作用理解
核心用途就是容器和配置的分離解耦贞让。
如啟用一個mysql容器没卸,mysql容器重要的文件有兩部分,一部分為存儲數(shù)據(jù)文件,一部分為配置文件my.cnf,存儲數(shù)據(jù)可以用持久存儲實現(xiàn)和容器的分離解耦卵惦,配置文件也能夠?qū)崿F(xiàn)和容器的分離解耦,也就是說mysql容器能夠直接讀取并使用預(yù)先配置好的配置文件(而不是使用容器中默認自帶的配置文件).這就是configMap的功能逊彭。
ConfigMap 用于保存配置數(shù)據(jù)的鍵值對,可以用來保存單個屬性匪燕,也可以用來保存配置文件蕾羊。ConfigMap 跟 secret 很類似喧笔,但它可以更方便地處理不包含敏感信息的字符串。
創(chuàng)建ConfigMap有兩種方式
通過yaml文件創(chuàng)建
通過kubectl create創(chuàng)建
示例
命令行創(chuàng)建
# 方式一:
[root@master-01 configmap]# kubectl create cm mysql-config --from-file=mysqld.cnf
configmap/mysql-config created
[root@master-01 configmap]# kubectl describe cm mysql-config
Name: mysql-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events: <none>
# 方式二:
[root@master-01 configmap]# kubectl create configmap env-config --from-literal=log_level=INFO
# 以key:value的形式創(chuàng)建
yaml文件創(chuàng)建
[root@master-01 configmap]# cat my-config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-config2
data:
mysqld.cnf: |
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
[root@master-01 configmap]# kubectl apply -f my-config.yaml
configmap/mysql-config2 created
[root@master-01 configmap]# kubectl describe cm mysql-config2
Name: mysql-config2
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events: <none>
ConfigMap 使用
ConfigMap 可以通過三種方式在 Pod 中使用
1.環(huán)境變量方式
2.volume掛載方式(一般都是用這個,支持熱更新)
3.設(shè)置容器命令行參數(shù)
用環(huán)境變量
[root@master-01 configmap]# kubectl create configmap env-config --from-literal=log_level=INFO
configmap/env-config created
[root@master-01 configmap]# kubectl create configmap special-config --from-literal=special.how=very --from-literal=special.type=charm
configmap/special-config created
編排
[root@master-01 configmap]# cat bu.yaml
apiVersion: v1
kind: Pod
metadata:
name: test-pod
spec:
containers:
- name: test-container
image: busybox
command: ["/bin/sh", "-c", "env"]
env:
- name: SPECIAL_LEVEL_KEY
valueFrom:
configMapKeyRef:
name: special-config
key: special.how
- name: SPECIAL_TYPE_KEY
valueFrom:
configMapKeyRef:
name: special-config
key: special.type
envFrom:
- configMapRef:
name: env-config
restartPolicy: Never
[root@master-01 configmap]# kubectl apply -f bu.yaml
pod/test-pod created
查看日志可以發(fā)現(xiàn),環(huán)境變量注入到了容器中了
[root@master-01 configmap]# kubectl logs test-pod
...
SPECIAL_TYPE_KEY=charm
SPECIAL_LEVEL_KEY=very
log_level=INFO
用作命令行參數(shù)
將 ConfigMap 用作命令行參數(shù)時龟再,需要先把 ConfigMap 的數(shù)據(jù)保存在環(huán)境變量中溃斋,然后通過 $(VAR_NAME) 的方式引用環(huán)境變量.
編排
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: busybox
command: ["/bin/sh", "-c", "echo $(SPECIAL_LEVEL_KEY) $(SPECIAL_TYPE_KEY)" ]
...
查看日志可以看到環(huán)境變量被輸出
[root@master-01 configmap]# kubectl logs dapi-test-pod
very charm
volume掛載方式(支持動態(tài)更新)
configmap 掛載文件時,會先覆蓋掉掛載目錄吸申,然后再將 congfigmap 中的內(nèi)容作為文件掛載進行梗劫。如果想不對原來的文件夾下的文件造成覆蓋,只是將 configmap 中的每個 key截碴,按照文件的方式掛載到目錄下梳侨,可以使用 subpath 參數(shù)。
實戰(zhàn)例子
編排
[root@master-01 configmap]# cat mysql-d.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfig
data:
v1: Abc1234!@#
---
apiVersion: v1
kind: Service
metadata:
name: mysql-t
spec:
ports:
- port: 3306
selector:
app: mysql-t
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mysql-t
spec:
selector:
matchLabels:
app: mysql-t
template:
metadata:
labels:
app: mysql-t
spec:
containers:
- image: mysql:5.7
name: mysql-t
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
configMapKeyRef:
name: my-config
key: v2
volumeMounts:
- name: mysql-t1
mountPath: /etc/mysql/mysql.conf.d
volumes:
- name: mysql-t1
configMap:
name: mysql-config2
[root@master-01 configmap]# kubectl apply -f mysql-d.yaml
configmap/myconfig created
service/mysql-t created
deployment.apps/mysql-t created
volumeMounts/mountPath: 容器里掛載的目錄日丹,這個目錄其實很重要,你要使用個容器的應(yīng)用,需熟悉這個應(yīng)用的配置文件存放目錄并且掛載到正確目錄.掛載目錄錯了容器應(yīng)用無法讀取到配置文件走哺。
volumes: 定義使用的卷
name: mysql-t1 注意volumes和volumeMounts的name是相對應(yīng)的.
