这篇文章主要介绍了kubernetes Volume存储卷configMap怎么使用的相关知识,内容详细易懂,操作简单快捷,具有一定借鉴价值,相信大家阅读完这篇kubernetes Volume存储卷configMap怎么使用文章都会有所收获,下面我们一起来看看吧。
前言
核心资源类型存储卷,PV、PVC、SC、CSI(Longhorn)
特殊类型的插件:ConfigMap、Secret、downwardAPI
如何为容器化应用提供配置信息:
启动容器时,直接向应用程序传递参数,args: []
将定义好的配置文件焙进镜像之中;
通过环境变量向容器传递配置数据:有个前提要求,应用得支持从环境变量加载配置信息;
制作镜像时,使用entrypoint脚本来预处理变量,常见的做法就是使用非交互式编辑工具,将环境变量的值替换到应用的配置文件中;基于存储卷向容器传递配置文件;
运行中的改变,需要由应用程序重载;
ConfigMap简介
ConfigMap API资源用来保存key-value pair配置数据,这个数据可以在pods里使用,或者被用来为像controller一样的系统组件存储配置数据。虽然ConfigMap跟Secrets类似,但是ConfigMap更方便的处理不含敏感信息的字符串。 注意:ConfigMaps不是属性配置文件的替代品。ConfigMaps只是作为多个properties文件的引用。你可以把它理解为Linux系统中的/etc目录,专门用来存储配置文件的目录。
ConfigMap 通过env环境变量引用
通过环境变量的配置容器化应用时,需要在容器配置段中嵌套使用env字段,它的值是一个由环境变量构建的列表。每个环项变量通常由name和value(或valueFron)字段构成
name <string>:环境变量的名称,必选字段;
value <string>:环境变量的值,通过 $(VAR_NAME)引用,逃逸格式为“$$(VAR_NAME)" 默认值为空;
valueFrom <object> ∶环境变量值的引用源,例如当前Pod资源的名称、名称空间、标签等,不能与非空值的value字段同时使用,即环境变量的值要么源于value字段,要么源于valuFron字段,二者不可同时提供数据。
valueFron: 字段可引用的值有多种来源,包括当前Pod资源的属性值,容器相关的系统资源配置、ConfigMap对象中的key以及Secret对象中的Key,它们分别要使用不同的嵌套字段进行定义。
fieldRef <bject>:当前Pod资源的指定字段,目前支持使用的字段包括metadata.mime、metadata.namespce、 metadata.labels、metadeta.annotations、spesc.nodeName、spec.serviceAccountName、status.hostIP和status.podIP等;
configMapKeyRef <Object>: ConfigMap对象中的特定Key;
secretKeyRef<object>: Secret对象中的特定Key;
resourceFieldRef <object>: 当前容器的特定系统资源的最小值(配额)或最大值《限额),目前支持的引用包括 limits.cpu. limits.memory、limits.ephemeral-storage. requests.cpu、reuests.memory和requests.ephemeral-storage
[root@k8s-master ~]# kubectl create configmap --help #查看示例...Examples: # Create a new configmap named my-config based on folder bar kubectl create configmap my-config --from-file=path/to/bar # Create a new configmap named my-config with specified keys instead of file basenames on disk kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt # Create a new configmap named my-config with key1=config1 and key2=config2 kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2 # Create a new configmap named my-config from the key=value pairs in the file kubectl create configmap my-config --from-file=path/to/bar # Create a new configmap named my-config from an env file kubectl create configmap my-config --from-env-file=path/to/bar.envOptions: --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in...示例1:comfigMap创建
[root@k8s-master nginx-conf.d]# cat myserver.conf server { listen 8080; server_name www.ik8s.io; include /etc/nginx/conf.d/myserver-*.cfg; location / { root /usr/share/nginx/html; }}[root@k8s-master nginx-conf.d]# cat myserver-gzip.cfg gzip on;gzip_comp_level 5;gzip_proxied expired no-cache no-store private auth;gzip_types text/plain text/css application/xml text/javascript;[root@k8s-master nginx-conf.d]# cat myserver-status.cfg location /nginx-status {stub_status on;access_log off;}[root@k8s-master nginx-conf.d]# ls #一共3个配置文件 myserver.conf myserver-gzip.cfg myserver-status.cfg[root@k8s-master ~]# kubectl create configmap demoapp-config --from-literal=host=0.0.0.0 --from-literal=port=8080 #创建host=0.0.0.0、literal=port=8080为两个valconfigmap/demoapp-config created[root@k8s-master ~]# kubectl get cmNAME DATA AGEdemoapp-config 2 5s #可以看到DATA为2 2个数据项my-grafana 1 34dmy-grafana-test 1 34d[root@k8s-master ~]# kubectl describe cm demoapp-configName: demoapp-configNamespace: defaultLabels: <none>Annotations: <none>Data====port: #数据项1 Port:8080----8080host: #数据项2 host: 0.0.0.