目錄
ConfigMap簡(jiǎn)介
示例1:comfigMap創(chuàng)建
示例2: configMap引用
示例3 configMap items:指定輸出key
示例4: configMap subPath掛載指定鍵
configMap 文件的引用枣抱、重載
前言
核心資源類型存儲(chǔ)卷,PV辆床、PVC佳晶、SC、CSI(Longhorn)
特殊類型的插件:ConfigMap讼载、Secret轿秧、downwardAPI
如何為容器化應(yīng)用提供配置信息:
- 啟動(dòng)容器時(shí),直接向應(yīng)用程序傳遞參數(shù),args: []
- 將定義好的配置文件焙進(jìn)鏡像之中;
- 通過(guò)環(huán)境變量向容器傳遞配置數(shù)據(jù):有個(gè)前提要求,應(yīng)用得支持從環(huán)境變量加載配置信息;
制作鏡像時(shí)咨堤,使用entrypoint腳本來(lái)預(yù)處理變量菇篡,常見(jiàn)的做法就是使用非交互式編輯工具,將環(huán)境變量的值替換到應(yīng)用的配置文件中; - 基于存儲(chǔ)卷向容器傳遞配置文件;
運(yùn)行中的改變,需要由應(yīng)用程序重載;
ConfigMap簡(jiǎn)介
ConfigMap API資源用來(lái)保存key-value pair配置數(shù)據(jù)一喘,這個(gè)數(shù)據(jù)可以在pods里使用驱还,或者被用來(lái)為像controller一樣的系統(tǒng)組件存儲(chǔ)配置數(shù)據(jù)。雖然ConfigMap跟Secrets類似凸克,但是ConfigMap更方便的處理不含敏感信息的字符串铝侵。 注意:ConfigMaps不是屬性配置文件的替代品。ConfigMaps只是作為多個(gè)properties文件的引用触徐。你可以把它理解為L(zhǎng)inux系統(tǒng)中的/etc目錄咪鲜,專門(mén)用來(lái)存儲(chǔ)配置文件的目錄。
ConfigMap 通過(guò)env環(huán)境變量引用
通過(guò)環(huán)境變量的配置容器化應(yīng)用時(shí)撞鹉,需要在容器配置段中嵌套使用env字段疟丙,它的值是一個(gè)由環(huán)境變量構(gòu)建的列表。每個(gè)環(huán)項(xiàng)變量通常由name和value(或valueFron)字段構(gòu)成
- name <string>:環(huán)境變量的名稱,必選字段;
- value <string>:環(huán)境變量的值鸟雏,通過(guò) $(VAR_NAME)引用笨枯,逃逸格式為“$$(VAR_NAME)" 默認(rèn)值為空;
- valueFrom <object> ∶環(huán)境變量值的引用源,例如當(dāng)前Pod資源的名稱摊崭、名稱空間垮衷、標(biāo)簽等,不能與非空值的value字段同時(shí)使用,即環(huán)境變量的值要么源于value字段苔咪,要么源于valuFron字段锰悼,二者不可同時(shí)提供數(shù)據(jù)。
- valueFron: 字段可引用的值有多種來(lái)源团赏,包括當(dāng)前Pod資源的屬性值箕般,容器相關(guān)的系統(tǒng)資源配置、ConfigMap對(duì)象中的key以及Secret對(duì)象中的Key舔清,它們分別要使用不同的嵌套字段進(jìn)行定義丝里。
- fieldRef <bject>:當(dāng)前Pod資源的指定字段,目前支持使用的字段包括metadata.mime体谒、metadata.namespce杯聚、 metadata.labels、metadeta.annotations抒痒、spesc.nodeName械媒、spec.serviceAccountName、status.hostIP和status.podIP等;
- configMapKeyRef <Object>: ConfigMap對(duì)象中的特定Key;
- secretKeyRef<object>: Secret對(duì)象中的特定Key;
- resourceFieldRef <object>: 當(dāng)前容器的特定系統(tǒng)資源的最小值(配額)或最大值《限額)评汰,目前支持的引用包括 limits.cpu. limits.memory纷捞、limits.ephemeral-storage. requests.cpu、reuests.memory和requests.ephemeral-storage
[root@k8s-master ~]# kubectl create configmap --help #查看示例
...
