13.kubernetes笔记 Volume存储卷(四) configMap

前言

核心资源类型存储卷,PV、PVC、SC、CSI(Longhorn)
特殊类型的插件:ConfigMap、Secret、downwardAPI

如何为容器化应用提供配置信息:

  1. 启动容器时,直接向应用程序传递参数,args: []
  2. 将定义好的配置文件焙进镜像之中;
  3. 通过环境变量向容器传递配置数据:有个前提要求,应用得支持从环境变量加载配置信息;
    制作镜像时,使用entrypoint脚本来预处理变量,常见的做法就是使用非交互式编辑工具,将环境变量的值替换到应用的配置文件中;
  4. 基于存储卷向容器传递配置文件;
    运行中的改变,需要由应用程序重载;

ConfigMap简介

ConfigMap API资源用来保存key-value pair配置数据,这个数据可以在pods里使用,或者被用来为像controller一样的系统组件存储配置数据。虽然ConfigMap跟Secrets类似,但是ConfigMap更方便的处理不含敏感信息的字符串。 注意:ConfigMaps不是属性配置文件的替代品。ConfigMaps只是作为多个properties文件的引用。你可以把它理解为Linux系统中的/etc目录,专门用来存储配置文件的目录。

ConfigMap 通过env环境变量引用
通过环境变量的配置容器化应用时,需要在容器配置段中嵌套使用env字段,它的值是一个由环境变量构建的列表。每个环项变量通常由name和value(或valueFron)字段构成

  • name :环境变量的名称,必选字段;
  • value :环境变量的值,通过 $(VAR_NAME)引用,逃逸格式为“$$(VAR_NAME)" 默认值为空;
  • valueFrom ∶环境变量值的引用源,例如当前Pod资源的名称、名称空间、标签等,不能与非空值的value字段同时使用,即环境变量的值要么源于value字段,要么源于valuFron字段,二者不可同时提供数据。
  • valueFron: 字段可引用的值有多种来源,包括当前Pod资源的属性值,容器相关的系统资源配置、ConfigMap对象中的key以及Secret对象中的Key,它们分别要使用不同的嵌套字段进行定义。
  • fieldRef :当前Pod资源的指定字段,目前支持使用的字段包括metadata.mime、metadata.namespce、 metadata.labels、metadeta.annotations、spesc.nodeName、spec.serviceAccountName、status.hostIP和status.podIP等;
  • configMapKeyRef : ConfigMap对象中的特定Key;
  • secretKeyRef: Secret对象中的特定Key;
  • resourceFieldRef : 当前容器的特定系统资源的最小值(配额)或最大值《限额),目前支持的引用包括 limits.cpu. limits.memory、limits.ephemeral-storage. requests.cpu、reuests.memory和requests.ephemeral-storage
    [root@k8s-master ~]# kubectl create configmap --help  #查看示例
    ...
    
    Examples:
      # Create a new configmap named my-config based on folder bar
      kubectl create configmap my-config --from-file=path/to/bar
      
      # Create a new configmap named my-config with specified keys instead of file basenames on disk
      kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
      
      # Create a new configmap named my-config with key1=config1 and key2=config2
      kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
      
      # Create a new configmap named my-config from the key=value pairs in the file
      kubectl create configmap my-config --from-file=path/to/bar
      
      # Create a new configmap named my-config from an env file
      kubectl create configmap my-config --from-env-file=path/to/bar.env
    
    Options:
          --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
    ...

    示例1:comfigMap创建

    [root@k8s-master nginx-conf.d]# cat myserver.conf 
    server {
        listen 8080;
        server_name www.ik8s.io;
    
        include /etc/nginx/conf.d/myserver-*.cfg;
    
        location / {
            root /usr/share/nginx/html;
        }
    }
    [root@k8s-master nginx-conf.d]# cat myserver-gzip.cfg 
    gzip on;
    gzip_comp_level 5;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css  application/xml text/javascript;
    
    [root@k8s-master nginx-conf.d]# cat myserver-status.cfg 
    location /nginx-status {
    stub_status on;
    access_log off;
    }
    
    [root@k8s-master nginx-conf.d]# ls   #一共3个配置文件 
    myserver.conf  myserver-gzip.cfg  myserver-status.cfg
    
    [root@k8s-master ~]# kubectl create configmap demoapp-config --from-literal=host=0.0.0.0  --from-literal=port=8080   #创建host=0.0.0.0、literal=port=8080为两个val
    configmap/demoapp-config created
    [root@k8s-master ~]# kubectl get cm
    NAME              DATA   AGE
    demoapp-config    2      5s    #可以看到DATA为2 2个数据项
    my-grafana        1      34d
    my-grafana-test   1      34d
    [root@k8s-master ~]# kubectl describe cm demoapp-config
    Name:         demoapp-config
    Namespace:    default
    Labels:       
    Annotations:  
    
    Data
    ====
    port:             #数据项1  Port:8080
    ----
    8080
    host:             #数据项2  host: 0.0.0.
    ----
    0.0.0.0
    Events:  
    
    [root@k8s-master ~]# kubectl get cm demoapp-config  -o yaml
    apiVersion: v1
    data:
      host: 0.0.0.0
      port: "8080"
    kind: ConfigMap
    metadata:
      creationTimestamp: "2021-08-05T09:16:15Z"
      managedFields:
      - apiVersion: v1
        fieldsType: FieldsV1
        fieldsV1:
          f:data:
            .: {}
            f:host: {}
            f:port: {}
        manager: kubectl-create
        operation: Update
        time: "2021-08-05T09:16:15Z"
      name: demoapp-config
      namespace: default
      resourceVersion: "6906130"
      selfLink: /api/v1/namespaces/default/configmaps/demoapp-config
      uid: 625c38a9-02bc-43c7-b351-b2ce7387cab7
      
    [root@k8s-master nginx-conf.d]# kubectl create configmap nginx-config --from-file=./myserver.conf  --from-file=status.cfg=./myserver-status.cfg  #创建2个数据项指定文件,默认以文件名为键名 第2个文件指定status.cfg为键名
    configmap/nginx-config created
    [root@k8s-master nginx-conf.d]# kubectl get cm 
    NAME              DATA   AGE
    demoapp-config    2      18m
    my-grafana        1      34d
    my-grafana-test   1      34d
    nginx-config      2      17s
    
    [root@k8s-master nginx-conf.d]# kubectl get cm nginx-config -o yaml
    apiVersion: v1
    data:
      myserver.conf: |  # |为多行键值分隔符 为了保存多行数据使用了|和缩进
        server {
            listen 8080;
            server_name www.ik8s.io;
    
            include /etc/nginx/conf.d/myserver-*.cfg;
    
            location / {
                root /usr/share/nginx/html;
            }
        }
      status.cfg: |
        location /nginx-status {
        stub_status on;
        access_log off;
        }
    kind: ConfigMap
    metadata:
      creationTimestamp: "2021-08-06T06:35:41Z"
      managedFields:
      - apiVersion: v1
        fieldsType: FieldsV1
        fieldsV1:
          f:data:
            .: {}
            f:myserver.conf: {}
            f:status.cfg: {}
        manager: kubectl-create
        operation: Update
        time: "2021-08-06T06:35:41Z"
      name: nginx-config
      namespace: default
      resourceVersion: "7159858"
      selfLink: /api/v1/namespaces/default/configmaps/nginx-config
      uid: 8dbd637a-fb23-447a-8bb5-9e722d7e871d
    [root@k8s-master nginx-conf.d]# ls
    myserver.conf  myserver-gzip.cfg  myserver-status.cfg
    
    [root@k8s-master configmap]# kubectl create configmap nginx-config-files --from-file=./nginx-conf.d/
    configmap/nginx-config-file created
    
    
    [root@k8s-master configmap]# kubectl get cm
    NAME                DATA   AGE
    demoapp-config      2      21h
    my-grafana          1      35d
    my-grafana-test     1      35d
    nginx-config        2      18m
    nginx-config-files   3      3s     #3个数据项
    
    [root@k8s-master nginx-conf.d]# kubectl get cm nginx-config-files -o yaml
    apiVersion: v1
    data:
      myserver-gzip.cfg: |
        gzip on;
        gzip_comp_level 5;
        gzip_proxied expired no-cache no-store private auth;
        gzip_types text/plain text/css  application/xml text/javascript;
      myserver-status.cfg: |
        location /nginx-status {
        stub_status on;
        access_log off;
        }
      myserver.conf: |
        server {
            listen 8080;
            server_name www.ik8s.io;
    
            include /etc/nginx/conf.d/myserver-*.cfg;
    