----0.0.0.0Events: <none>[root@k8s-master ~]# kubectl get cm demoapp-config -o yamlapiVersion: v1data: host: 0.0.0.0 port: "8080"kind: ConfigMapmetadata: creationTimestamp: "2021-08-05T09:16:15Z" managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: .: {} f:host: {} f:port: {} manager: kubectl-create operation: Update time: "2021-08-05T09:16:15Z" name: demoapp-config namespace: default resourceVersion: "6906130" selfLink: /api/v1/namespaces/default/configmaps/demoapp-config uid: 625c38a9-02bc-43c7-b351-b2ce7387cab7[root@k8s-master nginx-conf.d]# kubectl create configmap nginx-config --from-file=./myserver.conf --from-file=status.cfg=./myserver-status.cfg #创建2个数据项指定文件,默认以文件名为键名 第2个文件指定status.cfg为键名configmap/nginx-config created[root@k8s-master nginx-conf.d]# kubectl get cm NAME DATA AGEdemoapp-config 2 18mmy-grafana 1 34dmy-grafana-test 1 34dnginx-config 2 17s[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config -o yamlapiVersion: v1data: myserver.conf: | # |为多行键值分隔符 为了保存多行数据使用了|和缩进 server { listen 8080; server_name www.ik8s.io; include /etc/nginx/conf.d/myserver-*.cfg; location / { root /usr/share/nginx/html; } } status.cfg: | location /nginx-status { stub_status on; access_log off; }kind: ConfigMapmetadata: creationTimestamp: "2021-08-06T06:35:41Z" managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: .: {} f:myserver.conf: {} f:status.cfg: {} manager: kubectl-create operation: Update time: "2021-08-06T06:35:41Z" name: nginx-config namespace: default resourceVersion: "7159858" selfLink: /api/v1/namespaces/default/configmaps/nginx-config uid: 8dbd637a-fb23-447a-8bb5-9e722d7e871d[root@k8s-master nginx-conf.d]# lsmyserver.conf myserver-gzip.cfg myserver-status.cfg[root@k8s-master configmap]# kubectl create configmap nginx-config-files --from-file=./nginx-conf.d/configmap/nginx-config-file created[root@k8s-master configmap]# kubectl get cmNAME DATA AGEdemoapp-config 2 21hmy-grafana 1 35dmy-grafana-test 1 35dnginx-config 2 18mnginx-config-files 3 3s #3个数据项[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config-files -o yamlapiVersion: v1data: myserver-gzip.cfg: | gzip on; gzip_comp_level 5; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css application/xml text/javascript; myserver-status.cfg: | location /nginx-status { stub_status on; access_log off; } myserver.conf: | server { listen 8080; server_name www.ik8s.io; include /etc/nginx/conf.d/myserver-*.cfg; location / { root /usr/share/nginx/html; } }kind: ConfigMapmetadata: creationTimestamp: "2021-08-06T08:02:34Z" managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: .: {} f:myserver-gzip.cfg: {} f:myserver-status.cfg: {} f:myserver.conf: {} manager: kubectl-create operation: Update time: "2021-08-06T08:02:34Z" name: nginx-config-files namespace: default resourceVersion: "7177123" selfLink: /api/v1/namespaces/default/configmaps/nginx-config-files uid: 2fd21dc3-5e61-4413-bcd5-35337b1ce286示例2: configMap引用
[root@k8s-master configmap]# cat configmaps-env-demo.yaml apiVersion: v1kind: ConfigMapmetadata: name: demoapp-config namespace: defaultdata: demoapp.port: "8080" demoapp.host: 0.0.0.0---apiVersion: v1kind: Podmetadata: name: configmaps-env-demo namespace: defaultspec: containers: - image: ikubernetes/demoapp:v1.0 name: demoapp env: - name: PORT valueFrom: configMapKeyRef: #引用configMap 键值 name: demoapp-config key: demoapp.port optional: false #是否为可有可无项 false 为必选项 - name: HOST valueFrom: configMapKeyRef: name: demoapp-config key: demoapp.host optional: true #是否可有可无 ture 非必选项[root@k8s-master configmap]# kubectl apply -f configmaps-env-demo.yaml[root@k8s-master configmap]# kubectl get podNAME