Examples:
# Create a new configmap named my-config based on folder bar
kubectl create configmap my-config --from-file=path/to/bar
# Create a new configmap named my-config with specified keys instead of file basenames on disk
kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
# Create a new configmap named my-config with key1=config1 and key2=config2
kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
# Create a new configmap named my-config from the key=value pairs in the file
kubectl create configmap my-config --from-file=path/to/bar
# Create a new configmap named my-config from an env file
kubectl create configmap my-config --from-env-file=path/to/bar.env
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
...
示例1:comfigMap創(chuàng)建
[root@k8s-master nginx-conf.d]# cat myserver.conf
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {
root /usr/share/nginx/html;
}
}
[root@k8s-master nginx-conf.d]# cat myserver-gzip.cfg
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
[root@k8s-master nginx-conf.d]# cat myserver-status.cfg
location /nginx-status {
stub_status on;
access_log off;
}
[root@k8s-master nginx-conf.d]# ls #一共3個(gè)配置文件
myserver.conf myserver-gzip.cfg myserver-status.cfg
[root@k8s-master ~]# kubectl create configmap demoapp-config --from-literal=host=0.0.0.0 --from-literal=port=8080 #創(chuàng)建host=0.0.0.0被去、literal=port=8080為兩個(gè)val
configmap/demoapp-config created
[root@k8s-master ~]# kubectl get cm
NAME DATA AGE
demoapp-config 2 5s #可以看到DATA為2 2個(gè)數(shù)據(jù)項(xiàng)
my-grafana 1 34d
my-grafana-test 1 34d
[root@k8s-master ~]# kubectl describe cm demoapp-config
Name: demoapp-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
port: #數(shù)據(jù)項(xiàng)1 Port:8080
----
8080
host: #數(shù)據(jù)項(xiàng)2 host: 0.0.0.
----
0.0.0.0
Events: <none>
[root@k8s-master ~]# kubectl get cm demoapp-config -o yaml
apiVersion: v1
data:
host: 0.0.0.0
port: "8080"
kind: ConfigMap
metadata:
creationTimestamp: "2021-08-05T09:16:15Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:host: {}
f:port: {}
manager: kubectl-create
operation: Update
time: "2021-08-05T09:16:15Z"
name: demoapp-config
namespace: default
resourceVersion: "6906130"
selfLink: /api/v1/namespaces/default/configmaps/demoapp-config
uid: 625c38a9-02bc-43c7-b351-b2ce7387cab7
[root@k8s-master nginx-conf.d]# kubectl create configmap nginx-config --from-file=./myserver.conf --from-file=status.cfg=./myserver-status.cfg #創(chuàng)建2個(gè)數(shù)據(jù)項(xiàng)指定文件,默認(rèn)以文件名為鍵名 第2個(gè)文件指定status.cfg為鍵名
configmap/nginx-config created
[root@k8s-master nginx-conf.d]# kubectl get cm
NAME DATA AGE
demoapp-config 2 18m
my-grafana 1 34d
my-grafana-test 1 34d
nginx-config 2 17s
[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config -o yaml
apiVersion: v1
data:
myserver.conf: | # |為多行鍵值分隔符 為了保存多行數(shù)據(jù)使用了|和縮進(jìn)
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {
root /usr/share/nginx/html;
}
}
status.cfg: |
location /nginx-status {
stub_status on;
access_log off;
}
kind: ConfigMap
metadata:
creationTimestamp: "2021-08-06T06:35:41Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:myserver.conf: {}
f:status.cfg: {}
manager: kubectl-create
operation: Update
time: "2021-08-06T06:35:41Z"
