In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-22 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
A ConfigMap object is a collection of configurations. K8s will inject this collection into the corresponding Pod object and start the use of the container successfully. There are generally two ways of injection, one is to mount the storage volume, and the other is to pass variables. ConfigMap must exist before it is referenced, belongs to the namespace level, cannot be used across namespaces, and the content is displayed in clear text. After the ConfigMap content is modified, the corresponding pod must restart or reload the configuration.
Secret is similar to ConfigMap, is encrypted with Base64, ciphertext display, generally store sensitive data. There are generally two ways to create it, one is to create it using kubectl create, and the other is to use Secret configuration files.
Help for using ConfigMap key values: kubectl explain pods.spec.containers.env
ConfigMap volume creation help: kubectl explain pods.spec.volumes
ConfigMap Volume reference help: kubectl explain pods.spec.containers.volumeMounts
Secret help: kubectl explain secret
One, ConfigMap storage volume
1. Use key values to create objects directly
[root@k8s01 yaml] # kubectl create configmap wuhan123-- from-literal=wuhan= "2019 CISM World Games"
Configmap/wuhan123
[root@k8s01 yaml] # kubectl get configmap wuhan123
NAME DATA AGE
Wuhan123 1 27s
[root@k8s01 yaml] # kubectl get configmap wuhan123-o yaml
ApiVersion: v1data: wuhan: 2019 CISM World Games-key and data kind: ConfigMapmetadata: creationTimestamp: "2019-10-26T06:30:13Z" name: wuhan123 namespace: default resourceVersion: "3790588" selfLink: / api/v1/namespaces/default/configmaps/wuhan123 uid: c7771f6f-3825-47f8-9029-4630810b6dd5
[root@k8s01 yaml] #
1.1 reference a single object in the ConfigMap key value:
[root@k8s01 yaml] # vim wuhan123.yaml
ApiVersion: v1kind: Podmetadata: name: wuhan123 namespace: default labels: app: containers:-name: wuhan123 image: nginx:latest imagePullPolicy: Never env:-name: abc-- store the value valueFrom: configMapKeyRef: name: wuhan123-- configmap name key: wuhan-key [root@k8s01 yaml] # kubectl apply-f wuhan123.yaml after referencing the data
Pod/wuhan123 created
[root@k8s01 yaml] # kubectl exec-it wuhan123 bash
Root@wuhan123:/# echo $abc-- outputs the value in the key in the container
2019 CISM World Games
Root@wuhan123:/# exit
Exit
[root@k8s01 yaml] #
1.2 referencing all objects in the ConfigMap
[root@k8s01 yaml] # vim wuhan123-1.yaml
ApiVersion: v1kind: Podmetadata: name: wuhan123-1 namespace: default labels: app: webspec: containers:-name: wuhan123-1 image: nginx:latest imagePullPolicy: Never envFrom:-- reference all configmap values-prefix: WUHAN_-- prefix each variable configMapRef: name: wuhan123 optional: false
[root@k8s01 yaml] # kubectl apply-f wuhan123-1.yaml
Pod/wuhan123-1 created
[root@k8s01 yaml] # kubectl exec-it wuhan123-1 bash
Root@wuhan123-1 echo echo $WUHAN_wuhan-prefix when accessing variables
2019 CISM World Games
Root@wuhan123-1 VOLGUP # exit
Exit
[root@k8s01 yaml] #
two。 Create based on file
[root@k8s01 yaml] # kubectl create configmap wuhan2-- from-file=/root/yaml/nginx.conf-- specify the mounted file
Configmap/wuhan2 created
[root@k8s01 yaml] # kubectl get configmap wuhan2
NAME DATA AGE
Wuhan2 1 18s
[root@k8s01 yaml] # kubectl get configmap wuhan2-o yaml
ApiVersion: v1
Data:
Nginx.conf: | +
Worker_processes auto
Worker_cpu_affinity auto
Worker_rlimit_nofile 65535
Events {
Use epoll
Worker_connections 65535
}
Error_log logs/error.log error
Pid logs/nginx.pid
Http {
Server_info off
Include common/mime.types
Default_type application/octet-stream
Index index.html index.htm default.html default.htm index.json
Log_format main
'[$remote_addr $http_x_forwarded_for-$remote_user $time_local]'
'[Request: $host "$request"] $request_time sec'