READY STATUS RESTARTS AGEcentos-deployment-66d8cd5f8b-95brg 1/1 Running 0 46hconfigmaps-env-demo 1/1 Running 0 118smy-grafana-7d788c5479-bpztz 1/1 Running 1 46hvolumes-pvc-longhorn-demo 1/1 Running 0 27h[root@k8s-master comfigmap]# kubectl exec configmaps-env-demo -- netstat -tnl #查看配置是否生效Active Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN [root@k8s-master configmap]# cat configmaps-volume-demo.yaml apiVersion: v1kind: Podmetadata: name: configmaps-volume-demo namespace: defaultspec: containers: - image: nginx:alpine name: nginx-server volumeMounts: - name: ngxconfs mountPath: /etc/nginx/conf.d/ readOnly: true volumes : - name: ngxconfs configMap: name: nginx-config-files #引用前面定义的configmap optional: false[root@k8s-master configmap]# kubectl get podNAME READY STATUS RESTARTS AGEcentos-deployment-66d8cd5f8b-95brg 1/1 Running 0 46hconfigmaps-env-demo 1/1 Running 0 35mconfigmaps-volume-demo 1/1 Running 0 6m8smy-grafana-7d788c5479-bpztz 1/1 Running 1 46hvolumes-pvc-longhorn-demo 1/1 Running 0 28h[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh/ # nginx -T......# configuration file /etc/nginx/conf.d/myserver.conf: #看容器配置文件是否加载configmap配置server { listen 8080; server_name www.ik8s.io; include /etc/nginx/conf.d/myserver-*.cfg; location / { root /usr/share/nginx/html; }}# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:gzip on;gzip_comp_level 5;gzip_proxied expired no-cache no-store private auth;gzip_types text/plain text/css application/xml text/javascript;# configuration file /etc/nginx/conf.d/myserver-status.cfg:location /nginx-status {stub_status on;access_log off;}[root@k8s-master configmap]# kubectl get pods configmaps-volume-demo -o go-template={{.status.podIP}}10.244.1.177[root@k8s-master configmap]# curl 10.244.1.177:8080 #默认页面...<h2>Welcome to nginx!</h2>[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status #自定义页面Active connections: 1 server accepts handled requests 2 2 2 Reading: 0 Writing: 1 Waiting: 0挂载configMap一部分资源时有两种方法
挂载卷时通过items:参数 指定允许输出到卷的键
在容器挂载卷时,指定挂载哪些卷
示例3 configMap items:指定输出key
挂载卷时通过items:参数 指定允许输出到卷的键
[root@k8s-master configmap]# ls demoapp-conf.d/ #3个配置文件envoy.yaml lds.conf myserver.conf[root@k8s-master configmap]# cat demoapp-conf.d/envoy.yaml node: id: sidecar-proxy cluster: demoapp-clusteradmin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 0.0.0.0, port_value: 9901 }dynamic_resources: lds_config: path: '/etc/envoy/lds.conf'static_resources: clusters: - name: local_service connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080[root@k8s-master configmap]# cat demoapp-conf.d/lds.conf { "version_info": "0", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener_0", "address": { "socket_address": { "address": "0.0.0.0", "port_value": 80 } }, "filter_chains": [ { "filters": [ { "name": "envoy.http_connection_manager", "config": { "stat_prefix": "ingress_http", "codec_type": "AUTO", "route_config": { "name": "local_route", "virtual_hosts": [ { "name": "local_service", "domains": [ "*" ], "routes": [ { "match": { "prefix": "/" }, "route": { "cluster": "local_service" } } ] } ] }, "http_filters": [ { "name": "envoy.router" } ] } } ] } ] } ]}[root@k8s-master configmap]# cat configmaps-volume-demo2.yaml apiVersion: v1kind: Podmetadata: name: configmaps-volume-demo2 namespace: defaultspec: containers: - name: proxy image: envoyproxy/envoy-alpine:v1.14.1 command: ['/bin/sh','-c','envoy -c /etc/envoy/..data/envoy.yaml'] volumeMounts: - name: appconfs #通过挂载卷引用comfigmap mountPath: /etc/envoy readOnly: true - name: demo image: ikubernetes/demoapp:v1.0 imagePullPolicy: IfNotPresent env: #通过环境变量引用 但这里引用的comfigmap文件中并没有定义 - name: PORT valueFrom: configMapKeyRef: name: demoapp-confs key: demoapp.port optional: false - name: HOST valueFrom: configMapKeyRef: name: demoapp-confs key: demoapp.host optional: true volumes: - name: appconfs configMap: name: demoapp-confs #这里只引用的2个文件 items: #默认只允许哪些键 输出给存储卷 - key: envoy.yaml #挂载的键名 path: envoy.yaml #挂载的文件名 可以和上面不一样 mode: 0644 #挂载后的权限 - key: lds.conf path: lds.conf mode: 0644 optional: false[root@k8s-master configmap]# kubectl create cm demoapp-confs --from-literal=demoapp.host=127.0.0.1 --from-literal=demoapp.port="8080" --from-file=./demoapp-conf.d/ #创建时定义demoapp.host、demoapp.port[root@k8s-master ~]# kubectl describe cm demoapp-confsName: demoapp-confsNamespace: defaultLabels: <none>Annotations: <none>Data====demoapp.host:----127.0.0.1demoapp.port:----8080envoy.yaml:----node: id: sidecar-proxy cluster: demoapp-clusteradmin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 0.0.0.0, port_value: 9901 }dynamic_resources: lds_config: path: '/etc/envoy/lds.conf'static_resources: clusters: - name: local_service connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: local_service endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 8080lds.conf:----{ "version_info": "0", "resources": [ { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener_0", "address": { "socket_address": { "address": "0.0.0.0", "port_value": 80 } }, "filter_chains": [ { "filters": [ { "name": "envoy.http_connection_manager", "config": { "stat_prefix": "ingress_http", "codec_type": "AUTO", "route_config": { "name": "local_route", "virtual_hosts": [ { "name": "local_service", "domains": [ "*" ], "routes": [ { "match": { "prefix": "/" }, "route": { "cluster": "local_service" } } ] } ] }, "http_filters": [ { "name": "envoy.router" } ] } } ] } ] } ]}Events: <none>[root@k8s-master configmap]# kubectl apply -f configmaps-volume-demo2.yaml pod/configmaps-volume-demo2 created[root@k8s-master ~]# kubectl get pod -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESconfigmaps-volume-demo 1/1 Running 0 6h57m 10.244.1.177 k8s-node1 <none> <none>configmaps-volume-demo2 2/2 Running 0 35m 10.244.1.182 k8s-node1 <none> <none>my-grafana-7d788c5479-bpztz 1/1 Running 1 2d5h 10.244.2.120 k8s-node2 <none> <none>volumes-pvc-longhorn-demo 1/1 Running 0 35h 10.244.2.124 k8s-node2 <none> <none>[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c demo -- netstat -tnlpActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN -tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 1/python3tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- netstat -tnlpActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN 1/envoytcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1/envoy[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- ls /etc/envoyenvoy.yamllds.conf示例4: configMap subPath挂载指定键
在容器挂载卷时,指定挂载哪些键
[root@k8s-master configmap]# cat configmaps-volume-demo3.yaml apiVersion: v1kind: Podmetadata: name: configmap-volume-demo3 namespace: defaultspec: containers: - image: nginx:alpine name: nginx-server volumeMounts: - name: ngxconfs mountPath: /etc/nginx/conf.d/myserver.conf #本机挂载目录 subPath: myserver.conf #挂载configMap中的子项 目录或某个值 readOnly: true - name: ngxconfs mountPath: /etc/nginx/conf.d/myserver-gzip.cfg subPath: myserver-gzip.cfg readOnly: true volumes: - name: ngxconfs configMap: name: nginx-config-files #之前示例中已经创建 包含3个DATA数据项[root@k8s-master configmap]# kubectl apply -f configmaps-volume-demo3.yaml pod/configmap-volume-demo3 created[root@k8s-master configmap]# kubectl exec configmap-volume-demo3 -it -- /bin/sh #只引用了其中2项数据/ # ls /etc/nginx/conf.d/default.conf myserver-gzip.cfg myserver.confconfigMap 文件的引用、重载
