Kubernetes ConfigMap
k8s-ConfigMap
甚麼是Kubernetes ConfigMap
ConfigMap主要功用是儲存我們服務的設定,這使得我們可以將我們的應用服務具備可移植性,當需要相對應的環境參數時,只需要修改ConfigMap,而不需要去更動到image即可更換成新的部屬環境。
為甚麼需要ConfigMap
最主要的用意是共享相同設定。在初期開發時可能只有幾個服務而直接把設定檔寫死,如果在後期變成微服務的架構下,上百個服務都有自己的設定檔在日後維護下會顯得麻煩,因此有了ConfigMap的出現,幫助我們將環境變數與容器鏡像解藕,便於修改應用設定,減少維護成本
何時使用ConfigMap,ConfigMap使用場景
ConfigMap通常儲存服務的環境變數、命令行參數、配置文件等非機密資料,使用場景有設定檔與容器鏡像分離、多環境支持、共享設定、動態設定更新等等
ConfigMap有哪些特點
- 解藕配置 -> 將服務的設定檔與容器鏡像分離,使服務在不重新建置新的容器鏡像可修改和管理設定檔,提高容器鏡像的通用性和靈活性
- 靈活性 -> ConfigMap支援多種格式,並且需要時可動態更新設定,無須重啟服務或重新佈署容器
- 共享設定 -> ConfigMap允許多個Pod共享同一份設定檔,確保了使用相同設定檔的Pod的一致性,提高設定的可維護性和一致性
- 集中管理 -> ConfigMap在K8s集群中可以集中管理所有的ConfigMap,不需要逐個修改Pod的設定
如何撰寫使用ConfigMap
創建ConfigMap
Imperative(命令式)
--from-literal
kubectl create configMap myconfig --from-literal=k1=v1 --from-literal=k2=v2
--from-file
kubectl create configMap myconfigfromkey --from-file=fromfilekey=from-key
Declarative(聲明式)
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
special.how: very
使用ConfigMap
使用ConfigMap定義容器環境變量
從單一ConfigMap定義容器環境變量
- ConfigMap
## create configmap
kubectl create configmap special-config --from-literal=special.how=very
- Pod
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: registry.k8s.io/busybox
command: [ "/bin/sh", "-c", "env" ]
env:
# 定義環境變量
- name: SPECIAL_LEVEL_KEY
valueFrom:
ConfigMapKeyRef:
# ConfigMap 含有你想要指派給 SPECIAL_LEVEL_KEY 的值
name: special-config
# 指定想要指派的 value 的 key
key: special.how
restartPolicy: Never
## create pod
kubectl create -f https://kubernetes.io/examples/pods/pod-single-configmap-env-variable.yaml
## Please use the following command to check the output
kubectl logs dapi-test-pod
## output
KUBERNETES_SERVICE_PORT=443
KUBERNETES_PORT=tcp://10.96.0.1:443
HOSTNAME=dapi-test-pod
SHLVL=1
HOME=/root
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
SPECIAL_LEVEL_KEY=very
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT_HTTPS=443
PWD=/
KUBERNETES_SERVICE_HOST=10.96.0.1
從上述輸出可以看到環境變量有SPECIAL_LEVEL_KEY=very
從多個ConfigMap定義容器環境變量
- ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
special.how: very
---
apiVersion: v1
kind: ConfigMap
metadata:
name: env-config
namespace: default
data:
log_level: INFO
## create configmap
kubectl create -f https://kubernetes.io/examples/ConfigMap/configmap.yaml
- Pod
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: registry.k8s.io/busybox
command: [ "/bin/sh", "-c", "env" ]
env:
- name: SPECIAL_LEVEL_KEY
valueFrom:
ConfigMapKeyRef:
name: special-config
key: special.how
- name: LOG_LEVEL
valueFrom:
ConfigMapKeyRef:
name: env-config
key: log_level
restartPolicy: Never
## create pod
kubectl create -f https://kubernetes.io/examples/pods/pod-multiple-configmap-env-variable.yaml
## Please use the following command to check the output
kubectl logs dapi-test-pod
## output
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT=443
LOG_LEVEL=INFO
HOSTNAME=dapi-test-pod
SHLVL=1
HOME=/root
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
SPECIAL_LEVEL_KEY=very
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT_HTTPS=443
PWD=/
KUBERNETES_SERVICE_HOST=10.96.0.1
從上述輸出可以看到環境變量有LOG_LEVEL=INFO和SPECIAL_LEVEL_KEY=very
在ConfigMap設定key-value pairs定義容器環境變量
- ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
## create configmap
kubectl create -f https://kubernetes.io/examples/configmap/configmap-multikeys.yaml
- Pod
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: registry.k8s.io/busybox
command: [ "/bin/sh", "-c", "env" ]
envFrom:
- ConfigMapRef:
name: special-config
restartPolicy: Never
## create pod
kubectl create -f https://kubernetes.io/examples/pods/pod-configmap-envFrom.yaml
