《kubernetes-1.8.0》18-examples-configmap

《kubernetes-1.8.0》18-examples-configmap

《kubernetes 1.8.0 测试环境安装部署》

时间:2017-12-13

一、基础知识:

关于configmap:

ConfigMap可以从镜像中分离配置文件用于保存配置数据的键值对,可以用来保存单个属性,也可以用来保存配置文件ConfigMapsecret很类似,但它可以更方便地处理不包含敏感信息的字符串。

就我目前的理解,通过创建ConfigMap可以在pod中通过设置环境变量、命令行参数或者直接以配置文件形式挂载的方式实现配置信息的动态加载:

二、configmap的创建:

从目录创建configmaps

创建测试用的目录及文件:

$ mkdir ~/configmap-demo
$ cd ~/configmap-demo
$ cat > game.properties << EOF 
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
EOF
$ cat > ui.properties << EOF 
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
EOF
$ ll ~/configmap-demo
total 8
-rw-r--r-- 1 kube kube 166 Dec 13 11:25 game.properties
-rw-r--r-- 1 kube kube  83 Dec 13 11:30 ui.properties

kubectl create configmap命令创建configmap,同时加载目录下的多个文件:

# kubectl create configmap game-config --from-file=/root/configmap-demo
configmap "game-config" created
  • 该命令创建configmap,名字为game-config,加载来源为/root/configmap-demo 目录;
  • 改目录下有多个文件,加载之configmap中时,文件名作为key,文件内容为value

查看:

[root@node-131 configmap-demo]# kubectl describe configmaps game-config
Name:         game-config
Namespace:    default
Labels:       
Annotations:  

Data
====
game.properties:
----
enemies=aliens  
lives=3 
enemies.cheat=true 
enemies.cheat.level=noGoodRotten 
secret.code.passphrase=UUDDLRLRBABAS 
secret.code.allowed=true 
secret.code.lives=30 

ui.properties:
----
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice

Events:  

[root@node-131 configmap-demo]# kubectl get configmaps game-config -o yaml                           
apiVersion: v1
data:
  game.properties: |
    enemies=aliens
    lives=3
    enemies.cheat=true
    enemies.cheat.level=noGoodRotten
    secret.code.passphrase=UUDDLRLRBABAS
    secret.code.allowed=true
    secret.code.lives=30
  ui.properties: |
    color.good=purple
    color.bad=yellow
    allow.textmode=true
    how.nice.to.look=fairlyNice
kind: ConfigMap
metadata:
  creationTimestamp: 2017-12-13T03:47:28Z
  name: game-config
  namespace: default
  resourceVersion: "2983336"
  selfLink: /api/v1/namespaces/default/configmaps/game-config
  uid: 57072343-dfb8-11e7-8e94-005056bc80ed

从文件创建configmaps

[root@node-131 ~]# kubectl create configmap game-config-2 --from-file=/root/configmap-demo/game.properties 
configmap "game-config-2" created
  • 可以跟多个--from-file引入不同的数据源;

查看:

[root@node-131 ~]# kubectl describe configmap game-config-2 
Name:         game-config-2
Namespace:    default
Labels:       
Annotations:  

Data
====
game.properties:
----
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30

Events:  

从文件创建configmaps时定义keyname

kubectl create configmap game-config-3 --from-file=<my-key-name>=<path-to-file>
[root@node-131 ~]# kubectl create configmap game-config-3 --from-file=game-special-key=/root/configmap-demo/game.properties 
configmap "game-config-3" created
[root@node-131 ~]# kubectl get configmap game-config-3 -o yaml
apiVersion: v1
data:
  game-special-key: |
    enemies=aliens
    lives=3
    enemies.cheat=true
    enemies.cheat.level=noGoodRotten
    secret.code.passphrase=UUDDLRLRBABAS
    secret.code.allowed=true
    secret.code.lives=30
kind: ConfigMap
metadata:
  creationTimestamp: 2017-12-13T06:22:29Z
  name: game-config-3
  namespace: default
  resourceVersion: "3005152"
  selfLink: /api/v1/namespaces/default/configmaps/game-config-3
  uid: fea21a25-dfcd-11e7-8e94-005056bc80ed

