-
Kubernetes(k8s)的Volume数据存储配置储存类型ConfigMap和Secret的使用
1. ConfigMap
1.1 概述
主要作用是用来存储配置信息的
1.2 资源清单文件
apiVersion: v1 kind: ConfigMap metadata: name: configMap namespace: dev data: filename: key1: value1 key2: value2- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
1.3 创建ConfigMap
新建configmap.yaml文件,内容如下。然后创建ConfigMap
[root@k8s-master ~]# cat configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: configmap namespace: dev data: info: username:admin password:123 [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f configmap.yaml configmap/configmap created [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
1.4 创建Pod,查看Pod,进入Pod
新建pod.yaml文件,内容如下。然后运行pod
[root@k8s-master ~]# cat pod.yaml apiVersion: v1 kind: Pod metadata: name: pod namespace: dev spec: containers: - name: nginx image: nginx:latest ports: - name: nginx-port containerPort: 80 protocol: TCP volumeMounts: - mountPath: /configmap/config name: config volumes: - name: config configMap: name: configmap [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f pod.yaml pod/pod created [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
查看Pod
[root@k8s-master ~]# kubectl get pod -n dev -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod 1/1 Running 0 30s 10.244.169.185 k8s-node2[root@k8s-master ~]# - 1
- 2
- 3
- 4
进入Pod查看配置
[root@k8s-master ~]# kubectl exec -it pod -c nginx -n dev -- /bin/bash root@pod:/# root@pod:/# cat /configmap/config/info username:admin password:123root@pod:/# root@pod:/#- 1
- 2
- 3
- 4
- 5
可以使用命令
kubectl edit cm configmap -n dev更新ConfigMap中的内容,容器中的值也会动态更新2. Secret
2.1 概述
在kubernetes中,还存在一种和ConfigMap非常类似的对象,称为Secret对象,它主要用来存储敏感信息,例如密码、密钥、证书等
2.2 创建Secret
新建secret.yaml文件,内容如下。然后创建Secret
[root@k8s-master ~]# cat secret.yaml apiVersion: v1 kind: Secret metadata: name: secret namespace: dev type: Opaque # 用于用户定义的任意数据 stringData: username: admin password: password123 [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f secret.yaml secret/secret created [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
2.3 查看Secret详情
[root@k8s-master ~]# kubectl describe secret secret -n dev Name: secret Namespace: dev Labels:Annotations: Type: Opaque Data ==== password: 11 bytes username: 5 bytes [root@k8s-master ~]# - 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
2.4 创建Pod,查看Pod,进入Pod
新建pod.yaml文件,内容如下。然后运行pod
[root@k8s-master ~]# cat pod.yaml apiVersion: v1 kind: Pod metadata: name: pod namespace: dev spec: containers: - name: nginx image: nginx:latest ports: - name: nginx-port containerPort: 80 protocol: TCP volumeMounts: - mountPath: /secret/config name: config volumes: - name: config secret: secretName: secret [root@k8s-master ~]# [root@k8s-master ~]# kubectl apply -f pod.yaml pod/pod created [root@k8s-master ~]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
查看Pod
[root@k8s-master ~]# kubectl get pod -n dev -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod 0/1 ContainerCreating 0 8sk8s-node2 [root@k8s-master ~]# - 1
- 2
- 3
- 4
进入Pod查看配置
[root@k8s-master ~]# kubectl exec -it pod -c nginx -n dev -- /bin/bash root@pod:/# root@pod:/# ls /secret/config/ password username root@pod:/# root@pod:/# cat /secret/config/username adminroot@pod:/# root@pod:/# root@pod:/# cat /secret/config/password password123root@pod:/# root@pod:/#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
查看secret信息,发现已经自动解码了
-
相关阅读:
JavaScript基础 JavaScript第三天 1. for - 循环 && 2. 数组
hadoop配置文件workers
MFC中利用CDockablePane实现悬浮窗
一文理解Linux的基本指令(三分钟学会Linux基本指令)
理解ASP.NET Core - 授权(Authorization)
python-re模块
51单片机电子钟闹钟温度LCD1602液晶显示设计( proteus仿真+程序+原理图+设计报告+讲解视频)
设计模式-职责链模式
逻辑分析仪使用
从零开始探索C语言(九)----函数指针与回调函数
- 原文地址:https://blog.csdn.net/yy8623977/article/details/124932482
