ConfigMap 的作用是将配置从镜像中解耦,增强应用的可以执行和和复用性。
介绍
查看帮助:kubectl explain configmap
命令行创建
$ kubectl create configmap nginx-conf --from-literal=nginx_port=80 --from-literal=server_name=hello-app.xiexianbin.cn
configmap/nginx-conf created
$ kubectl get cm nginx-conf
NAME DATA AGE
nginx-conf 2 9s
$ kubectl describe cm nginx-conf
Name: nginx-conf
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
nginx_port:
----
80
server_name:
----
hello-app.xiexianbin.cn
BinaryData
====
Events: <none>
nginx-hello-app.conf:
server {
server_name hello-app.xiexianbin.cn;
listen 8080;
root /data/html;
}
创建:
$ kubectl create configmap <map-name> --from-file=<data-source>
$ kubectl create configmap nginx-hello-app --from-file=./nginx-hello-app.conf
configmap/nginx-hello-app created
$ kubectl get cm nginx-hello-app
NAME DATA AGE
nginx-hello-app 1 15s
$ kubectl describe cm nginx-hello-app
Name: nginx-hello-app
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
nginx-hello-app.conf:
----
server {
server_name hello-app.xiexianbin.cn;
listen 8080;
root /data/html;
}
BinaryData
====
Events: <none>
Pod ENV from ConfigMap
帮助:kubectl explain pod.spec.containers.env.valueFrom
apiVersion: v1
kind: Pod
metadata:
name: cm-pod
namespace: default
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
env:
- name: NGINX_SERVER_PORT
valueFrom:
configMapKeyRef:
name: nginx-conf
key: nginx_port
- name: NGINX_SERVER_NAME
valueFrom:
configMapKeyRef:
name: nginx-conf
key: server_name
$ kubectl apply -f pod-configmap.yaml
pod/cm-pod created
$ kubectl exec -it cm-pod -- printenv | grep NGINX_
NGINX_SERVER_PORT=80
NGINX_SERVER_NAME=hello-app.xiexianbin.cn
kubectl edit cm nginx-conf
该方式的环境变量只在重启才重新注入 Pod
Pod Volume from configMap
apiVersion: v1
kind: Pod
metadata:
name: cm-pod-vol
namespace: default
spec:
containers:
- name: nginx
image: nginx:latest
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nginx-conf
mountPath: /data
readOnly: true
volumes:
- name: nginx-conf
configMap:
name: nginx-conf
$ kubectl apply -f pod-configmap-vol.yaml
pod/cm-pod-vol created
$ kubectl exec -it cm-pod-vol -- sh
# cat /data/nginx_port
80
# cat /data/server_name
hello-app.xiexianbin.cn
#
# 80 -> 8080
$ kubectl edit cm nginx-conf
# 等一会
$ kubectl exec -it cm-pod-vol -- sh
# cat /data/nginx_port
8080
因此,configMap 通过 volumes 的方式挂载到容器内,等一段时间后,会自动同步到容器里
挂载导致启动失败问题
- pod 挂载 cm as volume 失败问题日志
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m52s default-scheduler Successfully assigned argo/test-cm-pod to node3
Normal Pulled 3m51s kubelet Container image "alpine:stable" already present on machine
Normal Created 3m51s kubelet Created container test-container
Warning Failed 3m51s kubelet Error: failed to start container "test-container": Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/var/lib/docker/containers/03035cd95518b5aab25b94bcb8ccd6a426eda063c4a04b43f9be3592e42b48bb/resolv.conf" to rootfs at "/etc/resolv.conf": open /var/lib/docker/overlay2/93f92eed123d271a344643260abdf61d91015bd831b018f3b1617623d7b43478/merged/etc/resolv.conf: read-only file system: unknown
Warning FailedMount 3m49s (x2 over 3m50s) kubelet MountVolume.SetUp failed for volume "config-volume" : object "argo"/"cicd-test-cm" not registered
- 挂载
/etc 目录导致的,挂载到 /etc/config 即可避免该问题
---
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
---
apiVersion: v1
kind: Pod
metadata:
name: test-configmap-mount-pod
spec:
containers:
- name: test-container
image: alpine:stable
command: [ "sh", "-c", "sleep 10000" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config # 如果 mountPath: /etc,则会报上述错误
volumes:
- name: config-volume
configMap:
# Provide the name of the ConfigMap containing the files you want
# to add to the container
name: special-config
restartPolicy: Never
挂载导致容器目录覆盖的问题
---
apiVersion: v1
kind: ConfigMap
metadata:
name: abc-cm
data:
config.json: | xxxx自定义文件内容
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: abc
spec:
selector:
matchLabels:
app: abc
template:
metadata:
labels:
app: abc
spec:
containers:
- name: node
image: alpine
imagePullPolicy: Always
volumeMounts:
- name: abc-config
mountPath: /opt/config.json
subPath: path/to/config.json
volumes:
- name: abc-config
configMap:
name: abc-cm
items:
- key: config.json
path: path/to/config.json
基于目录创建 ConfigMap
# 创建本地目录
$ mkdir -p configmap
# 将实例文件下载到 configmap/ 目录
$ cd configmap
$ cat game.propertie
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
$ cat ui.properties
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
$ cd ..
# 创建 configmap
$ kubectl create configmap configmap-game --from-file=configmap/
$ kubectl describe configmaps configmap-game
Name: configmap-game
Namespace: xiexianbin
Labels: <none>
Annotations: <none>
Data
====
game.properties:
----
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
ui.properties:
----
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
Events: <none>
$ kubectl get configmaps configmap-game -o yaml
apiVersion: v1
data:
game.properties: |-
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
ui.properties: |
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
kind: ConfigMap
metadata:
creationTimestamp: "2020-12-20T09:21:04Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:game.properties: {}
f:ui.properties: {}
manager: kubectl-create
operation: Update
time: "2020-12-20T09:21:04Z"
name: configmap-game
namespace: xiexianbin
resourceVersion: "1383191"
uid: b0b85bc2-562a-4bb6-9ba5-54f3ebdf0448
基于文件创建 ConfigMap
kubectl create configmap configmap-game-2 --from-file=configmap-game/game.properties
$ kubectl describe configmaps configmap-game-2
Name: configmap-game-2
Namespace: xiexianbin
Labels: <none>
Annotations: <none>
Data
====
game.properties:
----
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
Events: <none>
$ kubectl create configmap configmap-game-2 --from-file=configmap-game/game.properties --from-file=configmap-game/ui.properties
configmap/configmap-game-2 created
[xiexianbin@proxy ~]$ kubectl describe configmaps configmap-game-2
Name: configmap-game-2
Namespace: xiexianbin
Labels: <none>
Annotations: <none>
Data
====
game.properties:
----
enemies=aliens
lives=3
enemies.cheat=true
enemies.cheat.level=noGoodRotten
secret.code.passphrase=UUDDLRLRBABAS
secret.code.allowed=true
secret.code.lives=30
ui.properties:
----
color.good=purple
color.bad=yellow
allow.textmode=true
how.nice.to.look=fairlyNice
Events: <none>