name: nginx-config
namespace: default
resourceVersion: "7159858"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config
uid: 8dbd637a-fb23-447a-8bb5-9e722d7e871d
[root@k8s-master nginx-conf.d]# ls
myserver.conf myserver-gzip.cfg myserver-status.cfg
[root@k8s-master configmap]# kubectl create configmap nginx-config-files --from-file=./nginx-conf.d/
configmap/nginx-config-file created
[root@k8s-master configmap]# kubectl get cm
NAME DATA AGE
demoapp-config 2 21h
my-grafana 1 35d
my-grafana-test 1 35d
nginx-config 2 18m
nginx-config-files 3 3s #3個(gè)數(shù)據(jù)項(xiàng)
[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config-files -o yaml
apiVersion: v1
data:
myserver-gzip.cfg: |
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
myserver-status.cfg: |
location /nginx-status {
stub_status on;
access_log off;
}
myserver.conf: |
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {
root /usr/share/nginx/html;
}
}
kind: ConfigMap
metadata:
creationTimestamp: "2021-08-06T08:02:34Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:myserver-gzip.cfg: {}
f:myserver-status.cfg: {}
f:myserver.conf: {}
manager: kubectl-create
operation: Update
time: "2021-08-06T08:02:34Z"
name: nginx-config-files
namespace: default
resourceVersion: "7177123"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config-files
uid: 2fd21dc3-5e61-4413-bcd5-35337b1ce286
示例2: configMap引用
[root@k8s-master configmap]# cat configmaps-env-demo.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: demoapp-config
namespace: default
data:
demoapp.port: "8080"
demoapp.host: 0.0.0.0
---
apiVersion: v1
kind: Pod
metadata:
name: configmaps-env-demo
namespace: default
spec:
containers:
- image: ikubernetes/demoapp:v1.0
name: demoapp
env:
- name: PORT
valueFrom:
configMapKeyRef: #引用configMap 鍵值
name: demoapp-config
key: demoapp.port
optional: false #是否為可有可無(wú)項(xiàng) false 為必選項(xiàng)
- name: HOST
valueFrom:
configMapKeyRef:
name: demoapp-config
key: demoapp.host
optional: true #是否可有可無(wú) ture 非必選項(xiàng)
[root@k8s-master configmap]# kubectl apply -f configmaps-env-demo.yaml
[root@k8s-master configmap]# kubectl get pod
NAME READY STATUS RESTARTS AGE
centos-deployment-66d8cd5f8b-95brg 1/1 Running 0 46h
configmaps-env-demo 1/1 Running 0 118s
my-grafana-7d788c5479-bpztz 1/1 Running 1 46h
volumes-pvc-longhorn-demo 1/1 Running 0 27h
[root@k8s-master comfigmap]# kubectl exec configmaps-env-demo -- netstat -tnl #查看配置是否生效
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
[root@k8s-master configmap]# cat configmaps-volume-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: configmaps-volume-demo
namespace: default
spec:
containers:
- image: nginx:alpine
name: nginx-server
volumeMounts:
- name: ngxconfs
mountPath: /etc/nginx/conf.d/
readOnly: true
volumes :
- name: ngxconfs
configMap:
name: nginx-config-files #引用前面定義的configmap
optional: false
[root@k8s-master configmap]# kubectl get pod
NAME READY STATUS RESTARTS AGE
centos-deployment-66d8cd5f8b-95brg 1/1 Running 0 46h
configmaps-env-demo 1/1 Running 0 35m
configmaps-volume-demo 1/1 Running 0 6m8s
my-grafana-7d788c5479-bpztz 1/1 Running 1 46h
volumes-pvc-longhorn-demo 1/1 Running 0 28h
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # nginx -T
......