            location / {
                root /usr/share/nginx/html;
            }
        }
    kind: ConfigMap
    metadata:
      creationTimestamp: "2021-08-06T08:02:34Z"
      managedFields:
      - apiVersion: v1
        fieldsType: FieldsV1
        fieldsV1:
          f:data:
            .: {}
            f:myserver-gzip.cfg: {}
            f:myserver-status.cfg: {}
            f:myserver.conf: {}
        manager: kubectl-create
        operation: Update
        time: "2021-08-06T08:02:34Z"
      name: nginx-config-files
      namespace: default
      resourceVersion: "7177123"
      selfLink: /api/v1/namespaces/default/configmaps/nginx-config-files
      uid: 2fd21dc3-5e61-4413-bcd5-35337b1ce286
    

    示例2: configMap引用

    [root@k8s-master configmap]# cat configmaps-env-demo.yaml 
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: demoapp-config
      namespace: default
    data:
      demoapp.port: "8080"
      demoapp.host: 0.0.0.0
    ---
    apiVersion: v1
    kind: Pod
    metadata:
      name: configmaps-env-demo
      namespace: default
    spec:
      containers:
      - image: ikubernetes/demoapp:v1.0
        name: demoapp
        env:
        - name: PORT
          valueFrom:
            configMapKeyRef:  #引用configMap 键值
              name: demoapp-config
              key: demoapp.port
              optional: false   #是否为可有可无项 false 为必选项
        - name: HOST
          valueFrom:
            configMapKeyRef:
              name: demoapp-config
              key: demoapp.host
              optional: true  #是否可有可无 ture 非必选项
    
    [root@k8s-master configmap]# kubectl apply -f configmaps-env-demo.yaml
    [root@k8s-master configmap]# kubectl get pod
    NAME                                 READY   STATUS    RESTARTS   AGE
    centos-deployment-66d8cd5f8b-95brg   1/1     Running   0          46h
    configmaps-env-demo                  1/1     Running   0          118s
    my-grafana-7d788c5479-bpztz          1/1     Running   1          46h
    volumes-pvc-longhorn-demo            1/1     Running   0          27h
    [root@k8s-master comfigmap]# kubectl exec configmaps-env-demo  -- netstat -tnl   #查看配置是否生效
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       
    tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN  
    
    [root@k8s-master configmap]# cat configmaps-volume-demo.yaml 
    apiVersion: v1
    kind: Pod
    metadata:
      name: configmaps-volume-demo
      namespace: default
    spec:
      containers:
      - image: nginx:alpine
        name: nginx-server
        volumeMounts:
        - name: ngxconfs
          mountPath: /etc/nginx/conf.d/ 
          readOnly: true
      volumes :
      - name: ngxconfs
        configMap:
          name: nginx-config-files  #引用前面定义的configmap
          optional: false
    
    
    [root@k8s-master configmap]# kubectl get pod
    NAME                                 READY   STATUS    RESTARTS   AGE
    centos-deployment-66d8cd5f8b-95brg   1/1     Running   0          46h
    configmaps-env-demo                  1/1     Running   0          35m
    configmaps-volume-demo               1/1     Running   0          6m8s
    my-grafana-7d788c5479-bpztz          1/1     Running   1          46h
    volumes-pvc-longhorn-demo            1/1     Running   0          28h
    
    
    [root@k8s-master configmap]# kubectl exec configmaps-volume-demo  -it -- /bin/sh
    / # nginx -T
    
    ......
    # configuration file /etc/nginx/conf.d/myserver.conf:  #看容器配置文件是否加载configmap配置
    server {
        listen 8080;
        server_name www.ik8s.io;
    
        include /etc/nginx/conf.d/myserver-*.cfg;
    
        location / {
            root /usr/share/nginx/html;
        }
    }
    
    # configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
    gzip on;
    gzip_comp_level 5;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css  application/xml text/javascript;
    
    # configuration file /etc/nginx/conf.d/myserver-status.cfg:
    location /nginx-status {
    stub_status on;
    access_log off;
    }
    
    [root@k8s-master configmap]# kubectl get pods configmaps-volume-demo -o go-template={{.status.podIP}}
    10.244.1.177
    [root@k8s-master configmap]# curl 10.244.1.177:8080  #默认页面
    ...
    

    Welcome to nginx!

