《kubernetes 1.8.0 测试环境安装部署》
时间:2017-12-13
关于configmap
:
ConfigMap
可以从镜像中分离配置文件用于保存配置数据的键值对,可以用来保存单个属性,也可以用来保存配置文件。ConfigMap
跟secret
很类似,但它可以更方便地处理不包含敏感信息的字符串。
就我目前的理解,通过创建ConfigMap
可以在pod中通过设置环境变量、命令行参数或者直接以配置文件形式挂载的方式实现配置信息的动态加载:
创建测试用的目录及文件:
$ mkdir ~/configmap-demo
$ cd ~/configmap-demo
$ cat > game.properties << EOF
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
EOF
$ cat > ui.properties << EOF
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
EOF
$ ll ~/configmap-demo
total 8
-rw-r--r-- 1 kube kube 166 Dec 13 11:25 game.properties
-rw-r--r-- 1 kube kube 83 Dec 13 11:30 ui.properties
用kubectl create configmap
命令创建configmap,同时加载目录下的多个文件:
# kubectl create configmap game-config --from-file=/root/configmap-demo
configmap "game-config" created
/root/configmap-demo
目录;查看:
[root@node-131 configmap-demo]# kubectl describe configmaps game-config
Name: game-config
Namespace: default
Labels:
Annotations:
Data
====
game.properties:
----
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
ui.properties:
----
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
Events:
[root@node-131 configmap-demo]# kubectl get configmaps game-config -o yaml
apiVersion: v1
data:
game.properties: |
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
ui.properties: |
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
kind: ConfigMap
metadata:
creationTimestamp: 2017-12-13T03:47:28Z
name: game-config
namespace: default
resourceVersion: "2983336"
selfLink: /api/v1/namespaces/default/configmaps/game-config
uid: 57072343-dfb8-11e7-8e94-005056bc80ed
[root@node-131 ~]# kubectl create configmap game-config-2 --from-file=/root/configmap-demo/game.properties
configmap "game-config-2" created
--from-file
引入不同的数据源;查看:
[root@node-131 ~]# kubectl describe configmap game-config-2
Name: game-config-2
Namespace: default
Labels:
Annotations:
Data
====
game.properties:
----
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
Events:
kubectl create configmap game-config-3 --from-file=<my-key-name>=<path-to-file>
[root@node-131 ~]# kubectl create configmap game-config-3 --from-file=game-special-key=/root/configmap-demo/game.properties
configmap "game-config-3" created
[root@node-131 ~]# kubectl get configmap game-config-3 -o yaml
apiVersion: v1
data:
game-special-key: |
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
kind: ConfigMap
metadata:
creationTimestamp: 2017-12-13T06:22:29Z
name: game-config-3
namespace: default
resourceVersion: "3005152"
selfLink: /api/v1/namespaces/default/configmaps/game-config-3
uid: fea21a25-dfcd-11e7-8e94-005056bc80ed
[root@node-131 ~]# kubectl create configmap special-config --from-literal=special.how=very --from-literal=special.type=charm
configmap "special-config" created
[root@node-131 ~]# kubectl get configmaps special-config -o yaml
apiVersion: v1
data:
special.how: very
special.type: charm
kind: ConfigMap
metadata:
creationTimestamp: 2017-12-13T07:20:03Z
name: special-config
namespace: default
resourceVersion: "3013536"
selfLink: /api/v1/namespaces/default/configmaps/special-config
uid: 09e1c368-dfd6-11e7-8e94-005056bc80ed
1、用configmap定义一个类似key-value的环境变量:
$ kubectl create configmap special-config --from-literal=special.how=very
创建静态pod,指定环境变量并引用configmap:
dapi-test-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: gcr.mirrors.ustc.edu.cn/google_containers/busybox
command: [ "/bin/sh", "-c", "env" ]
env:
# Define the environment variable
- name: SPECIAL_LEVEL_KEY
valueFrom:
configMapKeyRef:
# The ConfigMap containing the value you want to assign to SPECIAL_LEVEL_KEY
name: special-config
# Specify the key associated with the value
key: special.how
restartPolicy: Never
创建:
kubectl create -f dapi-test-pod.yaml
观察logs:
[root@node-132 ~]# kubectl logs dapi-test-pod | grep SPECIAL_LEVEL_KEY
SPECIAL_LEVEL_KEY=very
dapi-test-pod-2.yaml
[root@node-131 configmap-demo]# vi dapi-test-pod-2.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config-1
namespace: default
data:
special.how: very
---
apiVersion: v1
kind: ConfigMap
metadata:
name: env-config
namespace: default
data:
log_level: INFO
---
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod-2
spec:
containers:
