K8s configmap配置管理

K8S ConfigMap介绍:

一、ConfigMap的作用

configmap和secret是两种特殊的存储卷,它们不是给pod提供存储空间用的,而是给管理员或者用户提供了从外部向pod内部注入信息的方式.

configmap:把配置文件放在配置中心上,然后多个pod读取配置中心的配置文件,不过,configmap中的配置信息都是明文的,所以不安全;

secret:功能和configmap一样,只不过配置中心存储的配置文件不是明文的.configmap和secret也是专属于某个名称空间的.

1.Configmap用于保存配置数据，以键值对形式存储。
2.configMap 资源提供了向 Pod 注入配置数据的方法。
3.旨在让镜像和配置文件解耦，以便实现镜像的可移植性和可复用性。

二、创建ConfigMap的方式有4种:

1.通过key-value字符串创建
2.使用文件创建
3.使用目录创建
4.编写configmap的yaml文件创建

2.1、通过key-value字符串的方式创建

#创建configmap其中cm1是名字，key1是键，config1是值
[root@k8s-master ~]# kubectl create configmap cm1 --from-literal=key1=config1 --from-literal=key2=config2
configmap/cm1 created
[root@k8s-master ~]# kubectl get cm
NAME                 DATA   AGE
cm1            2      5s
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl get cm cm1
NAME        DATA   AGE
cm1   2      13s
[root@k8s-master ~]# kubectl describe cm cm1
Name:         cm1
Namespace:    default
Labels:       <none>
Annotations:  <none>

Data
====
key1:
----
config1
key2:
----
config2
Events:  <none>
[root@k8s-master ~]# 

#cm1配置以yaml文件方式输出
[root@k8s-master ~]# kubectl get cm cm1 -o yaml
apiVersion: v1
data:
  key1: config1
  key2: config2
kind: ConfigMap
metadata:
  creationTimestamp: "2021-01-02T09:26:34Z"
  name: cm1
  namespace: default
  resourceVersion: "160052"
  selfLink: /api/v1/namespaces/default/configmaps/cm1
  uid: 0ad32521-f0c5-4490-a0e9-34bb0ff59f9c
[root@k8s-master ~]# 

2.2、文件创建是通过--from-file参数来设定,key的名称是文件名称，value的值是文件的内容.

[root@k8s-master ~]# kubectl create configmap cm2 --from-file=/etc/resolv.conf
configmap/cm2 created
[root@k8s-master ~]# kubectl get cm cm2
NAME   DATA   AGE
cm2    1      6s
[root@k8s-master ~]# kubectl describe cm cm2
Name:         cm2
Namespace:    default
Labels:       <none>
Annotations:  <none>

Data
====
resolv.conf:
----
# Generated by NetworkManager
nameserver 192.168.10.2

Events:  <none>
[root@k8s-master ~]# 

其中，--from-file可以使用多次，比如：
# kubectl create configmap cm2 --from-file=file1 --from-file=file2

2.3、使用目录创建configmap,也是通过--from-file参数来设定。

# 目录中的文件名为key，文件内容是value
# kubectl create configmap cm3 --from-file=/path

2.4、通过编写configmap的yaml/json文件创建（推荐）

[root@k8s-master ~]# cat cm4.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: cm4
data:
  host_name: "k8s-master"
  host_port: "22"
  host_ip: "192.168.10.10"
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl apply -f cm4.yaml 
configmap/cm4 created
[root@k8s-master ~]# kubectl get cm cm4
NAME   DATA   AGE
cm4    3      12s
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl get cm cm4 -o yaml
apiVersion: v1
data:
  host_ip: 192.168.10.10
  host_name: k8s-master
  host_port: "22"
kind: ConfigMap
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","data":{"host_ip":"192.168.10.10","host_name":"k8s-master","host_port":"22"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"cm4","namespace":"default"}}
  creationTimestamp: "2021-01-02T09:54:22Z"
  name: cm4
  namespace: default
  resourceVersion: "162402"
  selfLink: /api/v1/namespaces/default/configmaps/cm4
  uid: 85e48e8a-e3fb-4821-ade8-658882709277
[root@k8s-master ~]# 

三、如何使用configmap
1.通过环境变量的方式直接传递给pod
2.通过在pod的命令行下运行的方式
3.作为volume的方式挂载到pod内

3.1 使用configmap设置环境变量
方式1：通过引用cm4中的变量方式，供pod使用.