    [root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status #自定义页面 Active connections: 1 server accepts handled requests 2 2 2 Reading: 0 Writing: 1 Waiting: 0

    挂载configMap一部分资源时有两种方法
    1.挂载卷时通过items:参数 指定允许输出到卷的键
    2.在容器挂载卷时,指定挂载哪些卷

    示例3 configMap items:指定输出key

    1.挂载卷时通过items:参数 指定允许输出到卷的键

    [root@k8s-master configmap]# ls demoapp-conf.d/  #3个配置文件
    envoy.yaml  lds.conf  myserver.conf
    
    [root@k8s-master configmap]# cat demoapp-conf.d/envoy.yaml 
    node:
      id: sidecar-proxy
      cluster: demoapp-cluster
      
    admin:
      access_log_path: /tmp/admin_access.log
      address:
        socket_address: { address: 0.0.0.0, port_value: 9901 }
    
    dynamic_resources:
      lds_config:
        path: '/etc/envoy/lds.conf'
    
    static_resources:
      clusters:
      - name: local_service
        connect_timeout: 0.25s
        type: STATIC
        lb_policy: ROUND_ROBIN
        load_assignment:
          cluster_name: local_service
          endpoints:
          - lb_endpoints:
            - endpoint:
                address:
                  socket_address:
                    address: 127.0.0.1
                    port_value: 8080
    
    [root@k8s-master configmap]# cat demoapp-conf.d/lds.conf 
    {
      "version_info": "0",
      "resources": [
        {
          "@type": "type.googleapis.com/envoy.api.v2.Listener",
          "name": "listener_0",
          "address": {
            "socket_address": {
              "address": "0.0.0.0",
              "port_value": 80
            }
          },
          "filter_chains": [
            {
              "filters": [
                {
                  "name": "envoy.http_connection_manager",
                  "config": {
                    "stat_prefix": "ingress_http",
                    "codec_type": "AUTO",
                    "route_config": {
                      "name": "local_route",
                      "virtual_hosts": [
                        {
                          "name": "local_service",
                          "domains": [
                            "*"
                          ],
                          "routes": [
                            {
                              "match": {
                                "prefix": "/"
                              },
                              "route": {
                                "cluster": "local_service"
                              }
                            }
                          ]
                        }
                      ]
                    },
                    "http_filters": [
                      {
                        "name": "envoy.router"
                      }
                    ]
                  }
                }
              ]
            }
          ]
        }
      ]
    }
    
    
    [root@k8s-master configmap]# cat configmaps-volume-demo2.yaml 
    apiVersion: v1
    kind: Pod
    metadata:
      name: configmaps-volume-demo2
      namespace: default
    spec:
      containers:
      - name: proxy
        image: envoyproxy/envoy-alpine:v1.14.1
        command: ['/bin/sh','-c','envoy -c /etc/envoy/..data/envoy.yaml']
        volumeMounts:
        - name: appconfs      #通过挂载卷引用comfigmap
          mountPath: /etc/envoy
          readOnly: true
      - name: demo
        image: ikubernetes/demoapp:v1.0
        imagePullPolicy: IfNotPresent
        env:      #通过环境变量引用 但这里引用的comfigmap文件中并没有定义
        - name: PORT
          valueFrom:
            configMapKeyRef:
              name: demoapp-confs
              key: demoapp.port
              optional: false
        - name: HOST
          valueFrom:
            configMapKeyRef:
              name: demoapp-confs
              key: demoapp.host
              optional: true
      volumes:
      - name: appconfs
        configMap:
          name: demoapp-confs   #这里只引用的2个文件
          items:  #默认只允许哪些键 输出给存储卷
          - key: envoy.yaml  #挂载的键名
            path: envoy.yaml  #挂载的文件名  可以和上面不一样
            mode: 0644  #挂载后的权限
          - key: lds.conf
            path: lds.conf
            mode: 0644
          optional: false
    
    [root@k8s-master configmap]# kubectl create  cm demoapp-confs --from-literal=demoapp.host=127.0.0.1 --from-literal=demoapp.port="8080" --from-file=./demoapp-conf.d/   #创建时定义demoapp.host、demoapp.port
    
    [root@k8s-master ~]# kubectl describe cm demoapp-confs
    Name:         demoapp-confs
    Namespace:    default
    Labels:       
    Annotations:  
    
