Kubernetes(k8s)的Volume数据存储配置储存类型ConfigMap和Secret的使用
目录1. ConfigMap1.1 概述1.2 资源清单文件1.3 创建ConfigMap1.4 创建Pod,查看Pod,进入Pod2. Secret2.1 概述2.2 创建Secret2.3 查看Secret详情2.4 创建Pod,查看Pod,进入Pod1. ConfigMap1.1 概述主要作用是用来存储配置信息的1.2 资源清单文件apiVersion: v1kind: ConfigMapm
·
目录
1. ConfigMap
1.1 概述
主要作用是用来存储配置信息的
1.2 资源清单文件
apiVersion: v1
kind: ConfigMap
metadata:
name: configMap
namespace: dev
data:
filename:
key1: value1
key2: value2
1.3 创建ConfigMap
新建configmap.yaml文件,内容如下。然后创建ConfigMap
[root@k8s-master ~]# cat configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap
namespace: dev
data:
info:
username:admin
password:123
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl apply -f configmap.yaml
configmap/configmap created
[root@k8s-master ~]#
1.4 创建Pod,查看Pod,进入Pod
新建pod.yaml文件,内容如下。然后运行pod
[root@k8s-master ~]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod
namespace: dev
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
volumeMounts:
- mountPath: /configmap/config
name: config
volumes:
- name: config
configMap:
name: configmap
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl apply -f pod.yaml
pod/pod created
[root@k8s-master ~]#
查看Pod
[root@k8s-master ~]# kubectl get pod -n dev -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod 1/1 Running 0 30s 10.244.169.185 k8s-node2 <none> <none>
[root@k8s-master ~]#
进入Pod查看配置
[root@k8s-master ~]# kubectl exec -it pod -c nginx -n dev -- /bin/bash
root@pod:/#
root@pod:/# cat /configmap/config/info
username:admin password:123root@pod:/#
root@pod:/#
可以使用命令kubectl edit cm configmap -n dev更新ConfigMap中的内容,容器中的值也会动态更新
2. Secret
2.1 概述
在kubernetes中,还存在一种和ConfigMap非常类似的对象,称为Secret对象,它主要用来存储敏感信息,例如密码、密钥、证书等
2.2 创建Secret
新建secret.yaml文件,内容如下。然后创建Secret
[root@k8s-master ~]# cat secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: secret
namespace: dev
type: Opaque # 用于用户定义的任意数据
stringData:
username: admin
password: password123
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl apply -f secret.yaml
secret/secret created
[root@k8s-master ~]#
2.3 查看Secret详情
[root@k8s-master ~]# kubectl describe secret secret -n dev
Name: secret
Namespace: dev
Labels: <none>
Annotations: <none>
Type: Opaque
Data
====
password: 11 bytes
username: 5 bytes
[root@k8s-master ~]#
2.4 创建Pod,查看Pod,进入Pod
新建pod.yaml文件,内容如下。然后运行pod
[root@k8s-master ~]# cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: pod
namespace: dev
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- name: nginx-port
containerPort: 80
protocol: TCP
volumeMounts:
- mountPath: /secret/config
name: config
volumes:
- name: config
secret:
secretName: secret
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl apply -f pod.yaml
pod/pod created
[root@k8s-master ~]#
查看Pod
[root@k8s-master ~]# kubectl get pod -n dev -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod 0/1 ContainerCreating 0 8s <none> k8s-node2 <none> <none>
[root@k8s-master ~]#
进入Pod查看配置
[root@k8s-master ~]# kubectl exec -it pod -c nginx -n dev -- /bin/bash
root@pod:/#
root@pod:/# ls /secret/config/
password username
root@pod:/#
root@pod:/# cat /secret/config/username
adminroot@pod:/#
root@pod:/#
root@pod:/# cat /secret/config/password
password123root@pod:/#
root@pod:/#
查看secret信息,发现已经自动解码了
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献16条内容
所有评论(0)