# configMap 定义的cm4文件
[root@k8s-master ~]# cat cm4.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: cm4
data:
  host_name: "k8s-master"
  host_port: "22"
  host_ip: "192.168.10.10"

#pod引用cm4中的变量
[root@k8s-master ~]# cat pod.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: cm-pod
spec:
  containers:
    - name: busy-pod
      image: busybox
      command: ["/bin/sh","-c","env"]
      env:
        - name: key1 #定义的key值
          valueFrom:
            configMapKeyRef:
              name: cm4      #configmap文件名称
              key: host_ip  #value的值
        - name: key2
          valueFrom:
            configMapKeyRef:
              name: cm4
              key: host_name
        - name: key3
          valueFrom:
            configMapKeyRef:
              name: cm4
              key: host_port    
  restartPolicy: Never
[root@k8s-master ~]# 

[root@k8s-master ~]# kubectl apply -f pod.yaml 
pod/cm-pod created
[root@k8s-master ~]# kubectl get pod cm-pod
NAME     READY   STATUS      RESTARTS   AGE
cm-pod   0/1     Completed   0          98s

[root@k8s-master ~]# kubectl logs cm-pod
KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT=tcp://10.1.0.1:443
HOSTNAME=cm-pod
SHLVL=1
key1=192.168.10.10
key2=k8s-master
key3=22
...只列出部分变量
[root@k8s-master ~]# 

方式2：直接导入cm4中的变量

[root@k8s-master ~]# cat pod.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: cm4-pod
spec:
  containers:
    - name: busy-pod
      image: busybox
      command: ["/bin/sh","-c","env"]
      envFrom:
        - configMapRef:
            name: cm4 
  restartPolicy: Never
[root@k8s-master ~]# 

[root@k8s-master ~]# kubectl apply -f pod.yaml 
pod/cm4-pod created
[root@k8s-master ~]# kubectl get pod cm4-pod
NAME      READY   STATUS      RESTARTS   AGE
cm4-pod   0/1     Completed   0          27s

[root@k8s-master ~]# kubectl logs cm4-pod
KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT=tcp://10.1.0.1:443
HOSTNAME=cm4-pod
host_ip=192.168.10.10
host_port=22
HOME=/root
host_name=k8s-master
...
KUBERNETES_SERVICE_HOST=10.1.0.1
[root@k8s-master ~]# 

3.2 使用configmap设置命令行参数,通过在pod的命令行下运行的方式.

[root@k8s-master ~]# cat pod.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: test-pod
spec:
  containers:
    - name: pod1
      image: busybox
      command: ["/bin/sh","-c","echo $(host_ip) $(host_port) $(host_name)"]  //命令行参数
      envFrom:
        - configMapRef:
            name: cm4
  restartPolicy: Never
[root@k8s-master ~]# 
[root@k8s-master ~]# kubectl apply -f pod.yaml 
pod/test-pod created
[root@k8s-master ~]# kubectl get pod 
NAME                                    READY   STATUS                  RESTARTS   AGE
test-pod                                0/1     Completed       0          3s
[root@k8s-master ~]# kubectl logs test-pod
192.168.10.10 22 k8s-master
[root@k8s-master ~]# 

 3.3 将数据卷cm4以volume的方式挂载到pod内.

# configMap中定义的cm4文件
[root@k8s-master ~]# cat cm4.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: cm4
data:
  host_name: "k8s-master"
  host_port: "22"
  host_ip: "192.168.10.10"
[root@k8s-master ~]#

#pod挂载cm4文件
[root@k8s-master ~]# cat pod.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: v-pod
spec:
  containers:
    - name: pod1
      image: busybox:latest
      command:
        - sleep
        - "3600"
      imagePullPolicy: IfNotPresent
      volumeMounts:
      - name: config-volume
        mountPath: /config #挂载到容器的这个目录中
  volumes:
    - name: config-volume  #定义的卷名，和volumeMounts中的name要一直.
      configMap:
        name: cm4          #挂载的configMap文件名称
  restartPolicy: Never
[root@k8s-master ~]# 

[root@k8s-master ~]# kubectl apply -f pod.yaml 
pod/v-pod created
[root@k8s-master ~]# kubectl get pod v-pod
NAME    READY   STATUS    RESTARTS   AGE
v-pod   1/1     Running   0          6s
[root@k8s-master ~]# kubectl exec -it v-pod -- sh
/ # cd /config/
/config # ls -ltr
total 0
lrwxrwxrwx    1 root     root            16 Jan  4 14:07 host_port -> ..data/host_port
lrwxrwxrwx    1 root     root            16 Jan  4 14:07 host_name -> ..data/host_name
lrwxrwxrwx    1 root     root            14 Jan  4 14:07 host_ip -> ..data/host_ip

/config # cat host_port 
22
/config # cat host_ip 
192.168.10.10
/config # 

# cm4里面的key是挂载在pod 的/config目录下的文件名 文件内容value值 如：host_ip: "192.168.10.10"