[root@k8s-master configmap]# kubectl get pod -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATEScentos-deployment-66d8cd5f8b-95brg 1/1 Running 0 2d18h 10.244.2.117 k8s-node2 <none> <none>configmap-volume-demo3 1/1 Running 0 11m 10.244.1.186 k8s-node1 <none> <none>configmaps-env-demo 1/1 Running 0 20h 10.244.1.173 k8s-node1 <none> <none>configmaps-volume-demo 1/1 Running 0 19h 10.244.1.177 k8s-node1 <none> <none>configmaps-volume-demo2 2/2 Running 0 13h 10.244.1.182 k8s-node1 <none> <none>my-grafana-7d788c5479-bpztz 1/1 Running 1 2d18h 10.244.2.120 k8s-node2 <none> <none>volumes-pvc-longhorn-demo 1/1 Running 0 2d 10.244.2.124 k8s-node2 <none> <none>[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-statusActive connections: 1 server accepts handled requests 4 4 4 Reading: 0 Writing: 1 Waiting: 0 [root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh/ # cd /etc/nginx/conf.d//etc/nginx/conf.d # ls -lA #引用的comfigMap实际指向是一个隐藏时间戳文件total 0drwxr-xr-x 2 root root 79 Aug 6 08:02 ..2021_08_06_08_02_41.172956995lrwxrwxrwx 1 root root 31 Aug 6 08:02 ..data -> ..2021_08_06_08_02_41.172956995lrwxrwxrwx 1 root root 24 Aug 6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfglrwxrwxrwx 1 root root 26 Aug 6 08:02 myserver-status.cfg -> ..data/myserver-status.cfglrwxrwxrwx 1 root root 20 Aug 6 08:02 myserver.conf -> ..data/myserver.conf/etc/nginx/conf.d # cd ..data/ #里面才是真实的配置文件 /etc/nginx/conf.d/..2021_08_06_08_02_41.172956995 # lsmyserver-gzip.cfg myserver-status.cfg myserver.conf/etc/nginx/conf.d # exit[root@k8s-master configmap]# kubectl get cmNAME DATA AGEdemoapp-config 4 42hdemoapp-confs 4 13hnginx-config 2 21hnginx-config-files 3 19h[root@k8s-master configmap]# kubectl edit cm nginx-config-files #修改对应的configMapapiVersion: v1data: myserver-gzip.cfg: | gzip on; gzip_comp_level 5; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css application/xml text/javascript; myserver-status.cfg: | location /nginx-status { stub_status on; access_log off; allow 127.0.0.0/8; #随便添加2行配置 deny all; }...configmap/nginx-config-files edited[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh/ # cd /etc/nginx/conf.d/....2021_08_06_08_02_41.172956995/ ..data// # cd /etc/nginx/conf.d//etc/nginx/conf.d # ls -lAtotal 0drwxr-xr-x 2 root root 79 Aug 7 03:58 ..2021_08_07_03_58_59.548609753lrwxrwxrwx 1 root root 31 Aug 7 03:58 ..data -> ..2021_08_07_03_58_59.548609753 #链接的时间戳文件已经发生改变 重载的时间会在短时间内随机生成 并不是所有Pod同一时间重载lrwxrwxrwx 1 root root 24 Aug 6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfglrwxrwxrwx 1 root root 26 Aug 6 08:02 myserver-status.cfg -> ..data/myserver-status.cfglrwxrwxrwx 1 root root 20 Aug 6 08:02 myserver.conf -> ..data/myserver.conf/ # nginx -T #应用是否支持热加载和自动重载需要看具体的应用,一般云原生应用都会支持热加载当检测到配置有更新之后会自动重载,一般非原生应用可能需要重启Pod# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:gzip on;gzip_comp_level 5;gzip_proxied expired no-cache no-store private auth;gzip_types text/plain text/css application/xml text/javascript;# configuration file /etc/nginx/conf.d/myserver-status.cfg:location /nginx-status {stub_status on;access_log off;allow 127.0.0.0/8;deny all;}/etc/nginx/conf.d # exit关于“kubernetes Volume存储卷configMap怎么使用”这篇文章的内容就介绍到这里,感谢各位的阅读!相信大家对“kubernetes Volume存储卷configMap怎么使用”知识都有一定的了解,大家如果还想学习更多知识,欢迎关注编程网行业资讯频道。
