1.
configMap的作用理解
configMap起什么作用的呢?
举个例子,启用一个mysql容器.mysql容器重要的文件有两部分,一部分为存储数据文件,一部分为配置文件my.cnf.
存储数据可以用pv pvc实现和容器的分离解耦,后面测试.
配置文件也能够实现和容器的分离解耦,也就是说mysql容器能够直接读取并使用预先配置好的配置文件(而不是使用容器中默认自带的配置文件).这就是configMap的功能.
kubernetes使用configMap来实现对容器中应用配置文件管理和分离解耦.
2.
创建configMap
有两种方式:1.通过yaml文件创建
2.执行kubectl create命令,直接命令行创建.
示例:
命令行直接创建
[root@k8s-master1 configmap]# cat mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
[root@k8s-master1 configmap]#
创建configMap,使用mysqld.cnf的数据
[root@k8s-master1 configmap]# kubectl create configmap mysql-config --from-file=mysqld.cnf
configmap "mysql-config" created
[root@k8s-master1 configmap]# kubectl describe configmap mysql-config
Name: mysql-config
Namespace: default
Labels:
Annotations:
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
[root@k8s-master1 configmap]#
yaml文件创建
[root@k8s-master1 configmap]# cat mysql-config2.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-config2
data:
mysqld.cnf: |
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
[root@k8s-master1 configmap]#
注意直接写入文件内容的格式 mysqld.cnf: |
[root@k8s-master1 configmap]# kubectl apply -f mysql-config2.yaml
configmap "mysql-config2" created
[root@k8s-master1 configmap]# kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels:
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\nuser = mysql...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
[root@k8s-master1 configmap]#
3.
configmap的使用
有两种方式
1.环境变量方式
2.volume挂载方式(一般都是用这个,支持热更新)
4.
环境变量方式
configmap支持key/value形式,一个条目一条数据,环境变量方式,用的是这个特性.
比如想在容器里,预设环境变量.
示例:
创建configmap
[root@k8s-master1 configmap]# kubectl apply -f my-config.yaml
configmap "my-config" created
[root@k8s-master1 configmap]# cat my-config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
data:
v1: am
v2: am123456
[root@k8s-master1 configmap]#
在容器中引用configmap里的key当作变量
[root@k8s-master1 test]# cat configmap-test1.yaml
apiVersion: v1
kind: Pod
metadata:
name: t1
namespace: default
spec:
containers:
- name: t1
image: nginx
env:
- name: user
valueFrom:
configMapKeyRef:
name: my-config
key: v1
- name: password
valueFrom:
configMapKeyRef:
name: my-config
key: v2
[root@k8s-master1 test]#
进pod,显示变量
[root@k8s-master1 test]# kubectl exec -it t1 /bin/bash
root@t1:/# echo $user
am
root@t1:/# echo $password
am123456
5.
volume挂载方式
应用配置文件,使用这种方式.支持动态更新
用mysql示例,启用一个mysql容器pod,通过configmap读取预先配置好的配置文件.
configmap
用上面的mysql-config2
[root@k8s-master1 ~]# kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels:
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\nuser = mysql...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
[root@k8s-master1 ~]#
volume方式使用configmap,见下:
[root@k8s-master1 test]# cat configmap-test2.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-t
spec:
ports:
- port: 3306
selector:
app: mysql-t
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mysql-t
spec:
selector:
matchLabels:
app: mysql-t
template:
metadata:
labels:
app: mysql-t
spec:
containers:
- image: mysql:5.7
name: mysql-t
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
configMapKeyRef:
name: my-config
key: v2
volumeMounts:
- name: mysql-t1
mountPath: /etc/mysql/mysql.conf.d
volumes:
- name: mysql-t1
configMap:
name: mysql-config2
[root@k8s-master1 test]#
一些参数解释:
volumeMounts/mountPath: pod容器里挂载目录,这个目录其实很重要,你要使用个容器的应用,需熟悉这个应用的配置文件存放目录并且挂载到正确目录.挂载目录错了容器应用无法读取到配置文件.
volumes: 使用的卷
name: mysql-t1 注意volumes和volumeMounts的这个名字是相对应的.
[root@k8s-master1 test]# kubectl apply -f configmap-test2.yaml
service "mysql-t" created
deployment.apps "mysql-t" created
[root@k8s-master1 test]#
pod里操作,可以看到读取的就是mysql-config2,密码已经生效.
[root@k8s-master1 test]# kubectl exec -it mysql-t-6fb9d4764d-rz8hv /bin/bash
root@mysql-t-6fb9d4764d-rz8hv:/# mysql -uroot -pam123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.25 MySQL Community Server (GPL)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
看看pod的详细信息
[root@k8s-master1 test]# kubectl describe pod mysql-t-6fb9d4764d-rz8hv
Name: mysql-t-6fb9d4764d-rz8hv
Namespace: default
Priority: 0
PriorityClassName:
Node: k8s-master1/192.168.32.128
Start Time: Thu, 28 Mar 2019 16:32:03 +0800
Labels: app=mysql-t
pod-template-hash=6fb9d4764d
Annotations:
Status: Running
IP: 172.30.32.3
Controlled By: ReplicaSet/mysql-t-6fb9d4764d
Containers:
mysql-t:
Container ID: docker://fdf0631a4bc8b612ed0b3eea8b81106d497b5f8f39ee7e2ea1ce3d7f016a290a
Image: mysql:5.7
Image ID: docker-pullable://mysql@sha256:dba5fed182e64064b688ccd22b2f9cad4ee88608c82f8cff21e17bab8da72b81
Port: 3306/TCP
Host Port: 0/TCP
State: Running
Started: Thu, 28 Mar 2019 16:32:03 +0800
Ready: True
Restart Count: 0
Environment:
MYSQL_ROOT_PASSWORD: Optional: false
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-qmjrc (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
mysql-t1:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: mysql-config2
Optional: false
default-token-qmjrc:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-qmjrc
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m default-scheduler Successfully assigned default/mysql-t-6fb9d4764d-rz8hv to k8s-master1
Normal Pulled 3m kubelet, k8s-master1 Container image "mysql:5.7" already present on machine
Normal Created 3m kubelet, k8s-master1 Created container
Normal Started 3m kubelet, k8s-master1 Started container
[root@k8s-master1 test]#
具体用到的configmap,参考见下:
Environment:
MYSQL_ROOT_PASSWORD: Optional: false
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-qmjrc (ro)
进这个目录检索看看
root@mysql-t-6fb9d4764d-rz8hv:/etc/mysql/mysql.conf.d# cat mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
root@mysql-t-6fb9d4764d-rz8hv:/etc/mysql/mysql.conf.d# pwd
/etc/mysql/mysql.conf.d
读取的就是这个文件,configmap的挂载目录.
6.
测试热更新
更新mysql-config2
加上以下内容:
log_bin=mysql_bin
binlog-format=Row
server-id=1
用edit命令
[root@k8s-master1 configmap]# kubectl edit configmap mysql-config2
configmap "mysql-config2" edited
[root@k8s-master1 configmap]#
[root@k8s-master1 configmap]# kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels:
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\nuser = mysql...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
log_bin=mysql_bin
binlog-format=Row
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
[root@k8s-master1 configmap]#
pod里查看结果
[root@k8s-master1 configmap]# kubectl exec -it mysql-t-6fb9d4764d-rz8hv /bin/bash
root@mysql-t-6fb9d4764d-rz8hv:/# cat /etc/mysql/mysql.conf.d/mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
log_bin=mysql_bin
binlog-format=Row
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
root@mysql-t-6fb9d4764d-rz8hv:/#
实现了热更新.