在k8s中使用configmap保存配置文件

Posted by Vincent on Tuesday, May 28, 2024

简介

ConfigMap 是一种API 对象,用来将非机密性的数据保存到键值对中。 使用时, Pod 可以将其用作环境变量、命令行参数或者存储卷中的配置文件。 ConfigMap 将你的环境配置信息和容器镜像解耦,便于应用配置的修改和复用。在不同命名空间或不同环境中可以方便的切换配置,并且对开发透明,可以实时更新。

创建configmap

# wechatcert.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: wechatcert
  namespace: default
data:
  cert_1_cert: |+
    -----BEGIN CERTIFICATE-----
    MIID8zCCAtugAwIBAgIUcyzP2XJ7nKl3+iDPTWJIzmco9gMwDQYJKoZIhvcNAQEL
    .....
    ngtlczmDIg==
    -----END CERTIFICATE-----    
  cert_1_key: |+
    -----BEGIN PRIVATE KEY-----
    MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDATL6EMPG73/jh
    ....
    Jh6zPUlTJ+7QFlbt5DdnhKox
    -----END PRIVATE KEY-----    
  cert_15_1602411903_cert: |+
    -----BEGIN CERTIFICATE-----
    MIIEMTCCAxmgAwIBAgIUNQhkhxGUolX3wHCUi4hNWVQmuF4wDQYJKoZIhvcNAQEL
    BQAwXjELMAkGA1UEBhMCQ04xEzARBgNVBAoTClRlbnBheS5jb20xHTAbBgNVBAsT
    FFR....
    eZzKlZJBt5JC/5mcdoBlWOgBJnCE
    -----END CERTIFICATE-----    
  cert_15_1602411903_key: |+
    -----BEGIN PRIVATE KEY-----
    MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC+yTjTdt8ijeGr
    -----END PRIVATE KEY-----    

创建configMap

kubectl apply -f wechatcert.yaml

挂载到POD

# nginx1.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx1
  labels:
    app: nginx1
spec:
  containers:
  - name: nginx1
    image: nginx:alpine
    ports:
    - containerPort: 80
    volumeMounts:
      - name: wechatcert
        mountPath: "/data/cert"
        readOnly: true
  volumes:
  - name: wechatcert
    configMap:
      name: wechatcert
      items:
        - key: cert_1_cert
          path: 1/apiclient_cert.pem
        - key: cert_1_key
          path: 1/apiclient_key.pem
        - key: cert_15_1602411903_cert
          path: 15/1602411903/apiclient_cert.pem
        - key: cert_15_1602411903_key
          path: 15/1602411903/apiclient_key.pem

应用到pod

kubectl apply -f nginx1.yaml

「真诚赞赏,手留余香」

我的乐与怒

真诚赞赏,手留余香

使用微信扫描二维码完成支付