# configuration file /etc/nginx/conf.d/myserver.conf: #看容器配置文件是否加載configmap配置
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {
root /usr/share/nginx/html;
}
}
# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
# configuration file /etc/nginx/conf.d/myserver-status.cfg:
location /nginx-status {
stub_status on;
access_log off;
}
[root@k8s-master configmap]# kubectl get pods configmaps-volume-demo -o go-template={{.status.podIP}}
10.244.1.177
[root@k8s-master configmap]# curl 10.244.1.177:8080 #默認(rèn)頁(yè)面
...
<h1>Welcome to nginx!</h1>
[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status #自定義頁(yè)面
Active connections: 1
server accepts handled requests
2 2 2
Reading: 0 Writing: 1 Waiting: 0
掛載configMap一部分資源時(shí)有兩種方法
1.掛載卷時(shí)通過(guò)items:參數(shù) 指定允許輸出到卷的鍵
2.在容器掛載卷時(shí)主儡,指定掛載哪些卷
示例3 configMap items:指定輸出key
1.掛載卷時(shí)通過(guò)items:參數(shù) 指定允許輸出到卷的鍵
[root@k8s-master configmap]# ls demoapp-conf.d/ #3個(gè)配置文件
envoy.yaml lds.conf myserver.conf
[root@k8s-master configmap]# cat demoapp-conf.d/envoy.yaml
node:
id: sidecar-proxy
cluster: demoapp-cluster
admin:
access_log_path: /tmp/admin_access.log
address:
socket_address: { address: 0.0.0.0, port_value: 9901 }
dynamic_resources:
lds_config:
path: '/etc/envoy/lds.conf'
static_resources:
clusters:
- name: local_service
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
[root@k8s-master configmap]# cat demoapp-conf.d/lds.conf
{
"version_info": "0",
"resources": [
{
"@type": "type.googleapis.com/envoy.api.v2.Listener",
"name": "listener_0",
"address": {
"socket_address": {
"address": "0.0.0.0",
"port_value": 80
}
},
"filter_chains": [
{
"filters": [
{
"name": "envoy.http_connection_manager",
"config": {
"stat_prefix": "ingress_http",
"codec_type": "AUTO",
"route_config": {
"name": "local_route",
"virtual_hosts": [
{
"name": "local_service",
"domains": [
"*"
],
"routes": [
{
"match": {
"prefix": "/"
},
"route": {
"cluster": "local_service"
}
}
]
}
]
},
"http_filters": [
{
"name": "envoy.router"
}
]
}
}
]
}
]
}
]
}
[root@k8s-master configmap]# cat configmaps-volume-demo2.yaml
apiVersion: v1
kind: Pod
metadata:
name: configmaps-volume-demo2
namespace: default
spec:
containers:
- name: proxy
image: envoyproxy/envoy-alpine:v1.14.1
command: ['/bin/sh','-c','envoy -c /etc/envoy/..data/envoy.yaml']
volumeMounts:
- name: appconfs #通過(guò)掛載卷引用comfigmap
mountPath: /etc/envoy
readOnly: true
- name: demo
image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
env: #通過(guò)環(huán)境變量引用 但這里引用的comfigmap文件中并沒(méi)有定義
- name: PORT
valueFrom:
configMapKeyRef:
name: demoapp-confs
key: demoapp.port
optional: false
- name: HOST
valueFrom:
configMapKeyRef:
name: demoapp-confs
key: demoapp.host
optional: true
volumes:
- name: appconfs
configMap:
name: demoapp-confs #這里只引用的2個(gè)文件
items: #默認(rèn)只允許哪些鍵 輸出給存儲(chǔ)卷
- key: envoy.yaml #掛載的鍵名
path: envoy.yaml #掛載的文件名 可以和上面不一樣
mode: 0644 #掛載后的權(quán)限
- key: lds.conf
path: lds.conf
mode: 0644
optional: false
