configmap的配置和使用
1.configmap的简单理解
提供服务的pod,比如mysql,主要有两部分重要数据,静态数据:mysql服务读取的配置文件,动态数据:存储数据.
如果pod出问题,删除pod,假如这些重要数据不单独备份,将随着pod的删除也被删除.很不方便.
重要数据和pod分离解耦,独立于pod之外,显然方便许多.
存储数据可以用pv pvc实现和pod的分离解耦,后面测试.
配置文件和pod分离解耦,也就是说mysql容器能够直接读取并使用预先配置好的配置文件(而不是使用容器中默认自带的配置文件).这是configMap的主要功能.
kubernetes使用configMap实现对pod中应用配置文件管理.
2.创建configmap
有两种方式:
1.通过yaml文件创建.
2.执行kubectl create命令,直接命令行创建.
命令行直接创建,见下:
cat mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
创建configMap,使用mysqld.cnf的数据
kubectl create configmap mysql-config --from-file=mysqld.cnf
configmap/mysql-config created
kubectl describe configmap mysql-config
Name: mysql-config
Namespace: default
Labels:
Annotations:
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
yaml文件创建configmap,见下:
注意直接写入文件内容的格式 mysqld.cnf: |
cat mysql-config2.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-config2
data:
mysqld.cnf: |
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
kubectl apply -f mysql-config2.yaml
configmap/mysql-config2 created
kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels:
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
3.使用configmap
configmap可以和secret一样当成环境变量使用.
主要使用volume挂载方式.应用配置文件使用volume挂载方式.支持动态更新.
下面用mysql示例,启用一个mysql容器pod,通过configmap读取预先配置好的配置文件.
configmap,用上面的mysql-config2.配置参考见下:
cat mysql-test.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-t
spec:
ports:
- port: 3306
selector:
app: mysql-t
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: mysql-t
spec:
selector:
matchLabels:
app: mysql-t
template:
metadata:
labels:
app: mysql-t
spec:
containers:
- image: mysql:5.7
name: mysql-t
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password
volumeMounts:
- name: mysql-t1
mountPath: /etc/mysql/mysql.conf.d
volumes:
- name: mysql-t1
configMap:
name: mysql-config2
kubectl apply -f mysql-test.yaml
service/mysql-t created
deployment.apps/mysql-t created
注释:
MYSQL_ROOT_PASSWORD使用的是secret篇里创建的secret.
volumeMounts/mountPath:pod容器里挂载目录,这个目录其实很重要,你要使用个容器的应用,需熟悉这个应用的配置文件存放目录并且挂载到正确目录.挂载目录错了容器应用无法读取到配置文件.
volumes:使用的卷name: mysql-t1,注意volumes和volumeMounts的这个名字是相对应的.
kubectl describe pod mysql-t-8fb468bcc-6b4r7
Name: mysql-t-8fb468bcc-6b4r7
Namespace: default
Priority: 0
Node: k8s-node2/192.168.174.129
Start Time: Fri, 22 Nov 2019 02:05:40 -0500
Labels: app=mysql-t
pod-template-hash=8fb468bcc
Annotations:
Status: Running
IP: 172.30.94.5
Controlled By: ReplicaSet/mysql-t-8fb468bcc
Containers:
mysql-t:
Container ID: docker://d7fff75f23a8cdff5d1aca8807725d1f54f07e1a4c181f25f435614c71bd916c
Image: mysql:5.7
Image ID: docker-pullable://mysql@sha256:44b33224e3c406bf50b5a2ee4286ed0d7f2c5aec1f7fdb70291f7f7c570284dd
Port: 3306/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 22 Nov 2019 02:05:41 -0500
Ready: True
Restart Count: 0
Environment:
MYSQL_ROOT_PASSWORD: Optional: false
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-fwtch (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
mysql-t1:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: mysql-config2
Optional: false
default-token-fwtch:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-fwtch
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 3m29s default-scheduler Successfully assigned default/mysql-t-8fb468bcc-6b4r7 to k8s-node2
Normal Pulled 3m28s kubelet, k8s-node2 Container image "mysql:5.7" already present on machine
Normal Created 3m28s kubelet, k8s-node2 Created container mysql-t
Normal Started 3m28s kubelet, k8s-node2 Started container mysql-t
注意mounts部分
Mounts:
/etc/mysql/mysql.conf.d from mysql-t1 (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-fwtch (ro)
检索可见,读取的就是我们配置的configmap.
root@mysql-t-8fb468bcc-6b4r7:/etc/mysql/mysql.conf.d# pwd
/etc/mysql/mysql.conf.d
root@mysql-t-8fb468bcc-6b4r7:/etc/mysql/mysql.conf.d# cat mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
4.动态更新
测试热更新
更新mysql-config2
加上以下内容:
log_bin=mysql_bin
binlog-format=Row
server-id=1
使用kubectl edit命令
kubectl edit configmap mysql-config2
configmap "mysql-config2" edited
kubectl describe configmap mysql-config2
Name: mysql-config2
Namespace: default
Labels:
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","data":{"mysqld.cnf":"[client]\nport = 3306\nsocket = /var/run/mysqld/mysqld.sock\n[mysql]\nno-auto-rehash\n\n[mysqld]\...
Data
====
mysqld.cnf:
----
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
log_bin=mysql_bin
binlog-format=Row
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid
Events:
实现了热更新
kubectl exec -it mysql-t-8fb468bcc-9274l bash
root@mysql-t-8fb468bcc-9274l:/# cat /etc/mysql/mysql.conf.d/mysqld.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
no-auto-rehash
[mysqld]
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
log_bin=mysql_bin
binlog-format=Row
server-id=1
[mysqld_safe]
log-error= /var/log/mysql/mysql_oldboy.err
pid-file = /var/run/mysqld/mysqld.pid