ConfigMap

一、ConfigMap概述

ConfigMap 是一种 API 对象，用来将非机密性的数据保存到键值对中。使用时， Pod 可以将其用作环境变量、命令行参数或者存储卷中的配置文件。

ConfigMap 将环境配置信息和容器镜像解耦，便于应用配置的修改。

[!NOTE] 说明：
ConfigMap 在设计上不是用来保存大量数据的。在 ConfigMap 中保存的数据不可超过 1 MiB。如果你需要保存超出此尺寸限制的数据，你可能希望考虑挂载存储卷 或者使用独立的数据库或者文件服务。

二、用命令创建ConfigMap

[root@k8s-master01 ~]# kubectl create configmap --help
Create a config map based on a file, directory, or specified literal value.

 A single config map may package one or more key/value pairs.

 When creating a config map based on a file, the key will default to the basename of the file, and
the value will default to the file content.  If the basename is an invalid key, you may specify an
alternate key.

 When creating a config map based on a directory, each file whose basename is a valid key in the
directory will be packaged into the config map.  Any directory entries except regular files are
ignored (e.g. subdirectories, symlinks, devices, pipes, etc).

Aliases:
configmap, cm

Examples:
  # Create a new config map named my-config based on folder bar
  kubectl create configmap my-config --from-file=path/to/bar
  
  # Create a new config map named my-config with specified keys instead of file basenames on disk
  kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt
--from-file=key2=/path/to/bar/file2.txt
  
  # Create a new config map named my-config with key1=config1 and key2=config2
  kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
  
  # Create a new config map named my-config from the key=value pairs in the file
  kubectl create configmap my-config --from-file=path/to/bar
  
  # Create a new config map named my-config from an env file
  kubectl create configmap my-config --from-env-file=path/to/foo.env --from-env-file=path/to/bar.env

Options:
    --allow-missing-template-keys=true:
	If true, ignore any errors in templates when a field or map key is missing in the
	template. Only applies to golang and jsonpath output formats.

    --append-hash=false:
	Append a hash of the configmap to its name.

    --dry-run='none':
	Must be "none", "server", or "client". If client strategy, only print the object that
	would be sent, without sending it. If server strategy, submit server-side request without
	persisting the resource.

    --field-manager='kubectl-create':
	Name of the manager used to track field ownership.

    --from-env-file=[]:
	Specify the path to a file to read lines of key=val pairs to create a configmap.

    --from-file=[]:
	Key file can be specified using its file path, in which case file basename will be used as
	configmap key, or optionally with a key and file path, in which case the given key will be
	used.  Specifying a directory will iterate each named file in the directory whose basename
	is a valid configmap key.

    --from-literal=[]:
	Specify a key and literal value to insert in configmap (i.e. mykey=somevalue)

    -o, --output='':
	Output format. One of: (json, yaml, name, go-template, go-template-file, template,
	templatefile, jsonpath, jsonpath-as-json, jsonpath-file).

    --save-config=false:
	If true, the configuration of current object will be saved in its annotation. Otherwise,
	the annotation will be unchanged. This flag is useful when you want to perform kubectl
	apply on this object in the future.

    --show-managed-fields=false:
	If true, keep the managedFields when printing objects in JSON or YAML format.

    --template='':
	Template string or path to template file to use when -o=go-template, -o=go-template-file.
	The template format is golang templates
	[http://golang.org/pkg/text/template/#pkg-overview].

    --validate='strict':
	Must be one of: strict (or true), warn, ignore (or false). 		"true" or "strict" will use a
	schema to validate the input and fail the request if invalid. It will perform server side
	validation if ServerSideFieldValidation is enabled on the api-server, but will fall back
	to less reliable client-side validation if not. 		"warn" will warn about unknown or
	duplicate fields without blocking the request if server-side field validation is enabled
	on the API server, and behave as "ignore" otherwise. 		"false" or "ignore" will not
	perform any schema validation, silently dropping any unknown or duplicate fields.

Usage:
  kubectl create configmap NAME [--from-file=[key=]source] [--from-literal=key1=value1]
[--dry-run=server|client|none] [options]

Use "kubectl options" for a list of global command-line options (applies to all commands).

三、ConfigMap的yaml文件编写

apiVersion: v1
kind: ConfigMap
metadata:
  name: game-demo
data:
  # 类属性键；每一个键都映射到一个简单的值
  player_initial_lives: "3"
  ui_properties_file_name: "user-interface.properties"

  # 类文件键
  game.properties: |
    enemy.types=aliens,monsters
    player.maximum-lives=5    
  user-interface.properties: |
    color.good=purple
    color.bad=yellow
    allow.textmode=true   

四、给Pod中的容器配置ConfigMap

官方案例，这里使用了环境变量和卷引用两种方式：

apiVersion: v1
kind: Pod
metadata:
  name: configmap-demo-pod
spec:
  containers:
    - name: demo
      image: alpine
      command: ["sleep", "3600"]
      env:
        # 定义环境变量
        - name: PLAYER_INITIAL_LIVES # 请注意这里和 ConfigMap 中的键名是不一样的
          valueFrom:
            configMapKeyRef:
              name: game-demo           # 这个值来自 ConfigMap
              key: player_initial_lives # 需要取值的键
        - name: UI_PROPERTIES_FILE_NAME
          valueFrom:
            configMapKeyRef:
              name: game-demo
              key: ui_properties_file_name
      volumeMounts:
      - name: config
        mountPath: "/config"
        readOnly: true
  volumes:
  # 你可以在 Pod 级别设置卷，然后将其挂载到 Pod 内的容器中
  - name: config
    configMap:
      # 提供你想要挂载的 ConfigMap 的名字
      name: game-demo
      # 来自 ConfigMap 的一组键，将被创建为文件
      items:
      - key: "game.properties"
        path: "game.properties"
      - key: "user-interface.properties"
        path: "user-interface.properties"

ConfigMap 不会区分单行属性值和多行类似文件的值，重要的是 Pods 和其他对象如何使用这些值。

上面的例子定义了一个卷并将它作为 /config 文件夹挂载到 demo 容器内， 创建两个文件，/config/game.properties 和 /config/user-interface.properties， 尽管 ConfigMap 中包含了四个键。 这是因为 Pod 定义中在 volumes 节指定了一个 items 数组。 如果你完全忽略 items 数组，则 ConfigMap 中的每个键都会变成一个与该键同名的文件， 因此你会得到四个文件。

将 ConfigMap 中的所有键值对配置为容器环境变量

• 创建一个包含多个键值对的 ConfigMap。

  apiVersion: v1
  kind: ConfigMap
  metadata:
    name: special-config
    namespace: default
  data:
    SPECIAL_LEVEL: very
    SPECIAL_TYPE: charm
  

• 使用 envFrom 将所有 ConfigMap 的数据定义为容器环境变量，ConfigMap 中的键成为 Pod 中的环境变量名称。

  apiVersion: v1
  kind: Pod
  metadata:
    name: dapi-test-pod
  spec:
    containers:
      - name: test-container
        image: registry.k8s.io/busybox
        command: [ "/bin/sh", "-c", "env" ]
        envFrom:
        - configMapRef:
            name: special-config
    restartPolicy: Never
  

  创建 Pod：

  kubectl create -f pod-configmap-envFrom.yaml
  

  现在，Pod 的输出包含环境变量 SPECIAL_LEVEL=very 和 SPECIAL_TYPE=charm。

  测试结束，删除该 Pod：

  kubectl delete pod dapi-test-pod --now
  

五、ConfigMap热更新

kubectl edit configmap/configmap_name