[root@k8s-master configmap]# kubectl create cm demoapp-confs --from-literal=demoapp.host=127.0.0.1 --from-literal=demoapp.port="8080" --from-file=./demoapp-conf.d/ #創(chuàng)建時(shí)定義demoapp.host、demoapp.port
[root@k8s-master ~]# kubectl describe cm demoapp-confs
Name: demoapp-confs
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
demoapp.host:
----
127.0.0.1
demoapp.port:
----
8080
envoy.yaml:
----
node:
id: sidecar-proxy
cluster: demoapp-cluster
admin:
access_log_path: /tmp/admin_access.log
address:
socket_address: { address: 0.0.0.0, port_value: 9901 }
dynamic_resources:
lds_config:
path: '/etc/envoy/lds.conf'
static_resources:
clusters:
- name: local_service
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
lds.conf:
----
{
"version_info": "0",
"resources": [
{
"@type": "type.googleapis.com/envoy.api.v2.Listener",
"name": "listener_0",
"address": {
"socket_address": {
"address": "0.0.0.0",
"port_value": 80
}
},
"filter_chains": [
{
"filters": [
{
"name": "envoy.http_connection_manager",
"config": {
"stat_prefix": "ingress_http",
"codec_type": "AUTO",
"route_config": {
"name": "local_route",
"virtual_hosts": [
{
"name": "local_service",
"domains": [
"*"
],
"routes": [
{
"match": {
"prefix": "/"
},
"route": {
"cluster": "local_service"
}
}
]
}
]
},
"http_filters": [
{
"name": "envoy.router"
}
]
}
}
]
}
]
}
]
}
Events: <none>
[root@k8s-master configmap]# kubectl apply -f configmaps-volume-demo2.yaml
pod/configmaps-volume-demo2 created
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
configmaps-volume-demo 1/1 Running 0 6h47m 10.244.1.177 k8s-node1 <none> <none>
configmaps-volume-demo2 2/2 Running 0 35m 10.244.1.182 k8s-node1 <none> <none>
my-grafana-7d788c5479-bpztz 1/1 Running 1 2d5h 10.244.2.120 k8s-node2 <none> <none>
volumes-pvc-longhorn-demo 1/1 Running 0 35h 10.244.2.124 k8s-node2 <none> <none>
[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c demo -- netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 1/python3
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN 1/envoy
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1/envoy
[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- ls /etc/envoy
envoy.yaml
lds.conf
示例4: configMap subPath掛載指定鍵
2.在容器掛載卷時(shí)惨缆,指定掛載哪些鍵
[root@k8s-master configmap]# cat configmaps-volume-demo3.yaml
apiVersion: v1
kind: Pod
metadata:
name: configmap-volume-demo3
namespace: default
spec:
containers:
- image: nginx:alpine
name: nginx-server
volumeMounts:
- name: ngxconfs
mountPath: /etc/nginx/conf.d/myserver.conf #本機(jī)掛載目錄
subPath: myserver.conf #掛載configMap中的子項(xiàng) 目錄或某個(gè)值
readOnly: true
- name: ngxconfs
mountPath: /etc/nginx/conf.d/myserver-gzip.cfg
subPath: myserver-gzip.cfg
readOnly: true
volumes:
- name: ngxconfs
configMap:
name: nginx-config-files #之前示例中已經(jīng)創(chuàng)建 包含3個(gè)DATA數(shù)據(jù)項(xiàng)
[root@k8s-master configmap]# kubectl apply -f configmaps-volume-demo3.yaml
pod/configmap-volume-demo3 created
[root@k8s-master configmap]# kubectl exec configmap-volume-demo3 -it -- /bin/sh #只引用了其中2項(xiàng)數(shù)據(jù)
/ # ls /etc/nginx/conf.d/
default.conf myserver-gzip.cfg myserver.conf
