configmap的配置和使用
1.configmap的簡單理解
提供服務的pod,比如mysql,主要有兩部分重要數據,靜態數據:mysql服務讀取的配置文件,動態數據:存儲數據.
如果pod出問題,刪除pod,假如這些重要數據不單獨備份,將隨着pod的刪除也被刪除.很不方便.
重要數據和pod分離解耦,獨立於pod之外,顯然方便許多.
存儲數據可以用pv pvc實現和pod的分離解耦,後面測試.
配置文件和pod分離解耦,也就是說mysql容器能夠直接讀取並使用預先配置好的配置文件(而不是使用容器中默認自帶的配置文件).這是configMap的主要功能.
kubernetes使用configMap實現對pod中應用配置文件管理.
2.創建configmap
有兩種方式:
1.通過yaml文件創建.
2.執行kubectl create命令,直接命令行創建.
命令行直接創建,見下:
cat mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
創建configMap,使用mysqld.cnf的數據
kubectl create configmap mysql-config --from-file=mysqld.cnf
configmap/mysql-config created
kubectl describe configmap mysql-config
Name: mysql-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events: <none>
yaml文件創建configmap,見下:
注意直接寫入文件內容的格式 mysqld.cnf: |
cat mysql-config2.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-config2
data:
mysqld.cnf: |
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
kubectl apply -f mysql-config2.yaml
configmap/mysql-config2 created
kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events: <none>
3.使用configmap
configmap可以和secret一樣當成環境變量使用.
主要使用volume掛載方式.應用配置文件使用volume掛載方式.支持動態更新.
下面用mysql示例,啓用一個mysql容器pod,通過configmap讀取預先配置好的配置文件.
configmap,用上面的mysql-config2.配置參考見下:
cat mysql-test.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-t
spec:
ports:
- port: 3306
selector:
app: mysql-t
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mysql-t
spec:
selector:
matchLabels:
app: mysql-t
template:
metadata:
labels:
app: mysql-t
spec:
containers:
- image: mysql:5.7
name: mysql-t
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password
volumeMounts:
- name: mysql-t1
mountPath: /etc/mysql/mysql.conf.d
volumes:
- name: mysql-t1
configMap:
name: mysql-config2
kubectl apply -f mysql-test.yaml
service/mysql-t created
deployment.apps/mysql-t created
註釋:
MYSQL_ROOT_PASSWORD使用的是secret篇裏創建的secret.
volumeMounts/mountPath:pod容器裏掛載目錄,這個目錄其實很重要,你要使用個容器的應用,需熟悉這個應用的配置文件存放目錄並且掛載到正確目錄.掛載目錄錯了容器應用無法讀取到配置文件.
volumes:使用的卷name: mysql-t1,注意volumes和volumeMounts的這個名字是相對應的.
kubectl describe pod mysql-t-8fb468bcc-6b4r7
Name: mysql-t-8fb468bcc-6b4r7
Namespace: default
Priority: 0
Node: k8s-node2/192.168.174.129
Start Time: Fri, 22 Nov 2019 02:05:40 -0500
Labels: app=mysql-t
pod-template-hash=8fb468bcc
Annotations: <none>
Status: Running
IP: 172.30.94.5
Controlled By: ReplicaSet/mysql-t-8fb468bcc
Containers:
mysql-t:
Container ID: docker://d7fff75f23a8cdff5d1aca8807725d1f54f07e1a4c181f25f435614c71bd916c
Image: mysql:5.7
Image ID: docker-pullable://mysql@sha256:44b33224e3c406bf50b5a2ee4286ed0d7f2c5aec1f7fdb70291f7f7c570284dd
Port: 3306/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 22 Nov 2019 02:05:41 -0500
Ready: True
Restart Count: 0
Environment:
MYSQL_ROOT_PASSWORD: <set to the key 'password' in secret 'mysecret'> Optional: false
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-fwtch (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
mysql-t1:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: mysql-config2
Optional: false
default-token-fwtch:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-fwtch
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m29s default-scheduler Successfully assigned default/mysql-t-8fb468bcc-6b4r7 to k8s-node2
Normal Pulled 3m28s kubelet, k8s-node2 Container image "mysql:5.7" already present on machine
Normal Created 3m28s kubelet, k8s-node2 Created container mysql-t
Normal Started 3m28s kubelet, k8s-node2 Started container mysql-t
注意mounts部分
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-fwtch (ro)
檢索可見,讀取的就是我們配置的configmap.
root@mysql-t-8fb468bcc-6b4r7:/etc/mysql/mysql.conf.d# pwd
/etc/mysql/mysql.conf.d
root@mysql-t-8fb468bcc-6b4r7:/etc/mysql/mysql.conf.d# cat mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
4.動態更新
測試熱更新
更新mysql-config2
加上以下內容:
log_bin=mysql_bin
binlog-format=Row
server-id=1
使用kubectl edit命令
kubectl edit configmap mysql-config2
configmap "mysql-config2" edited
kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
log_bin=mysql_bin
binlog-format=Row
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events: <none>
實現了熱更新
kubectl exec -it mysql-t-8fb468bcc-9274l bash
root@mysql-t-8fb468bcc-9274l:/# cat /etc/mysql/mysql.conf.d/mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
log_bin=mysql_bin
binlog-format=Row
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid