1 概述
存储不加密数据到etcd,让pod以变量或者Volune过载到容器中。
2 场景1: 配置文件
2.1 新建redis配置文件
redis.host=127.0.0.1redis.port=6379redis.password=123456
2.2 创建configmap
// 1 创建名为redis-config的configmapkubectl create configmap redis-config --from-file=[文件路径]// 2 查询configmapkubectl get configmap/cm// 3 查看详细信息kubectl describe configmap/cm redis-config
apiVersion: v1kind: Secretmetadata:name: mysecrettype: Opaquedata:username: test(需base64加密 echo test | base64)password: test(需base64加密)
2.3 挂载
2.3.1 以volume形式挂载到pod容器中
2.3.1.1 配置文件configmapvolume.yaml
apiVersion: v1kind: Podmetadata:name: mypodspec:containers:- name: busyboximage: busyboxcommand: ["/bash/sh", "-c", "cat /ect/config/redis.properties"]volumeMounts:- name: config-volumemountPath: /etc/configvolumes:- name: config-volumeconfigMap:name: redis-configrestartPolicy: Never
2.3.1.2 运行
// 1 部署kubectl apply configmapvolume.yaml// 2 查看mypod日志kubectl logs mypod
2.3.2 以变量形式挂载到pod容器中
2.3.2.1 配置文件myconfig.yaml
apiVersion: v1kind: ConfigMapmetadata:name: myconfignamespece: defaultdata:special.level: infospecial.type: hello
2.3.2.2 pod文件configmap.yaml
apiVersion: v1kind: Podmetadata:name: mypodspec:containers:- name: busyboximage: busyboxcommand: ["/bash/sh", "-c", "echo ${LEVEL} ${TYPE}"]env:- name: LEVELvalueFrom:secretKeyRef:name: myconfigkey: special.level- name: TYPEvalueFrom:secretKeyRef:name: myconfigkey: special.typerestartPolicy: Never
2.3.2.3 运行
// 1 创建configmapkubectl apply -f myconfig.yaml// 2 查看configmapkubectl get cm// 3 创建podkubectl apply -f configmap.yaml// 4 查看日志kubectl logs mypod
若有收获,就点个赞吧
0 人点赞
