ConfigMap与Secret:Kubernetes配置管理详解
ConfigMap与Secret:配置管理
ConfigMap
创建ConfigMap
# 从文件创建
kubectl create configmap app-config --from-file=config.properties
# 从环境变量文件创建
kubectl create configmap app-config --from-env-file=config.env
# 从字面量创建
kubectl create configmap app-config --from-literal=DB_HOST=mysql --from-literal=DB_PORT=3306
ConfigMap使用
apiVersion: v1
kind: Pod
metadata:
name: configmap-pod
spec:
containers:
- name: app
image: myapp:v1
envFrom:
- configMapRef:
name: app-config
volumeMounts:
- name: config
mountPath: /etc/config
volumes:
- name: config
configMap:
name: app-config
Secret
创建Secret
# Generic Secret
kubectl create secret generic db-secret \
--from-literal=username=admin \
--from-literal=password=secret123
# TLS Secret
kubectl create secret tls my-tls \
--cert=tls.crt --key=tls.key
# Docker Registry Secret
kubectl create secret docker-registry my-registry \
--docker-server=registry.example.com \
--docker-username=user \
--docker-password=password
Secret使用
apiVersion: v1
kind: Pod
metadata:
name: secret-pod
spec:
containers:
- name: app
image: myapp:v1
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-secret
key: password
imagePullSecrets:
- name: my-registry
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
