1 概述
存储不加密数据到etcd,让pod以变量或者Volune过载到容器中。
2 场景1: 配置文件
2.1 新建redis配置文件
redis.host=127.0.0.1
redis.port=6379
redis.password=123456
2.2 创建configmap
// 1 创建名为redis-config的configmap
kubectl create configmap redis-config --from-file=[文件路径]
// 2 查询configmap
kubectl get configmap/cm
// 3 查看详细信息
kubectl describe configmap/cm redis-config
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
username: test(需base64加密 echo test | base64)
password: test(需base64加密)
2.3 挂载
2.3.1 以volume形式挂载到pod容器中
2.3.1.1 配置文件configmapvolume.yaml
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: busybox
image: busybox
command: ["/bash/sh", "-c", "cat /ect/config/redis.properties"]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
configMap:
name: redis-config
restartPolicy: Never
2.3.1.2 运行
// 1 部署
kubectl apply configmapvolume.yaml
// 2 查看mypod日志
kubectl logs mypod
2.3.2 以变量形式挂载到pod容器中
2.3.2.1 配置文件myconfig.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfig
namespece: default
data:
special.level: info
special.type: hello
2.3.2.2 pod文件configmap.yaml
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: busybox
image: busybox
command: ["/bash/sh", "-c", "echo ${LEVEL} ${TYPE}"]
env:
- name: LEVEL
valueFrom:
secretKeyRef:
name: myconfig
key: special.level
- name: TYPE
valueFrom:
secretKeyRef:
name: myconfig
key: special.type
restartPolicy: Never
2.3.2.3 运行
// 1 创建configmap
kubectl apply -f myconfig.yaml
// 2 查看configmap
kubectl get cm
// 3 创建pod
kubectl apply -f configmap.yaml
// 4 查看日志
kubectl logs mypod