指定key/value创建configmaps

[root@node-131 ~]# kubectl create configmap special-config --from-literal=special.how=very --from-literal=special.type=charm
configmap "special-config" created
[root@node-131 ~]# kubectl get configmaps special-config -o yaml
apiVersion: v1
data:
  special.how: very
  special.type: charm
kind: ConfigMap
metadata:
  creationTimestamp: 2017-12-13T07:20:03Z
  name: special-config
  namespace: default
  resourceVersion: "3013536"
  selfLink: /api/v1/namespaces/default/configmaps/special-config
  uid: 09e1c368-dfd6-11e7-8e94-005056bc80ed

三、在pod中应用configmap:

用configmap定义pod中的环境变量:

1、用configmap定义一个类似key-value的环境变量:

$ kubectl create configmap special-config --from-literal=special.how=very 

创建静态pod,指定环境变量并引用configmap:

dapi-test-pod.yaml

apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod
spec:
  containers:
    - name: test-container
      image: gcr.mirrors.ustc.edu.cn/google_containers/busybox
      command: [ "/bin/sh", "-c", "env" ]
      env:
        # Define the environment variable
        - name: SPECIAL_LEVEL_KEY
          valueFrom:
            configMapKeyRef:
              # The ConfigMap containing the value you want to assign to SPECIAL_LEVEL_KEY
              name: special-config
              # Specify the key associated with the value
              key: special.how
  restartPolicy: Never

创建:

kubectl create -f dapi-test-pod.yaml 
  • 创建成功后pod状态应该是Completed 而非running,因为没有前台运行的进程:

观察logs:

[root@node-132 ~]# kubectl logs dapi-test-pod | grep SPECIAL_LEVEL_KEY
SPECIAL_LEVEL_KEY=very
  • 看到SPECIAL_LEVEL_KEY环境变量成功创建并赋值very:

用多个configmap定义pod中的环境变量:

dapi-test-pod-2.yaml

[root@node-131 configmap-demo]# vi dapi-test-pod-2.yaml                
apiVersion: v1
kind: ConfigMap
metadata:
  name: special-config-1
  namespace: default
data:
  special.how: very
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: env-config
  namespace: default
data:
  log_level: INFO
---
apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod-2
spec:
  containers:
    - name: test-container
      image: yecc/gcr.io-google_containers-busybox
      command: [ "/bin/sh", "-c", "env" ]
      env:
        - name: SPECIAL_LEVEL_KEY
          valueFrom:
            configMapKeyRef:
              name: special-config-1
              key: special.how
        - name: LOG_LEVEL
          valueFrom:
            configMapKeyRef:
              name: env-config
              key: log_level
  restartPolicy: Never
  • 创建两个configmapspecial-config-1env-config
  • special-config-1:special.how: very
  • env-config:log_level: INFO

查看:

[root@node-132 ~]# kubectl logs dapi-test-pod-2 | grep SPECIAL_LEVEL_KEY
SPECIAL_LEVEL_KEY=very
[root@node-132 ~]# kubectl logs dapi-test-pod-2 | grep LOG_LEVEL        
LOG_LEVEL=INFO

用一个configmap定义pod所需所有环境变量:

dapi-test-pod-3.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: special-config-2
  namespace: default
data:
  SPECIAL_LEVEL: very
  SPECIAL_TYPE: charm
---
apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod-3
spec:
  containers:
    - name: test-container
      image: yecc/gcr.io-google_containers-busybox
      command: [ "/bin/sh", "-c", "env" ]
      envFrom:
      - configMapRef:
          name: special-config-2
  restartPolicy: Never
  • envFrom:一次引入对应configmap中的所有data部分(需要kubernetes 1.6以上才能支持)

查看:

[root@node-132 ~]# kubectl logs dapi-test-pod-3 | grep SPECIAL_TYPE
SPECIAL_TYPE=charm
[root@node-132 ~]# kubectl logs dapi-test-pod-3 | grep SPECIAL_LEVEL
SPECIAL_LEVEL=very

