ConfigMap配置管理 • Configmap用于保存配置数据,以键值对形式存储。 • configMap 资源提供了向 Pod 注入配置数据的方法。 • 旨在让镜像和配置文件解耦,以便实现镜像的可移植性和可复用性。
典型的使用场景 • 填充环境变量的值 • 设置容器内的命令行参数 • 填充卷的配置文件
创建ConfigMap的方式有4种: • 使用字面值创建 • 使用文件创建 • 使用目录创建 • 编写configmap的yaml文件创建
kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
[kubeadm@server1 ~]$ mkdir cm [kubeadm@server1 ~]$ ls calico.yaml cm kube-flannel.yml mainfest nginx.tar [kubeadm@server1 ~]$ cd cm/ [kubeadm@server1 cm]$ kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2 configmap/my-config created [kubeadm@server1 cm]$ kubectl get cm NAME DATA AGE my-config 2 10s [kubeadm@server1 cm]$ kubectl get cm -n kube-system NAME DATA AGE coredns 1 8d extension-apiserver-authentication 6 8d kube-flannel-cfg 2 21h kube-proxy 2 8d kubeadm-config 2 8d kubelet-config-1.18 1 8d [kubeadm@server1 cm]$ kubectl describe cm my-config Name: my-config Namespace: default Labels: <none> Annotations: <none> Data ==== key1: ---- config1 key2: ---- config2 Events: <none>
kubectl create configmap my-config-2 --from-file=/etc/resolv.conf
[kubeadm@server1 cm]$ kubectl create configmap my-config-2 --from-file=/etc/resolv.conf configmap/my-config-2 created [kubeadm@server1 cm]$ kubectl get cm NAME DATA AGE my-config 2 2m51s my-config-2 1 3s [kubeadm@server1 cm]$ kubectl describe cm my-config-2 Name: my-config-2 Namespace: default Labels: <none> Annotations: <none> Data ==== resolv.conf: ---- nameserver 114.114.114.114 Events: <none>
kubectl create configmap my-config-3 --from-file=test
[kubeadm@server1 cm]$ mkdir test [kubeadm@server1 cm]$ cp /etc/fstab test/ [kubeadm@server1 cm]$ cp /etc/resolv.conf test/ [kubeadm@server1 cm]$ ll test/ total 8 -rw-r--r-- 1 kubeadm kubeadm 502 Jun 27 19:47 fstab -rw-rw-r-- 1 kubeadm kubeadm 28 Jun 27 19:47 resolv.conf [kubeadm@server1 cm]$ kubectl create configmap my-config-3 --from-file=test configmap/my-config-3 created [kubeadm@server1 cm]$ kubectl get cm NAME DATA AGE my-config 2 5m50s my-config-2 1 3m2s my-config-3 2 6s [kubeadm@server1 cm]$ kubectl describe cm my-config-3 Name: my-config-3 Namespace: default Labels: <none> Annotations: <none> Data ==== fstab: ---- # # /etc/fstab # Created by anaconda on Thu May 7 08:28:06 2020 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # UUID=8d5190d9-d50b-49f4-a64e-7a985e53dc81 / xfs defaults 0 0 UUID=60910b20-bbdc-4701-bba3-a9760086a1a0 /boot xfs defaults 0 0 #UUID=2a714265-f92d-4429-87da-9f09e32e6ff2 swap swap defaults 0 0 resolv.conf: ---- nameserver 114.114.114.114 Events: <none>
如何使用configmap: • 通过环境变量的方式直接传递给pod • 通过在pod的命令行下运行的方式 • 作为volume的方式挂载到pod内
示例一:重新定义configmap的key
[kubeadm@server1 cm]$ vim cm1.yml [kubeadm@server1 cm]$ cat cm1.yml apiVersion: v1 kind: ConfigMap metadata: name: cm1-config data: db_host: "172.25.0.250" db_port: "3306" --- apiVersion: v1 kind: Pod metadata: name: pod1 spec: containers: - name: pod1 image: busybox command: ["/bin/sh", "-c", "env"] env: - name: key1 valueFrom: configMapKeyRef: name: cm1-config key: db_host - name: key2 valueFrom: configMapKeyRef: name: cm1-config key: db_port restartPolicy: Never [kubeadm@server1 cm]$ kubectl apply -f cm1.yml configmap/cm1-config unchanged pod/pod1 created [kubeadm@server1 cm]$ kubectl get cm NAME DATA AGE cm1-config 2 7m31s my-config 2 179m my-config-2 1 176m my-config-3 2 173m [kubeadm@server1 cm]$ kubectl describe cm cm1-config Name: cm1-config Namespace: default Labels: <none> Annotations: Data ==== db_host: ---- 172.25.0.250 db_port: ---- 3306 Events: <none> [kubeadm@server1 cm]$ kubectl logs pod1 KUBERNETES_PORT=tcp://10.96.0.1:443 KUBERNETES_SERVICE_PORT=443 HOSTNAME=pod1 SHLVL=1 HOME=/root KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin KUBERNETES_PORT_443_TCP_PORT=443 key1=172.25.0.250 KUBERNETES_PORT_443_TCP_PROTO=tcp key2=3306 KUBERNETES_SERVICE_PORT_HTTPS=443 KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443 KUBERNETES_SERVICE_HOST=10.96.0.1 PWD=/
