作用理解
核心用途就是容器和配置的分离解耦。
如启用一个mysql容器,mysql容器重要的文件有两部分,一部分为存储数据文件,一部分为配置文件my.cnf,存储数据可以用持久存储实现和容器的分离解耦,配置文件也能够实现和容器的分离解耦,也就是说mysql容器能够直接读取并使用预先配置好的配置文件(而不是使用容器中默认自带的配置文件).这就是configMap的功能。
ConfigMap 用于保存配置数据的键值对,可以用来保存单个属性,也可以用来保存配置文件。ConfigMap 跟 secret 很类似,但它可以更方便地处理不包含敏感信息的字符串。
创建ConfigMap有两种方式
通过yaml文件创建
通过kubectl create创建
示例
命令行创建
# 方式一:[root@master-01 configmap]# kubectl ?create cm mysql-config --from-file=mysqld.cnf configmap/mysql-config created[root@master-01 configmap]# kubectl ?describe cm mysql-configName: ????????mysql-configNamespace: ???defaultLabels: ??????<none>Annotations: ?<none>Data====mysqld.cnf:----[client]port = 3306socket = /var/run/mysqld/mysqld.sock[mysql]no-auto-rehash[mysqld]user = mysqlport = 3306socket = /var/run/mysqld/mysqld.sockdatadir = /var/lib/mysql[mysqld_safe]log-error= /var/log/mysql/mysql_oldboy.errpid-file = /var/run/mysqld/mysqld.pidEvents: ?<none># 方式二:[root@master-01 configmap]# kubectl create configmap env-config --from-literal=log_level=INFO# 以key:value的形式创建yaml文件创建
[root@master-01 configmap]# cat my-config.yaml apiVersion: v1kind: ConfigMapmetadata: ?name: mysql-config2data: ?mysqld.cnf: | ???[client] ???port = 3306 ???socket = /var/run/mysqld/mysqld.sock ???[mysql] ???no-auto-rehash ???[mysqld] ???user = mysql ???port = 3306 ???socket = /var/run/mysqld/mysqld.sock ???datadir = /var/lib/mysql ???[mysqld_safe] ???log-error= /var/log/mysql/mysql_oldboy.err ???pid-file = /var/run/mysqld/mysqld.pid[root@master-01 configmap]# kubectl ?apply -f my-config.yaml configmap/mysql-config2 created[root@master-01 configmap]# kubectl ?describe cm mysql-config2Name: ????????mysql-config2Namespace: ???defaultLabels: ??????<none>Annotations: ?kubectl.kubernetes.io/last-applied-configuration: ???????????????{"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\...Data====mysqld.cnf:----[client]port = 3306socket = /var/run/mysqld/mysqld.sock[mysql]no-auto-rehash[mysqld]user = mysqlport = 3306socket = /var/run/mysqld/mysqld.sockdatadir = /var/lib/mysql[mysqld_safe]log-error= /var/log/mysql/mysql_oldboy.errpid-file = /var/run/mysqld/mysqld.pidEvents: ?<none>ConfigMap 使用
ConfigMap 可以通过三种方式在 Pod 中使用
? ?1.环境变量方式
? ?2.volume挂载方式(一般都是用这个,支持热更新)
? ?3.设置容器命令行参数
用环境变量
[root@master-01 configmap]# kubectl create configmap env-config --from-literal=log_level=INFOconfigmap/env-config created[root@master-01 configmap]# kubectl create configmap special-config --from-literal=special.how=very --from-literal=special.type=charmconfigmap/special-config created编排
[root@master-01 configmap]# cat bu.yaml apiVersion: v1kind: Podmetadata: ?name: test-podspec: ?containers: ???- name: test-container ?????image: busybox ?????command: ["/bin/sh", "-c", "env"] ?????env: ???????- name: SPECIAL_LEVEL_KEY ?????????valueFrom: ???????????configMapKeyRef: ?????????????name: special-config ?????????????key: special.how ???????- name: SPECIAL_TYPE_KEY ?????????valueFrom: ???????????configMapKeyRef: ?????????????name: special-config ?????????????key: special.type ?????envFrom: ???????- configMapRef: ???????????name: env-config ?restartPolicy: Never[root@master-01 configmap]# kubectl ?apply -f bu.yaml pod/test-pod created查看日志可以发现,环境变量注入到了容器中了
[root@master-01 configmap]# kubectl ?logs ?test-pod ...SPECIAL_TYPE_KEY=charmSPECIAL_LEVEL_KEY=verylog_level=INFO用作命令行参数
将 ConfigMap 用作命令行参数时,需要先把 ConfigMap 的数据保存在环境变量中,然后通过 $(VAR_NAME) 的方式引用环境变量.