我們使用了 envFrom 來將 ConfigMap 中的所有 data 都定義成容器環境變量。
## Please use the following command to check the output
kubectl logs dapi-test-pod
## output
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT=443
HOSTNAME=dapi-test-pod
SHLVL=1
HOME=/root
SPECIAL_LEVEL=very
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT_HTTPS=443
PWD=/
KUBERNETES_SERVICE_HOST=10.96.0.1
SPECIAL_TYPE=charm
從上述輸出可以看到環境變量有SPECIAL_LEVEL=very和SPECIAL_TYPE=charm。
在Pod commands使用ConfigMap定義的環境變量
- ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
## create configmap
kubectl create -f https://kubernetes.io/examples/configmap/configmap-multikeys.yaml
- Pod
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: registry.k8s.io/busybox
command: [ "/bin/echo", "$(SPECIAL_LEVEL_KEY) $(SPECIAL_TYPE_KEY)" ]
env:
- name: SPECIAL_LEVEL_KEY
valueFrom:
ConfigMapKeyRef:
name: special-config
key: SPECIAL_LEVEL
- name: SPECIAL_TYPE_KEY
valueFrom:
ConfigMapKeyRef:
name: special-config
key: SPECIAL_TYPE
restartPolicy: Never
## create pod
kubectl create -f https://kubernetes.io/examples/pods/pod-configmap-env-var-valueFrom.yaml
我們可以使用ConfigMap定義好的環境變量在容器的command和args,使用語法為$(VAR_NAME)
## Please use the following command to check the output
kubectl logs dapi-test-pod
## output
very charm
將 ConfigMap 資料加到 Volume
當我們建立ConfigMap使用--from-file,檔名會變成data區塊的key,而內容則會變成該key的value
- ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
## create configmap
kubectl create -f https://kubernetes.io/examples/configmap/configmap-multikeys.yaml
- Pod
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: registry.k8s.io/busybox
command: [ "/bin/sh", "-c", "ls /etc/config/" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
ConfigMap:
# 提供container要使用的configmap name
name: special-config
restartPolicy: Never
## create pod
kubectl create -f https://kubernetes.io/examples/pods/pod-configmap-volume.yaml
將ConfigMap name 添加到volumes區塊進行掛載,在此範例中,mountPath會是/etc/config
## Please use the following command to check the output
kubectl logs dapi-test-pod
## output
SPECIAL_LEVEL
SPECIAL_TYPE
此Pod會去執行ls /etc/config,如果該目錄下有其他檔案會被刪除,因為使用的掛載方式是mountPath
將ConfigMap資料加到Volume特定路徑
- ConfigMap
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: default
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
## create configmap
kubectl create -f https://kubernetes.io/examples/configmap/configmap-multikeys.yaml
- Pod
apiVersion: v1
kind: Pod
metadata:
name: dapi-test-pod
spec:
containers:
- name: test-container
image: k8s.gcr.io/busybox
command: [ "/bin/sh","-c","cat /etc/config/keys" ]
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
ConfigMap:
name: special-config
items:
- key: SPECIAL_LEVEL
path: keys
restartPolicy: Never
## create pod
kubectl create -f https://kubernetes.io/examples/pods/pod-configmap-volume-specific-key.yaml
使用 path 欄位來指定特定 ConfigMap item 到想要的檔案路徑。 在此範例中, SPECIAL_LEVEL item 將會被掛載到 config-volume volume 中的 /etc/config/keys
## Please use the following command to check the output
kubectl logs dapi-test-pod
## output
very
Reference
- ConfigMaps | Kubernetes
- 一文弄懂ConfigMap在K8S中的各种玩法以及应用场景 - 掘金 (juejin.cn)
- Kubernetes — ConfigMap. 簡單來說, 在我們的應用中, 當我們需要儲存一些較沒有敏感性的設定檔, 像是… | by Ray Lee | 李宗叡 | Learn or Die | Medium
- Day 18 - 使用 ConfigMaps - iT 邦幫忙::一起幫忙解決難題,拯救 IT 人的一天 (ithome.com.tw)
- K8s之ConfigMap - Happy Coding, Happy Life (wldandan.github.io)
- ConfigMap_云容器引擎 CCE_Kubernetes基础知识_配置管理_华为云 (huaweicloud.com)
- [Kubernetes / K8s] ConfigMap 用於讓不同的微服務共享配置| Configure a Pod to Use a ConfigMap | by KouWei.Lee | k8s筆記 | Medium