- name: test-container
image: yecc/gcr.io-google_containers-busybox
command: [ "/bin/sh", "-c", "env" ]
env:
- name: SPECIAL_LEVEL_KEY
valueFrom:
configMapKeyRef:
name: special-config-1
key: special.how
- name: LOG_LEVEL
valueFrom:
configMapKeyRef:
name: env-config
key: log_level
restartPolicy: Never
configmap
:special-config-1
、 env-config
special-config-1
:special.how: veryenv-config
:log_level: INFO查看:
[root@node-132 ~]# kubectl logs dapi-test-pod-2 | grep SPECIAL_LEVEL_KEY
SPECIAL_LEVEL_KEY=very
[root@node-132 ~]# kubectl logs dapi-test-pod-2 | grep LOG_LEVEL
LOG_LEVEL=INFO
dapi-test-pod-3.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config-2
namespace: default
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
---
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod-3
spec:
containers:
- name: test-container
image: yecc/gcr.io-google_containers-busybox
command: [ "/bin/sh", "-c", "env" ]
envFrom:
- configMapRef:
name: special-config-2
restartPolicy: Never
查看:
[root@node-132 ~]# kubectl logs dapi-test-pod-3 | grep SPECIAL_TYPE
SPECIAL_TYPE=charm
[root@node-132 ~]# kubectl logs dapi-test-pod-3 | grep SPECIAL_LEVEL
SPECIAL_LEVEL=very
dapi-test-pod-4.yaml
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod-4
spec:
containers:
- name: test-container
image: yecc/gcr.io-google_containers-busybox
command: [ "/bin/sh", "-c", "echo $(SPECIAL_LEVEL_KEY) $(SPECIAL_TYPE_KEY)" ]
env:
- name: SPECIAL_LEVEL_KEY
valueFrom:
configMapKeyRef:
name: special-config-2
key: SPECIAL_LEVEL
- name: SPECIAL_TYPE_KEY
valueFrom:
configMapKeyRef:
name: special-config-2
key: SPECIAL_TYPE
restartPolicy: Never
查看:
[root@node-132 ~]# kubectl logs dapi-test-pod-4
very charm
dapi-test-pod-5.yaml
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod-5
spec:
containers:
- name: test-container
image: yecc/gcr.io-google_containers-busybox
command: [ "/bin/sh", "-c", "ls /etc/config/" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
configMap:
# Provide the name of the ConfigMap containing the files you want
# to add to the container
name: special-config-2
restartPolicy: Never
查看:
[root@node-132 ~]# kubectl logs dapi-test-pod-5
SPECIAL_LEVEL
SPECIAL_TYPE
dapi-test-pod-6.yaml
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod-6
spec:
containers:
- name: test-container
image: yecc/gcr.io-google_containers-busybox
command: [ "/bin/sh","-c","cat /etc/config/keys" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
configMap:
name: special-config-2
items:
- key: SPECIAL_LEVEL
path: keys
restartPolicy: Never
spec.volumes.configMap.items
: key
为configmap的data中对应的key名称,path
为mountPath
后的挂载点。即,将SPECIAL_LEVEL
的内容挂载至/etc/config/
目录下文件名为keys
,内容为SPECIAL_LEVEL
对应的value
;command
: 为cat /etc/config/keys
,按照预期应该会看到SPECIAL_LEVEL
对应value
;查看:
[root@node-132 ~]# kubectl logs dapi-test-pod-6
very
configmap自动升级特性:
Mounted ConfigMaps are updated automatically
When a ConfigMap already being consumed in a volume is updated, projected keys are eventually updated as well. Kubelet is checking whether the mounted ConfigMap is fresh on every periodic sync. However, it is using its local ttl-based cache for getting the current value of the ConfigMap. As a result, the total delay from the moment when the ConfigMap is updated to the moment when new keys are projected to the pod can be as long as kubelet sync period + ttl of ConfigMaps cache in kubelet.
已经被挂载的configmap能够自动被升级
当一个已经被挂载configmap更新(比如edit)安装的keys将立即自动被更新。kubelet将实时检查configmap的刷新并保持同步….
但是,他使用本地基于ttl-based缓存用来获取configmap的当前值。所以从configmap更新到到key被部署到pod的时间总长等同于 kubelet 同步时间加上configmaps缓存在kubelet的ttl时间;
清除
for i in `seq 1 6` ; do kubectl delete pod dapi-test-pod-$i; done
for i in `kubectl get configmap | grep game-config | awk '{print $1}'` ; do kubectl delete configmap $i ; done
for i in `kubectl get configmap | grep special-config | awk '{print $1}'` ; do kubectl delete configmap $i ; done
本系列其他内容:
01-环境准备
02-etcd群集搭建
03-kubectl管理工具
04-master搭建
05-node节点搭建
06-addon-calico
07-addon-kubedns
08-addon-dashboard
09-addon-kube-prometheus
10-addon-EFK
11-addon-Harbor
12-addon-ingress-nginx
13-addon-traefik
参考资料:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/