    Data
    ====
    demoapp.host:
    ----
    127.0.0.1
    demoapp.port:
    ----
    8080
    envoy.yaml:
    ----
    node:
      id: sidecar-proxy
      cluster: demoapp-cluster
      
    admin:
      access_log_path: /tmp/admin_access.log
      address:
        socket_address: { address: 0.0.0.0, port_value: 9901 }
    
    dynamic_resources:
      lds_config:
        path: '/etc/envoy/lds.conf'
    
    static_resources:
      clusters:
      - name: local_service
        connect_timeout: 0.25s
        type: STATIC
        lb_policy: ROUND_ROBIN
        load_assignment:
          cluster_name: local_service
          endpoints:
          - lb_endpoints:
            - endpoint:
                address:
                  socket_address:
                    address: 127.0.0.1
                    port_value: 8080
    
    lds.conf:
    ----
    {
      "version_info": "0",
      "resources": [
        {
          "@type": "type.googleapis.com/envoy.api.v2.Listener",
          "name": "listener_0",
          "address": {
            "socket_address": {
              "address": "0.0.0.0",
              "port_value": 80
            }
          },
          "filter_chains": [
            {
              "filters": [
                {
                  "name": "envoy.http_connection_manager",
                  "config": {
                    "stat_prefix": "ingress_http",
                    "codec_type": "AUTO",
                    "route_config": {
                      "name": "local_route",
                      "virtual_hosts": [
                        {
                          "name": "local_service",
                          "domains": [
                            "*"
                          ],
                          "routes": [
                            {
                              "match": {
                                "prefix": "/"
                              },
                              "route": {
                                "cluster": "local_service"
                              }
                            }
                          ]
                        }
                      ]
                    },
                    "http_filters": [
                      {
                        "name": "envoy.router"
                      }
                    ]
                  }
                }
              ]
            }
          ]
        }
      ]
    }
    
    Events:  
    
    [root@k8s-master configmap]# kubectl apply  -f configmaps-volume-demo2.yaml 
    pod/configmaps-volume-demo2 created
    
    [root@k8s-master ~]# kubectl get pod -o wide
    NAME                                 READY   STATUS    RESTARTS   AGE     IP             NODE        NOMINATED NODE   READINESS GATES
    configmaps-volume-demo               1/1     Running   0          6h47m   10.244.1.177   k8s-node1              
    configmaps-volume-demo2              2/2     Running   0          35m     10.244.1.182   k8s-node1              
    my-grafana-7d788c5479-bpztz          1/1     Running   1          2d5h    10.244.2.120   k8s-node2              
    volumes-pvc-longhorn-demo            1/1     Running   0          35h     10.244.2.124   k8s-node2              
    
    [root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c demo -- netstat -tnlp
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
    tcp        0      0 0.0.0.0:9901            0.0.0.0:*               LISTEN      -
    tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      1/python3
    tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      -
    
    [root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- netstat -tnlp
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
    tcp        0      0 0.0.0.0:9901            0.0.0.0:*               LISTEN      1/envoy
    tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      -
    tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1/envoy
    
    [root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- ls /etc/envoy
    envoy.yaml
    lds.conf

    示例4: configMap subPath挂载指定键

    2.在容器挂载卷时,指定挂载哪些键

    [root@k8s-master configmap]# cat configmaps-volume-demo3.yaml 
    apiVersion: v1
    kind: Pod
    metadata:
      name: configmap-volume-demo3
      namespace: default
    spec:
      containers:
      - image: nginx:alpine
        name: nginx-server
        volumeMounts:
        - name: ngxconfs
          mountPath: /etc/nginx/conf.d/myserver.conf  #本机挂载目录
          subPath: myserver.conf  #挂载configMap中的子项 目录或某个值
          readOnly: true
        - name: ngxconfs
          mountPath: /etc/nginx/conf.d/myserver-gzip.cfg
          subPath: myserver-gzip.cfg
          readOnly: true
      volumes:
      - name: ngxconfs
        configMap:
          name: nginx-config-files  #之前示例中已经创建 包含3个DATA数据项
    
    [root@k8s-master configmap]# kubectl apply  -f configmaps-volume-demo3.yaml 
    pod/configmap-volume-demo3 created
    