進入mysql容器中測試,可以看到讀取的就是congfigmap,密碼已經(jīng)生效.
[root@master-01 configmap]# kubectl exec -ti mysql-t-7bb6cbbf77-xqfc2 bash
root@mysql-t-7bb6cbbf77-xqfc2:/# mysql -uroot -pAbc1234\!\@\#
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.25 MySQL Community Server (GPL)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
查看pod詳情
[root@master-01 configmap]# kubectl describe pod mysql-t-7bb6cbbf77-xqfc2
Name: mysql-t-7bb6cbbf77-xqfc2
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: 192.168.209.131/192.168.209.131
Start Time: Tue, 02 Apr 2019 10:29:05 +0800
Labels: app=mysql-t
pod-template-hash=7bb6cbbf77
Annotations: <none>
Status: Running
IP: 172.17.12.3
Controlled By: ReplicaSet/mysql-t-7bb6cbbf77
Containers:
mysql-t:
Container ID: docker://58d61cddb16b6cd14593d7e4d1bc12c6157e7d9c28ffa25c3d3e8a571867bb71
Image: mysql:5.7
Image ID: docker-pullable://mysql@sha256:dba5fed182e64064b688ccd22b2f9cad4ee88608c82f8cff21e17bab8da72b81
Port: 3306/TCP
Host Port: 0/TCP
State: Running
Started: Tue, 02 Apr 2019 10:29:06 +0800
Ready: True
Restart Count: 0
Environment:
MYSQL_ROOT_PASSWORD: <set to the key 'v1' of config map 'myconfig'> Optional: false
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-tb5bg (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
mysql-t1:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: mysql-config2
Optional: false
default-token-tb5bg:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-tb5bg
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m32s default-scheduler Successfully assigned default/mysql-t-7bb6cbbf77-xqfc2 to 192.168.209.131
Normal Pulled 3m31s kubelet, 192.168.209.131 Container image "mysql:5.7" already present on machine
Normal Created 3m31s kubelet, 192.168.209.131 Created container
Normal Started 3m31s kubelet, 192.168.209.131 Started container
configmap配置段為
Environment:
MYSQL_ROOT_PASSWORD: <set to the key 'v1' of config map 'myconfig'> Optional: false
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
熱更新測試
修改my-cnfig2哲虾,使用edit命令
在[mysqld]段添加如下配置
server-id=1
查看my-cnfig2信息
[root@master-01 configmap]# kubectl describe cm mysql-config2
...
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events: <none>
進mysql容器查看
[root@master-01 configmap]# kubectl edit cm mysql-config2
configmap/mysql-config2 edited
[root@master-01 configmap]# kubectl exec -ti mysql-t-7bb6cbbf77-xqfc2 bash
root@mysql-t-7bb6cbbf77-xqfc2:/# cat /etc/mysql/mysql.conf.d/mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
root@mysql-t-7bb6cbbf77-xqfc2:/#
可以看到配置已經(jīng)熱更新了丙躏。
往期文章一覽
1、Kubernetes集群搭建之系統(tǒng)初始化配置篇
2束凑、Kubernetes集群搭建之企業(yè)級環(huán)境中基于Harbor搭建自己的私有倉庫
4、Kubernetes集群搭建之CNI-Flanneld部署篇
6废恋、Kubernetes系列之Coredns and Dashboard介紹篇
7、Kubernetes系列之監(jiān)控Metres-server實戰(zhàn)篇
如果您覺得不錯扒寄,請別忘了轉(zhuǎn)發(fā)鱼鼓、分享、點贊讓更多的人去學(xué)習(xí)该编, 您的舉手之勞迄本,就是對小編最好的支持,非常感謝课竣!
image