示例二:直接使用configmap
[kubeadm@server1 cm]$ vim cm1.yml [kubeadm@server1 cm]$ cat cm1.yml apiVersion: v1 kind: ConfigMap metadata: name: cm1-config data: db_host: "172.25.0.250" db_port: "3306" --- apiVersion: v1 kind: Pod metadata: name: pod1 spec: containers: - name: pod1 image: busybox command: ["/bin/sh", "-c", "env"] envFrom: - configMapRef: name: cm1-config restartPolicy: Never [kubeadm@server1 cm]$ kubectl delete pod pod1 pod "pod1" deleted [kubeadm@server1 cm]$ kubectl apply -f cm1.yml configmap/cm1-config unchanged pod/pod1 created [kubeadm@server1 cm]$ kubectl logs pod1 KUBERNETES_PORT=tcp://10.96.0.1:443 KUBERNETES_SERVICE_PORT=443 HOSTNAME=pod1 SHLVL=1 db_port=3306 HOME=/root KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin KUBERNETES_PORT_443_TCP_PORT=443 KUBERNETES_PORT_443_TCP_PROTO=tcp KUBERNETES_SERVICE_PORT_HTTPS=443 KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443 KUBERNETES_SERVICE_HOST=10.96.0.1 PWD=/ db_host=172.25.0.250
示例一
[kubeadm@server1 cm]$ kubectl delete pod pod1 pod "pod1" deleted [kubeadm@server1 cm]$ vim cm1.yml [kubeadm@server1 cm]$ cat cm1.yml apiVersion: v1 kind: ConfigMap metadata: name: cm1-config data: db_host: "172.25.0.250" db_port: "3306" --- apiVersion: v1 kind: Pod metadata: name: pod1 spec: containers: - name: pod1 image: busybox command: ["/bin/sh", "-c", "cat /config/*"] volumeMounts: - name: config-volume mountPath: /config volumes: - name: config-volume configMap: name: cm1-config restartPolicy: Never [kubeadm@server1 cm]$ kubectl apply -f cm1.yml configmap/cm1-config unchanged pod/pod1 created [kubeadm@server1 cm]$ kubectl logs pod1 172.25.0.2503306
示例二
[kubeadm@server1 cm]$ kubectl delete pod pod1 pod "pod1" deleted [kubeadm@server1 cm]$ vim cm1.yml [kubeadm@server1 cm]$ cat cm1.yml apiVersion: v1 kind: ConfigMap metadata: name: cm1-config data: db_host: "172.25.0.250" db_port: "3306" --- apiVersion: v1 kind: Pod metadata: name: pod1 spec: containers: - name: pod1 image: nginx volumeMounts: - name: config-volume mountPath: /config volumes: - name: config-volume configMap: name: cm1-config [kubeadm@server1 cm]$ kubectl apply -f cm1.yml configmap/cm1-config unchanged pod/pod1 created [kubeadm@server1 cm]$ kubectl exec -it pod1 -- bash root@pod1:/# cd /config/ root@pod1:/config# ls db_host db_port root@pod1:/config# cat db_host 172.25.0.250root@pod1:/config# cat db_port 3306root@pod1:/config# exit[kubeadm@server1 cm]$ kubectl describe cm cm1-config Name: cm1-config Namespace: default Labels: <none> Annotations: Data ==== db_host: ---- 172.25.0.250 db_port: ---- 3306 Events: <none> [kubeadm@server1 cm]$ kubectl edit cm cm1-config configmap/cm1-config edited [kubeadm@server1 cm]$ kubectl describe cm cm1-config Name: cm1-config Namespace: default Labels: <none> Annotations: Data ==== db_host: ---- 172.25.0.254 db_port: ---- 3306 Events: <none>
Pod数据并不会实时更新,需要等待几秒
修改端口号
[kubeadm@server1 cm]$ kubectl edit cm nginx-config configmap/nginx-config edited [kubeadm@server1 cm]$ kubectl exec my-nginx-7db4c4f989-pl6c8 -- cat /etc/nginx/conf.d/server.conf server { listen 8080; server_name _; location / { root /usr/share/nginx/html; index index.html index.htm; } } [kubeadm@server1 cm]$ kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES my-nginx-7db4c4f989-pl6c8 1/1 Running 0 6m2s 10.244.1.70 server2 <none> <none> [kubeadm@server1 cm]$ curl 10.244.1.70:8000 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title>可以看出configmap热更新以生效,但访问Pod的8080端口是无效的 手动触发pod滚动更新 kubectl patch deployments.apps my-nginx --patch '{"spec": {"template": {"metadata": {"annotations": {"version/config": "20200219"}}}}}'