编排
apiVersion: v1kind: Podmetadata: ?name: dapi-test-podspec: ?containers: ???- name: test-container ?????image: busybox ?????command: ["/bin/sh", "-c", "echo $(SPECIAL_LEVEL_KEY) $(SPECIAL_TYPE_KEY)" ]...查看日志可以看到环境变量被输出
[root@master-01 configmap]# kubectl ?logs dapi-test-podvery charmvolume挂载方式(支持动态更新)
configmap 挂载文件时,会先覆盖掉挂载目录,然后再将 congfigmap 中的内容作为文件挂载进行。如果想不对原来的文件夹下的文件造成覆盖,只是将 configmap 中的每个 key,按照文件的方式挂载到目录下,可以使用 subpath 参数。
实战例子
编排
[root@master-01 configmap]# cat mysql-d.yaml apiVersion: v1kind: ConfigMapmetadata: ?name: myconfigdata: ?v1: Abc1234!@#---apiVersion: v1kind: Servicemetadata: ?name: mysql-tspec: ?ports: ?- port: 3306 ?selector: ???app: mysql-t---apiVersion: apps/v1beta1kind: Deploymentmetadata: ?name: mysql-tspec: ?selector: ???matchLabels: ?????app: mysql-t ?template: ???metadata: ?????labels: ???????app: mysql-t ???spec: ?????containers: ?????- image: mysql:5.7 ???????name: mysql-t ???????ports: ???????- containerPort: 3306 ???????env: ???????- name: MYSQL_ROOT_PASSWORD ?????????valueFrom: ???????????configMapKeyRef: ?????????????name: my-config ?????????????key: v2 ???????volumeMounts: ???????- name: mysql-t1 ?????????mountPath: /etc/mysql/mysql.conf.d ?????volumes: ?????- name: mysql-t1 ???????configMap: ?????????name: mysql-config2[root@master-01 configmap]# kubectl ?apply -f mysql-d.yaml configmap/myconfig createdservice/mysql-t createddeployment.apps/mysql-t createdvolumeMounts/mountPath:? ? 容器里挂载的目录,这个目录其实很重要,你要使用个容器的应用,需熟悉这个应用的配置文件存放目录并且挂载到正确目录.挂载目录错了容器应用无法读取到配置文件。
volumes:? 定义使用的卷
name: mysql-t1? 注意volumes和volumeMounts的name是相对应的.
进入mysql容器中测试,可以看到读取的就是congfigmap,密码已经生效.
[root@master-01 configmap]# kubectl ?exec -ti mysql-t-7bb6cbbf77-xqfc2 bashroot@mysql-t-7bb6cbbf77-xqfc2:/# mysql -uroot -pAbc1234\!\@\#mysql: [Warning] Using a password on the command line interface can be insecure.Welcome to the MySQL monitor. ?Commands end with ; or \g.Your MySQL connection id is 2Server version: 5.7.25 MySQL Community Server (GPL)Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.mysql> 查看pod详情
[root@master-01 configmap]# kubectl ?describe pod ?mysql-t-7bb6cbbf77-xqfc2 Name: ??????????????mysql-t-7bb6cbbf77-xqfc2Namespace: ?????????defaultPriority: ??????????0PriorityClassName: ?<none>Node: ??????????????192.168.209.131/192.168.209.131Start Time: ????????Tue, 02 Apr 2019 10:29:05 +0800Labels: ????????????app=mysql-t ???????????????????pod-template-hash=7bb6cbbf77Annotations: ???????<none>Status: ????????????RunningIP: ????????????????172.17.12.3Controlled By: ?????ReplicaSet/mysql-t-7bb6cbbf77Containers: ?mysql-t: ???Container ID: ??docker://58d61cddb16b6cd14593d7e4d1bc12c6157e7d9c28ffa25c3d3e8a571867bb71 ???Image: ?????????mysql:5.7 ???Image ID: ??????docker-pullable://mysql@sha256:dba5fed182e64064b688ccd22b2f9cad4ee88608c82f8cff21e17bab8da72b81 ???Port: ??????????3306/TCP ???Host Port: ?????0/TCP ???State: ?????????Running ?????Started: ?????Tue, 02 Apr 2019 10:29:06 +0800 ???Ready: ?????????True ???Restart Count: ?0 ???Environment: ?????MYSQL_ROOT_PASSWORD: ?