简介
ConfigMap 是一种API 对象,用来将非机密性的数据保存到键值对中。 使用时, Pod 可以将其用作环境变量、命令行参数或者存储卷中的配置文件。 ConfigMap 将你的环境配置信息和容器镜像解耦,便于应用配置的修改和复用。在不同命名空间或不同环境中可以方便的切换配置,并且对开发透明,可以实时更新。
创建configmap
# wechatcert.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: wechatcert
namespace: default
data:
cert_1_cert: |+
-----BEGIN CERTIFICATE-----
MIID8zCCAtugAwIBAgIUcyzP2XJ7nKl3+iDPTWJIzmco9gMwDQYJKoZIhvcNAQEL
.....
ngtlczmDIg==
-----END CERTIFICATE-----
cert_1_key: |+
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDATL6EMPG73/jh
....
Jh6zPUlTJ+7QFlbt5DdnhKox
-----END PRIVATE KEY-----
cert_15_1602411903_cert: |+
-----BEGIN CERTIFICATE-----
MIIEMTCCAxmgAwIBAgIUNQhkhxGUolX3wHCUi4hNWVQmuF4wDQYJKoZIhvcNAQEL
BQAwXjELMAkGA1UEBhMCQ04xEzARBgNVBAoTClRlbnBheS5jb20xHTAbBgNVBAsT
FFR....
eZzKlZJBt5JC/5mcdoBlWOgBJnCE
-----END CERTIFICATE-----
cert_15_1602411903_key: |+
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC+yTjTdt8ijeGr
-----END PRIVATE KEY-----
创建configMap
kubectl apply -f wechatcert.yaml
挂载到POD
# nginx1.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx1
labels:
app: nginx1
spec:
containers:
- name: nginx1
image: nginx:alpine
ports:
- containerPort: 80
volumeMounts:
- name: wechatcert
mountPath: "/data/cert"
readOnly: true
volumes:
- name: wechatcert
configMap:
name: wechatcert
items:
- key: cert_1_cert
path: 1/apiclient_cert.pem
- key: cert_1_key
path: 1/apiclient_key.pem
- key: cert_15_1602411903_cert
path: 15/1602411903/apiclient_cert.pem
- key: cert_15_1602411903_key
path: 15/1602411903/apiclient_key.pem
应用到pod
kubectl apply -f nginx1.yaml
「真诚赞赏,手留余香」
我的乐与怒
真诚赞赏,手留余香
使用微信扫描二维码完成支付