'[Detail: $status $body_bytes_sent $http_referer]'
'[Upstream: $upstream_addr $upstream_status]' $upstream_response_time sec'
Access_log logs/access.log main
Keepalive_timeout 65
Sendfile on
Client_max_body_size 10240m
Client_body_buffer_size 1024k
Resolver 114.114.114.114 8.8.8.8
Uwsgi_cache_path uwsgi_temp levels=1:2 keys_zone=IFLYTEK_UWSGI_CACHE:100m inactive=5m max_size=20g
Include common/uwsgi.conf
Include common/proxy.conf
Include common/fastcgi.conf
Include common/gzip.conf
Include sites/*.conf
}
Kind: ConfigMap
Metadata:
CreationTimestamp: "2019-10-26T06:36:20Z"
Name: wuhan2
Namespace: default
ResourceVersion: "3791130"
SelfLink: / api/v1/namespaces/default/configmaps/wuhan2
Uid: 6305dd66-df6c-48a8-a1ad-02513ad64d6c
[root@k8s01 yaml] #
2.1 reference configmap object
[root@k8s01 yaml] # vim wuhan234.yaml
ApiVersion: v1kind: Podmetadata: name: wuhan234 namespace: default labels: app: containers:-name: wuhan234 image: nginx:latest imagePullPolicy: Never volumeMounts:-name: ngxconf mountPath: / usr/share/nginx/conf-Mount configmap to the specified directory readOnly: true volumes:-name: ngxconf-define a volume storage configMap: name: wuhan2-specify the configmap name
[root@k8s01 yaml] # kubectl apply-f wuhan234.yaml
Pod/wuhan234 created
[root@k8s01 yaml] # kubectl exec-it wuhan234 bash
Root@wuhan234:/# head-2 / usr/share/nginx/conf/nginx.conf-View the mounted content
Worker_processes auto
Worker_cpu_affinity auto
Root@wuhan234:/# exit
Exit
[root@k8s01 yaml] #
3. Create based on directory
[root@k8s01 yaml] # kubectl create configmap wuhan3-- from-file=/root/yaml/
Configmap/wuhan3 created
[root@k8s01 yaml] # kubectl get configmap wuhan3
NAME DATA AGE
Wuhan3 8 5s
[root@k8s01 yaml] # kubectl get configmap wuhan3-o yaml
3.1 reference configmap object (mount the specified file in the directory)
[root@k8s01 yaml] # vim wuhan345.yaml
ApiVersion: v1kind: Podmetadata: name: wuhan345 namespace: default labels: app: containers:-name: wuhan345 image: nginx:latest imagePullPolicy: Never volumeMounts:-name: ngxconf mountPath: / usr/share/nginx/conf readOnly: true volumes:-name: ngxconf-- define storage volume name configMap: name: wuhan3-- reference configmap name items:-key: nginx.yaml -- referenced file name path: nginx.yaml-- pre-referenced file name mode: 0777-- File permissions-key: helm123.yaml-- Mapping the referenced helm.yaml file to helm123.yaml path: helm.yaml mode: 0600
[root@k8s01 yaml] # kubectl apply-f wuhan345.yaml
Pod/wuhan345 created
[root@k8s01 yaml] # kubectl exec-it wuhan345 bash
Root@wuhan345:/# ls-al / usr/share/nginx/conf/
Total 0
Drwxrwxrwx 3 root root 97 Oct 26 08:25.
Drwxr-xr-x 1 root root 18 Oct 26 08:25..
Drwxr-xr-x 2 root root 44 Oct 26 08:25.. 2019_10_26_08_25_18.898777603
Lrwxrwxrwx 1 root root 31 Oct 26 08:25.. data-> .2019 1026082518898777603
Lrwxrwxrwx 1 root root 19 Oct 26 08:25 helm123.yaml->.. data/helm123.yaml-after file post-mapping
Lrwxrwxrwx 1 root root 17 Oct 26 08:25 nginx.yaml->.. data/nginx.yaml
Root@wuhan345:/# exit
Exit
[root@k8s01 yaml] #
3.2 reference configmap object (the specified files are mounted in the directory, and the original other files are retained)
[root@k8s01 yaml] # vim wuhan345-1.yaml
ApiVersion: v1kind: Podmetadata: name: wuhan345-1 namespace: default labels: app: webspec: containers:-name: wuhan345-1 image: nginx:latest imagePullPolicy: Never volumeMounts:-name: ngxconf mountPath: / usr/share/nginx/conf/nginx.conf subPath: nginx.conf readOnly: true-name: ngxconf mountPath: / usr/share/nginx/conf/default.conf subPath: default.conf readOnly: true volumes:-name: ngxconf configMap: name: wuhan3
[root@k8s01 yaml] # kubectl apply-f wuhan345-1.yaml
Pod/wuhan345-1 created
[root@k8s01 yaml] # kubectl exec-it wuhan345-1 bash
Root@wuhan345-1 al al # ls / usr/share/nginx/conf/
Total 4
Drwxr-xr-x 3 root root 44 Oct 26 08:20.