<set to the key 'v1' of config map 'myconfig'> ?Optional: false ???Mounts: ?????/etc/mysql/mysql.conf.d from mysql-t1 (rw) ?????/var/run/secrets/kubernetes.io/serviceaccount from default-token-tb5bg (ro)Conditions: ?Type ?????????????Status ?Initialized ??????True ??Ready ????????????True ??ContainersReady ??True ??PodScheduled ?????True Volumes: ?mysql-t1: ???Type: ?????ConfigMap (a volume populated by a ConfigMap) ???Name: ?????mysql-config2 ???Optional: ?false ?default-token-tb5bg: ???Type: ???????Secret (a volume populated by a Secret) ???SecretName: ?default-token-tb5bg ???Optional: ???falseQoS Class: ??????BestEffortNode-Selectors: ?<none>Tolerations: ????node.kubernetes.io/not-ready:NoExecute for 300s ????????????????node.kubernetes.io/unreachable:NoExecute for 300sEvents: ?Type ???Reason ????Age ???From ?????????????????????Message ?---- ???------ ????---- ??---- ?????????????????????------- ?Normal ?Scheduled ?3m32s ?default-scheduler ????????Successfully assigned default/mysql-t-7bb6cbbf77-xqfc2 to 192.168.209.131 ?Normal ?Pulled ????3m31s ?kubelet, 192.168.209.131 ?Container image "mysql:5.7" already present on machine ?Normal ?Created ???3m31s ?kubelet, 192.168.209.131 ?Created container ?Normal ?Started ???3m31s ?kubelet, 192.168.209.131 ?Started containerconfigmap配置段为
??Environment: ?????MYSQL_ROOT_PASSWORD: ?<set to the key 'v1' of config map 'myconfig'> ?Optional: false ???Mounts: ?????/etc/mysql/mysql.conf.d from mysql-t1 (rw)热更新测试
修改my-cnfig2,使用edit命令
在[mysqld]段添加如下配置
server-id=1查看my-cnfig2信息
[root@master-01 configmap]# kubectl ?describe ?cm mysql-config2...mysqld.cnf:----[client]port = 3306socket = /var/run/mysqld/mysqld.sock[mysql]no-auto-rehash[mysqld]user = mysqlport = 3306socket = /var/run/mysqld/mysqld.sockdatadir = /var/lib/mysqlserver-id=1[mysqld_safe]log-error= /var/log/mysql/mysql_oldboy.errpid-file = /var/run/mysqld/mysqld.pidEvents: ?<none>进mysql容器查看
[root@master-01 configmap]# kubectl ?edit cm mysql-config2configmap/mysql-config2 edited[root@master-01 configmap]# kubectl ?exec -ti mysql-t-7bb6cbbf77-xqfc2 bashroot@mysql-t-7bb6cbbf77-xqfc2:/# cat /etc/mysql/mysql.conf.d/mysqld.cnf [client]port = 3306socket = /var/run/mysqld/mysqld.sock[mysql]no-auto-rehash[mysqld]user = mysqlport = 3306socket = /var/run/mysqld/mysqld.sockdatadir = /var/lib/mysqlserver-id=1[mysqld_safe]log-error= /var/log/mysql/mysql_oldboy.errpid-file = /var/run/mysqld/mysqld.pidroot@mysql-t-7bb6cbbf77-xqfc2:/# 可以看到配置已经热更新了。
往期文章一览
1、Kubernetes集群搭建之系统初始化配置篇
2、Kubernetes集群搭建之企业级环境中基于Harbor搭建自己的私有仓库
3、Kubernetes集群搭建之Etcd集群配置篇
4、Kubernetes集群搭建之CNI-Flanneld部署篇
5、Kubernetes集群搭建之Master配置篇
6、Kubernetes系列之Coredns and Dashboard介绍篇
7、Kubernetes系列之监控Metres-server实战篇
如果您觉得不错,请别忘了转发、分享、点赞让更多的人去学习, 您的举手之劳,就是对小编最好的支持,非常感谢!
kubernetes系列之ConfigMap使用方式
原文地址:https://www.cnblogs.com/guigujun/p/10669945.html