadata:
 7   annotations:
 8     kubectl.kubernetes.io/last-applied-configuration: |
 9       {"apiVersion":"v1","data":{"log_level":"INFO"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"log-config","namespace":"default"}}
10   creationTimestamp: "2020-06-07T16:08:11Z"
11   name: log-config
12   namespace: default
13   resourceVersion: "971348"
14   selfLink: /api/v1/namespaces/default/configmaps/log-config
15   uid: 7e78e1d7-12de-4601-9915-cefbc96ca305

查看pod中的ConfigMap信息

1 [root@k8s-master storage]# kubectl exec -it myapp-deploy-58ff9c997-drhwk -- cat /etc/config/log_level
2 INFO

热更新

修改ConfigMap

 1 [root@k8s-master storage]# kubectl edit configmap log-config     ### 将 INFO 改为了 DEBUG
 2 # Please edit the object below. Lines beginning with a '#' will be ignored,
 3 # and an empty file will abort the edit. If an error occurs while saving this file will be
 4 # reopened with the relevant failures.
 5 #
 6 apiVersion: v1
 7 data:
 8   log_level: DEBUG
 9 kind: ConfigMap
10 metadata:
11   annotations:
12     kubectl.kubernetes.io/last-applied-configuration: |
13       {"apiVersion":"v1","data":{"log_level":"DEBUG"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"log-config","namespace":"default"}}
14   creationTimestamp: "2020-06-07T16:08:11Z"
15   name: log-config
16   namespace: default
17   resourceVersion: "971348"
18   selfLink: /api/v1/namespaces/default/configmaps/log-config
19   uid: 7e78e1d7-12de-4601-9915-cefbc96ca305

查看ConfigMap信息

 1 [root@k8s-master storage]# kubectl get configmap log-config -o yaml
 2 apiVersion: v1
 3 data:
 4   log_level: DEBUG
 5 kind: ConfigMap
 6 metadata:
 7   annotations:
 8     kubectl.kubernetes.io/last-applied-configuration: |
 9       {"apiVersion":"v1","data":{"log_level":"DEBUG"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"log-config","namespace":"default"}}
10   creationTimestamp: "2020-06-07T16:08:11Z"
11   name: log-config
12   namespace: default
13   resourceVersion: "972893"
14   selfLink: /api/v1/namespaces/default/configmaps/log-config
15   uid: 7e78e1d7-12de-4601-9915-cefbc96ca305

稍后10秒左右,再次查看pod中的ConfigMap信息

1 [root@k8s-master storage]# kubectl exec -it myapp-deploy-58ff9c997-drhwk -- cat /etc/config/log_level
2 DEBUG

由此可见,完成了一次热更新

相关阅读

1、YAML 语言教程与使用案例

2、Kubernetes K8S之通过yaml创建pod与pod文件常用字段详解

3、Kubernetes K8S之存储Secret详解


———END———
如果觉得不错就关注下呗 (-^O^-) !

Kubernetes K8S之存储ConfigMap详解-LMLPHP

10-15 10:45