k8s之数据存储配置存储

• Z时代
• 2024-01-10
• 分类：综合

ConfigMap

configmap是一种比较特殊的存储卷，它的主要作用是用来存储配置信息的

创建configmap.yaml，内容如下

apiVersion: v1
kind: ConfigMap
metadata:
  name: configmap
namespace: dev
data:
  info:
    username:admin
    password:123456

 接下来，使用此配置文件创建configmap

[root@master ~]# vim configmap.yaml
[root@master ~]# kubectl create -f configmap.yaml
configmap/configmap created
[root@master ~]# kubectl describe cm configmap -n dev
Name:         configmap
Namespace:    dev
Labels:       <none>
Annotations:  <none>
Data
====
info:
----
username:admin password:123456
Events:  <none>

接下来创建一个pod-configmap.yaml，将上面创建的configmap挂载进去

apiVersion: v1
kind: Pod
metadata:
  name: pod-configmap
namespace: dev
spec:
  containers:
- name: nginx
    image: nginx:1.17.1
    volumeMounts: 
- name: config
      mountPath: /configmap/config
  volumes:
- name: config
    configMap: 
      name: configmap

使用配置文件

[root@master ~]# vim pod-configmap.yaml
[root@master ~]# kubectl create -f pod-configmap.yaml 
pod/pod-configmap created
[root@master ~]# kubectl get pod pod-configmap -n dev
NAME            READY   STATUS    RESTARTS   AGE
pod-configmap   1/1     Running   0          32s

进入容器，可以看见映射已经成功，每个configmap都映射成了一个目录

[root@master ~]# kubectl exec -it pod-configmap -n dev /bin/sh
# cd /configmap/config
# ls
info
# more info
username:admin password:123456
# exit

编辑configmap，将password改为123456789

[root@master ~]# kubectl edit cm configmap -n dev
# Please edit the object below. Lines beginning with a "#" will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
  info: username:admin password:123456789
kind: ConfigMap
metadata:
  creationTimestamp: "2021-08-18T03:58:59Z"
  name: configmap
namespace: dev
  resourceVersion: "171455"
  selfLink: /api/v1/namespaces/dev/configmaps/configmap
  uid: 46f41475-b95b-4477-9221-50054d6a5ea2

再次查看info文件

[root@master ~]# kubectl exec -it pod-configmap -n dev /bin/sh
# more /configmap/config/info
username:admin password:123456789

Secret

在k8s中，还存在一种和ConfigMap非常类似的对象，成为Secret对象。它主要用于存储敏感信息，例如密码，密钥，证书等等。

首先使用base64对数据进行编码

[root@master ~]# echo -n "admin" | base64
YWRtaW4=
[root@master ~]# echo -n "123456" | base64
MTIzNDU2

接下来编写secret.yaml，并创建secret

apiVersion: v1
kind: Secret
metadata:
  name: secret
namespace: dev
type: Opaque
data: 
  username: YWRtaW4=
  password: MTIzNDU2

使用配置文件

[root@master ~]# vim secret.yaml
[root@master ~]# kubectl create -f secret.yaml 
secret/secret created
[root@master ~]# kubectl describe secret/secret -n dev
Name:         secret
Namespace:    dev
Labels:       <none>
Annotations:  <none>
Type:  Opaque
Data
====
password:  6 bytes
username:  5 bytes

创建pod-secret.yaml，将上面的secret挂载进去

apiVersion: v1
kind: Pod
metadata:
  name: pod-secret
namespace: dev
spec:
  containers:
- name: nginx
    image: nginx:1.17.1
    volumeMounts: 
- name: config
      mountPath: /secret/config
  volumes:
- name: config
    secret: 
      secretName: secret

使用配置文件

[root@master ~]# vim pod-secret.yaml
[root@master ~]# kubectl create -f pod-secret.yaml 
pod/pod-secret created

#查看secret信息，发现已经自动解码了
[root@master ~]# kubectl exec -it pod-secret -n dev /bin/sh
# cd /secret/config
# ls 
password  username
# more username
admin
# more password
123456

至此，已经实现了利用secret实现信息的编码

以上是 k8s之数据存储配置存储 的全部内容， 来源链接： utcz.com/z/519872.html