PodPreset

发布于 2020-07-18 字数11836 浏览 888 评论 0
PodPreset 用来给指定标签的 Pod 注入额外的信息,如环境变量、存储卷等。这样,Pod 模板就不需要为每个 Pod 都显式设置重复的信息。

API 版本对照表

Kubernetes 版本 API 版本 默认开启
v1.6+ settings.k8s.io/v1alpha1

开启 PodPreset

  • 开启 API settings.k8s.io/v1alpha1/podpreset
  • 开启准入控制 PodPreset

    PodPreset 示例

    增加环境变量和存储卷的 PodPreset
  1. kind: PodPreset
  2. apiVersion: settings.k8s.io/v1alpha1
  3. metadata:
  4. name: allow-database
  5. namespace: myns
  6. spec:
  7. selector:
  8. matchLabels:
  9. role: frontend
  10. env:
  11. - name: DB_PORT
  12. value: "6379"
  13. volumeMounts:
  14. - mountPath: /cache
  15. name: cache-volume
  16. volumes:
  17. - name: cache-volume
  18. emptyDir: {}

用户提交 Pod

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4. name: website
  5. labels:
  6. app: website
  7. role: frontend
  8. spec:
  9. containers:
  10. - name: website
  11. image: ecorp/website
  12. ports:
  13. - containerPort: 80

经过准入控制 PodPreset 后,Pod 会自动增加环境变量和存储卷

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4. name: website
  5. labels:
  6. app: website
  7. role: frontend
  8. annotations:
  9. podpreset.admission.kubernetes.io/allow-database: "resource version"
  10. spec:
  11. containers:
  12. - name: website
  13. image: ecorp/website
  14. volumeMounts:
  15. - mountPath: /cache
  16. name: cache-volume
  17. ports:
  18. - containerPort: 80
  19. env:
  20. - name: DB_PORT
  21. value: "6379"
  22. volumes:
  23. - name: cache-volume

  24. emptyDir: {}

    ConfigMap 示例

    ConfigMap

  25. apiVersion: v1

  26. kind: ConfigMap
  27. metadata:
  28. name: etcd-env-config
  29. data:
  30. number_of_members: "1"
  31. initial_cluster_state: new
  32. initial_cluster_token: DUMMY_ETCD_INITIAL_CLUSTER_TOKEN
  33. discovery_token: DUMMY_ETCD_DISCOVERY_TOKEN
  34. discovery_url: http://etcd_discovery:2379
  35. etcdctl_peers: http://etcd:2379
  36. duplicate_key: FROM_CONFIG_MAP
  37. REPLACE_ME: "a value"

PodPreset

  1. kind: PodPreset
  2. apiVersion: settings.k8s.io/v1alpha1
  3. metadata:
  4. name: allow-database
  5. namespace: myns
  6. spec:
  7. selector:
  8. matchLabels:
  9. role: frontend
  10. env:
  11. - name: DB_PORT
  12. value: 6379
  13. - name: duplicate_key
  14. value: FROM_ENV
  15. - name: expansion
  16. value: $(REPLACE_ME)
  17. envFrom:
  18. - configMapRef:
  19. name: etcd-env-config
  20. volumeMounts:
  21. - mountPath: /cache
  22. name: cache-volume
  23. - mountPath: /etc/app/config.json
  24. readOnly: **true**
  25. name: secret-volume
  26. volumes:
  27. - name: cache-volume
  28. emptyDir: {}
  29. - name: secret-volume
  30. secretName: config-details

用户提交的 Pod

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4. name: website
  5. labels:
  6. app: website
  7. role: frontend
  8. spec:
  9. containers:
  10. - name: website
  11. image: ecorp/website
  12. ports:
  13. - containerPort: 80

经过准入控制 PodPreset 后,Pod 会自动增加 ConfigMap 环境变量

  1. apiVersion: v1
  2. kind: Pod
  3. metadata:
  4. name: website
  5. labels:
  6. app: website
  7. role: frontend
  8. annotations:
  9. podpreset.admission.kubernetes.io/allow-database: "resource version"
  10. spec:
  11. containers:
  12. - name: website
  13. image: ecorp/website
  14. volumeMounts:
  15. - mountPath: /cache
  16. name: cache-volume
  17. - mountPath: /etc/app/config.json
  18. readOnly: **true**
  19. name: secret-volume
  20. ports:
  21. - containerPort: 80
  22. env:
  23. - name: DB_PORT
  24. value: "6379"
  25. - name: duplicate_key
  26. value: FROM_ENV
  27. - name: expansion
  28. value: $(REPLACE_ME)
  29. envFrom:
  30. - configMapRef:
  31. name: etcd-env-config
  32. volumes:
  33. - name: cache-volume
  34. emptyDir: {}
  35. - name: secret-volume
  36. secretName: config-details