Drwxr-xr-x 1 root root 18 Oct 26 08:20..
Drwxrwxrwx 2 root root 6 Oct 26 08:20 default.conf
-rw-r--r-- 1 root root 1083 Oct 26 08:20 nginx.conf
Root@wuhan345-1 VOLGUP # exit
Exit
[root@k8s01 yaml] #
4. Create based on profile
[root@k8s01 yaml] # vim configmap.yaml
ApiVersion: v1kind: ConfigMapmetadata: name: wuhan5 namespace: defaultdata: |-- symbol must be used |, otherwise there is no format nginx.conf: worker_processes auto; worker_cpu_affinity auto; worker_rlimit_nofile 65535; events {use epoll; worker_connections 65535;} http {server_info off; index index.html index.htm default.html default.htm index.json Access_log logs/access.log main; keepalive_timeout 65; server {server_name baidu.com; location / {root html Index index.html}}-apiVersion: v1kind: Podmetadata: name: wuhan5-pod namespace: defaultspec: containers:-name: wuhan5-pod image: nginx:latest imagePullPolicy: Never volumeMounts:-name: ngxconf-- reference alias mountPath: / usr/share/nginx/conf-- mounted directory volumes:-name: ngxconf-define an alias ConfigMap: name: wuhan5-- reference configmap name
[root@k8s01 yaml] # kubectl apply-f configmap.yaml
Configmap/wuhan5 created
Pod/wuhan5-pod created
[root@k8s01 yaml] # kubectl exec-it wuhan5-pod bash
Root@wuhan5-pod:/# head-5 / usr/share/nginx/conf/nginx.conf-displays 5 lines
Worker_processes auto
Worker_cpu_affinity auto
Worker_rlimit_nofile 65535
Events {
Use epoll
Root@wuhan5-pod:/# exit
Exit
[root@k8s01 yaml] #
Second, Secret storage volume
5. Using command to create Secret
[root@k8s01 yaml] # kubectl create secret generic mypass-from-literal=username=root-from-literal=password=System135
Secret/mypass created
[root@k8s01 yaml] # kubectl get secrets mypass
NAME TYPE DATA AGE
Mypass Opaque 2 23s
[root@k8s01 yaml] # kubectl get secrets mypass-o yaml
ApiVersion: v1
Data:
Password: U3lzdGVtMTM1-password is encrypted
Username: cm9vdA==-- user name is encrypted
Kind: Secret
Metadata:
CreationTimestamp: "2019-10-26T08:32:18Z"
Name: mypass
Namespace: default
ResourceVersion: "3801721"
SelfLink: / api/v1/namespaces/default/secrets/mypass
Uid: 7a432a31-fe0b-4edc-a507-9f1aa0cd1745
Type: Opaque-if it's Opaque, it's encrypted with Base64.
[root@k8s01 yaml] # echo U3lzdGVtMTM1 | base64-d-displays the password in clear text
System135 [root@k8s01 yaml] #
6. All pod operational statu
[root@k8s01 yaml] # kubectl get pods-o wide | grep wuhan
Wuhan123 1/1 Running 0 97m 10.244.1.33 k8s02
Wuhan123-1 1bat 1 Running 0 94m 10.244.2.38 k8s03
Wuhan234 1/1 Running 0 85m 10.244.1.35 k8s02
Wuhan345 1/1 Running 0 58m 10.244.1.36 k8s02
Wuhan345-1 1bat 1 Running 0 63m 10.244.2.39 k8s03
Wuhan5-pod 1/1 Running 0 2m5s 10.244.2.41 k8s03
[root@k8s01 yaml] #
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.