Kubernets配置存储
k8s配置存储学习
·
Kubernets配置存储
💽ConfigMap
ConfigMap(cm):较为特殊的存储卷,用来存储配置信息。
创建configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap
namespace: dev
data:
info: |
username:rkun18
password:123456
#创建cm
[root@master ~]# kubectl create -f configmap.yaml
configmap/configmap created
#查看信息
[root@master ~]# kubectl describe cm -n dev
Name: configmap
Namespace: dev
Labels: <none>
Annotations: <none>
Data
====
info:
----
username:rkun18
password:123456
Events: <none>
创建pod-configmap.yaml,将cm挂载到Pod里的容器中去
apiVersion: v1
kind: Pod
metadata:
name: pod-configmap
namespace: dev
spec:
containers:
- name: nginx
image: nginx:1.17.1
volumeMounts: # 将configmap挂载到目录
- name: config
mountPath: /configmap/config
volumes: # 引用configmap
- name: config
configMap:
name: configmap
#创建Pod
[root@master ~]# kubectl create -f pod-configmap.yaml
pod/pod-configmap created
#查看Pod信息
[root@master ~]# kubectl get pod -n dev -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-configmap 1/1 Running 0 34s 10.244.1.6 node1 <none> <none>
#进入Pod
[root@master ~]# kubectl get pod -n dev -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod-configmap 1/1 Running 0 34s 10.244.1.6 node1 <none> <none>
[root@master ~]# kubectl exec -it pod-configmap -n dev /bin/sh
# cd /configmap/config/
# ls
info
# more info
username:rkun18
password:123456
# exit
#映射成功 key > 文件 value > 文件中内容
#如果更新configmap值,容器中的值也会改变
💾Secret
Secret:主要用于存储敏感信息。例如密码,密钥,证书等。
-
使用base64对数据编码
[root@master ~]# echo -n 'rkun18' | base64 cmt1bjE4 [root@master ~]# echo -n '123456' | base64 MTIzNDU2
-
创建secret.yaml
apiVersion: v1 kind: Secret metadata: name: secret namespace: dev type: Opaque data: username: cmt1bjE4 password: MTIzNDU2
#创建secret [root@master ~]# kubectl create -f secret.yaml secret/secret created #查看信息 [root@master ~]# kubectl describe secret secret -n dev Name: secret Namespace: dev Labels: <none> Annotations: <none> Type: Opaque Data ==== password: 6 bytes username: 6 bytes
-
创建pod-secret.yaml,将secret挂载上去
apiVersion: v1 kind: Pod metadata: name: pod-secret namespace: dev spec: containers: - name: nginx image: nginx:1.17.1 volumeMounts: # 将secret挂载到目录 - name: config mountPath: /secret/config volumes: - name: config secret: secretName: secret
#创建Pod [root@master ~]# kubectl create -f pod-secret.yaml pod/pod-secret created [root@master ~]# kubectl get pod pod-secret -n dev NAME READY STATUS RESTARTS AGE pod-secret 1/1 Running 0 3m2s #进入容器 查看secret信息 发现已经自动解码了 [root@master ~]# kubectl exec -it pod-secret /bin/sh -n dev # cd /secret/config # ls password username # cat password 123456# cat username rkun18# exit
更多推荐
已为社区贡献12条内容
所有评论(0)