    [root@k8s-master configmap]# kubectl exec configmap-volume-demo3 -it -- /bin/sh  #只引用了其中2项数据
    / # ls /etc/nginx/conf.d/
    default.conf       myserver-gzip.cfg  myserver.conf

    configMap 文件的引用、重载

    [root@k8s-master configmap]# kubectl get pod -o wide
    NAME                                 READY   STATUS    RESTARTS   AGE     IP             NODE        NOMINATED NODE   READINESS GATES
    centos-deployment-66d8cd5f8b-95brg   1/1     Running   0          2d18h   10.244.2.117   k8s-node2              
    configmap-volume-demo3               1/1     Running   0          11m     10.244.1.186   k8s-node1              
    configmaps-env-demo                  1/1     Running   0          20h     10.244.1.173   k8s-node1              
    configmaps-volume-demo               1/1     Running   0          19h     10.244.1.177   k8s-node1              
    configmaps-volume-demo2              2/2     Running   0          13h     10.244.1.182   k8s-node1              
    my-grafana-7d788c5479-bpztz          1/1     Running   1          2d18h   10.244.2.120   k8s-node2              
    volumes-pvc-longhorn-demo            1/1     Running   0          2d      10.244.2.124   k8s-node2              
    [root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status
    Active connections: 1 
    server accepts handled requests
     4 4 4 
    Reading: 0 Writing: 1 Waiting: 0 
    [root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
    / # cd /etc/nginx/conf.d/
    /etc/nginx/conf.d # ls -lA    #引用的comfigMap实际指向是一个隐藏时间戳文件
    total 0
    drwxr-xr-x    2 root     root            79 Aug  6 08:02 ..2021_08_06_08_02_41.172956995
    lrwxrwxrwx    1 root     root            31 Aug  6 08:02 ..data -> ..2021_08_06_08_02_41.172956995
    lrwxrwxrwx    1 root     root            24 Aug  6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
    lrwxrwxrwx    1 root     root            26 Aug  6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
    lrwxrwxrwx    1 root     root            20 Aug  6 08:02 myserver.conf -> ..data/myserver.conf
    
    /etc/nginx/conf.d # cd ..data/  #里面才是真实的配置文件 
    /etc/nginx/conf.d/..2021_08_06_08_02_41.172956995 # ls
    myserver-gzip.cfg    myserver-status.cfg  myserver.conf
    /etc/nginx/conf.d # exit
    
    [root@k8s-master configmap]# kubectl get cm
    NAME                 DATA   AGE
    demoapp-config       4      42h
    demoapp-confs        4      13h
    nginx-config         2      21h
    nginx-config-files   3      19h
    [root@k8s-master configmap]# kubectl edit cm nginx-config-files  #修改对应的configMap
    apiVersion: v1
    data:
      myserver-gzip.cfg: |
        gzip on;
        gzip_comp_level 5;
        gzip_proxied expired no-cache no-store private auth;
        gzip_types text/plain text/css  application/xml text/javascript;
      myserver-status.cfg: |
        location /nginx-status {
        stub_status on;
        access_log off;
        allow 127.0.0.0/8;  #随便添加2行配置
        deny all;
        }
    ...
    configmap/nginx-config-files edited
    [root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
    / # cd /etc/nginx/conf.d/..
    ..2021_08_06_08_02_41.172956995/  ..data/
    / # cd /etc/nginx/conf.d/
    /etc/nginx/conf.d # ls -lA
    total 0
    drwxr-xr-x    2 root     root            79 Aug  7 03:58 ..2021_08_07_03_58_59.548609753
    lrwxrwxrwx    1 root     root            31 Aug  7 03:58 ..data -> ..2021_08_07_03_58_59.548609753   #链接的时间戳文件已经发生改变 重载的时间会在短时间内随机生成 并不是所有Pod同一时间重载
    lrwxrwxrwx    1 root     root            24 Aug  6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
    lrwxrwxrwx    1 root     root            26 Aug  6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
    lrwxrwxrwx    1 root     root            20 Aug  6 08:02 myserver.conf -> ..data/myserver.conf
    
    / # nginx -T    #应用是否支持热加载和自动重载需要看具体的应用,一般云原生应用都会支持热加载当检测到配置有更新之后会自动重载,一般非原生应用可能需要重启Pod
    # configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
    gzip on;
    gzip_comp_level 5;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css  application/xml text/javascript;
    
    # configuration file /etc/nginx/conf.d/myserver-status.cfg:
    location /nginx-status {
    stub_status on;
    access_log off;
    allow 127.0.0.0/8;
    deny all;
    }
    
    /etc/nginx/conf.d # exit

    你可能感兴趣的:(13.kubernetes笔记 Volume存储卷(四) configMap)