用一个configmap定义pod 命令行中的环境变量:

dapi-test-pod-4.yaml

apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod-4
spec:
  containers:
    - name: test-container
      image: yecc/gcr.io-google_containers-busybox
      command: [ "/bin/sh", "-c", "echo $(SPECIAL_LEVEL_KEY) $(SPECIAL_TYPE_KEY)" ]
      env:
        - name: SPECIAL_LEVEL_KEY
          valueFrom:
            configMapKeyRef:
              name: special-config-2
              key: SPECIAL_LEVEL
        - name: SPECIAL_TYPE_KEY
          valueFrom:
            configMapKeyRef:
              name: special-config-2
              key: SPECIAL_TYPE
  restartPolicy: Never

查看:

[root@node-132 ~]# kubectl logs dapi-test-pod-4
very charm

用volume的方式使用configmap:

dapi-test-pod-5.yaml

apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod-5
spec:
  containers:
    - name: test-container
      image: yecc/gcr.io-google_containers-busybox
      command: [ "/bin/sh", "-c", "ls /etc/config/" ]
      volumeMounts:
      - name: config-volume
        mountPath: /etc/config
  volumes:
    - name: config-volume
      configMap:
        # Provide the name of the ConfigMap containing the files you want
        # to add to the container
        name: special-config-2
  restartPolicy: Never
  • 通过volume方式挂载configmap时,configmap的data部分key会成为文件名,value成为文件内容
  • command通过ls /etc/config查看挂载目录,后续的验证过程应该会看到两个key对应的两个文件名

查看:

[root@node-132 ~]# kubectl logs dapi-test-pod-5
SPECIAL_LEVEL
SPECIAL_TYPE

将configmap中的某个key挂载至挂载点的某个path:

dapi-test-pod-6.yaml

apiVersion: v1
kind: Pod
metadata:
  name: dapi-test-pod-6
spec:
  containers:
    - name: test-container
      image: yecc/gcr.io-google_containers-busybox
      command: [ "/bin/sh","-c","cat /etc/config/keys" ]
      volumeMounts:
      - name: config-volume
        mountPath: /etc/config
  volumes:
    - name: config-volume
      configMap:
        name: special-config-2
        items:
        - key: SPECIAL_LEVEL
          path: keys
  restartPolicy: Never
  • spec.volumes.configMap.itemskey 为configmap的data中对应的key名称,pathmountPath后的挂载点。即,将SPECIAL_LEVEL的内容挂载至/etc/config/目录下文件名为keys,内容为SPECIAL_LEVEL对应的value
  • command: 为cat /etc/config/keys,按照预期应该会看到SPECIAL_LEVEL对应value;

查看:

[root@node-132 ~]# kubectl logs dapi-test-pod-6
very

configmap自动升级特性:

Mounted ConfigMaps are updated automatically
When a ConfigMap already being consumed in a volume is updated, projected keys are eventually updated as well. Kubelet is checking whether the mounted ConfigMap is fresh on every periodic sync. However, it is using its local ttl-based cache for getting the current value of the ConfigMap. As a result, the total delay from the moment when the ConfigMap is updated to the moment when new keys are projected to the pod can be as long as kubelet sync period + ttl of ConfigMaps cache in kubelet.

已经被挂载的configmap能够自动被升级

当一个已经被挂载configmap更新(比如edit)安装的keys将立即自动被更新。kubelet将实时检查configmap的刷新并保持同步….

但是,他使用本地基于ttl-based缓存用来获取configmap的当前值。所以从configmap更新到到key被部署到pod的时间总长等同于 kubelet 同步时间加上configmaps缓存在kubelet的ttl时间;

清除

for i in `seq 1 6` ; do kubectl delete pod dapi-test-pod-$i; done   

for i in `kubectl get configmap | grep game-config | awk '{print $1}'` ; do kubectl delete configmap $i ; done

for i in `kubectl get configmap | grep special-config | awk '{print $1}'` ; do kubectl delete configmap $i ; done 

本系列其他内容:

  • 01-环境准备

  • 02-etcd群集搭建

  • 03-kubectl管理工具

  • 04-master搭建

  • 05-node节点搭建

  • 06-addon-calico

  • 07-addon-kubedns

  • 08-addon-dashboard

  • 09-addon-kube-prometheus

  • 10-addon-EFK

  • 11-addon-Harbor

  • 12-addon-ingress-nginx

  • 13-addon-traefik

参考资料:

https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/

你可能感兴趣的:(kubernetes,1.8.0)