configMap 文件的引用糜值、重載
[root@k8s-master configmap]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
centos-deployment-66d8cd5f8b-95brg 1/1 Running 0 2d18h 10.244.2.117 k8s-node2 <none> <none>
configmap-volume-demo3 1/1 Running 0 11m 10.244.1.186 k8s-node1 <none> <none>
configmaps-env-demo 1/1 Running 0 20h 10.244.1.173 k8s-node1 <none> <none>
configmaps-volume-demo 1/1 Running 0 19h 10.244.1.177 k8s-node1 <none> <none>
configmaps-volume-demo2 2/2 Running 0 13h 10.244.1.182 k8s-node1 <none> <none>
my-grafana-7d788c5479-bpztz 1/1 Running 1 2d18h 10.244.2.120 k8s-node2 <none> <none>
volumes-pvc-longhorn-demo 1/1 Running 0 2d 10.244.2.124 k8s-node2 <none> <none>
[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status
Active connections: 1
server accepts handled requests
4 4 4
Reading: 0 Writing: 1 Waiting: 0
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # cd /etc/nginx/conf.d/
/etc/nginx/conf.d # ls -lA #引用的comfigMap實(shí)際指向是一個(gè)隱藏時(shí)間戳文件
total 0
drwxr-xr-x 2 root root 79 Aug 6 08:02 ..2021_08_06_08_02_41.172956995
lrwxrwxrwx 1 root root 31 Aug 6 08:02 ..data -> ..2021_08_06_08_02_41.172956995
lrwxrwxrwx 1 root root 24 Aug 6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
lrwxrwxrwx 1 root root 26 Aug 6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
lrwxrwxrwx 1 root root 20 Aug 6 08:02 myserver.conf -> ..data/myserver.conf
/etc/nginx/conf.d # cd ..data/ #里面才是真實(shí)的配置文件
/etc/nginx/conf.d/..2021_08_06_08_02_41.172956995 # ls
myserver-gzip.cfg myserver-status.cfg myserver.conf
/etc/nginx/conf.d # exit
[root@k8s-master configmap]# kubectl get cm
NAME DATA AGE
demoapp-config 4 42h
demoapp-confs 4 13h
nginx-config 2 21h
nginx-config-files 3 19h
[root@k8s-master configmap]# kubectl edit cm nginx-config-files #修改對(duì)應(yīng)的configMap
apiVersion: v1
data:
myserver-gzip.cfg: |
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
myserver-status.cfg: |
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.0/8; #隨便添加2行配置
deny all;
}
...
configmap/nginx-config-files edited
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # cd /etc/nginx/conf.d/..
..2021_08_06_08_02_41.172956995/ ..data/
/ # cd /etc/nginx/conf.d/
/etc/nginx/conf.d # ls -lA
total 0
drwxr-xr-x 2 root root 79 Aug 7 03:58 ..2021_08_07_03_58_59.548609753
lrwxrwxrwx 1 root root 31 Aug 7 03:58 ..data -> ..2021_08_07_03_58_59.548609753 #鏈接的時(shí)間戳文件已經(jīng)發(fā)生改變 重載的時(shí)間會(huì)在短時(shí)間內(nèi)隨機(jī)生成 并不是所有Pod同一時(shí)間重載
lrwxrwxrwx 1 root root 24 Aug 6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
lrwxrwxrwx 1 root root 26 Aug 6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
lrwxrwxrwx 1 root root 20 Aug 6 08:02 myserver.conf -> ..data/myserver.conf
/ # nginx -T #應(yīng)用是否支持熱加載和自動(dòng)重載需要看具體的應(yīng)用,一般云原生應(yīng)用都會(huì)支持熱加載當(dāng)檢測(cè)到配置有更新之后會(huì)自動(dòng)重載坯墨,一般非原生應(yīng)用可能需要重啟Pod
# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
# configuration file /etc/nginx/conf.d/myserver-status.cfg:
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.0/8;
deny all;
}
/etc/nginx/conf.d # exit
