完整系列
- k8s系列(1)-腾讯云CVM手动部署K8S_Dashboard安装1
- k8s系列(1)-腾讯云CVM手动部署K8S_Dashboard安装2
- k8s系列(2)-Service
- k8s系列(3)-StatefulSet的MongoDB实战
- k8s系列(4)-MongoDB数据持久化
- k8s系列(5)-Configmap和Secret
- k8s系列(6)-Helm
- k8s系列(7)-命名空间
- k8s系列(8)-Ingress
- k8s系列(9)-容忍、污点、亲和
一. configmap
访问时,如果直接使用 Service 名字连接,会随机转发请求
要连接指定 Pod,可以这样 pod-name.service-name
1. configmap.yaml文件
代码语言:txt复制apiVersion: v1
data:
mongoAddress: mongodb-0.mongodb:27017
kind: ConfigMap
metadata:
name: mongo-config2. 操作过程
代码语言:txt复制[root@master configmap]# kubectl apply -f ./configmap.yaml
[root@master configmap]# kubectl get configmap
[root@master configmap]# kubectl get configmap mongo-config -o yaml3. 全过程如下
代码语言:txt复制[root@master configmap]# kubectl apply -f ./configmap.yaml
configmap/mongo-config created
[root@master configmap]# kubectl get configmap
NAME DATA AGE
kube-root-ca.crt 1 5h9m
mongo-config 1 6s
[root@master configmap]# kubectl get configmap mongo-config -o yaml
apiVersion: v1
data:
mongoAddress: mongodb-0.mongodb:27017
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","data":{"mongoAddress":"mongodb-0.mongodb:27017"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"mongo-config","namespace":"default"}}
creationTimestamp: "2022-10-14T06:44:28Z"
name: mongo-config
namespace: default
resourceVersion: "26864"
uid: 19dc7615-f687-47ac-be71-1fd164ee4a3f二. Secret
1. secret.yaml文件
代码语言:txt复制apiVersion: v1
kind: Secret
metadata:
name: mongo-secret
# Opaque 用户定义的任意数据,更多类型介绍 https://kubernetes.io/zh/docs/concepts/configuration/secret/#secret-types
type: Opaque
data:
# 数据要 base64。https://tools.fun/base64.html
mongo-username: bW9uZ291c2Vy #mongouser
mongo-password: bW9uZ29wYXNz #mongopass2. 操作过程
代码语言:txt复制[root@master configmap]# kubectl apply -f ./secret.yaml
[root@master configmap]# kubectl get secret
[root@master configmap]# kubectl get secret mongo-secret -o yaml三. 实战
1. app.js
代码语言:txt复制// // url = `mongodb://${process.env.MONGO_USERNAME}:${process.env.MONGO_PASSWORD}@${process.env.MONGO_ADDRESS}`我们来看是否能应用
2. mongo.yaml
核心代码:引用mongo-secret的key
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-username
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-password3. app.yaml
引用mongo-config中的key mongoAddress
- name: test-k8s # 容器名字
image: ccr.ccs.tencentyun.com/k8s-tutorial/test-k8s:v4-configmap # 镜像
env:
- name: MONGO_USERNAME
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-username
- name: MONGO_PASSWORD
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-password
- name: MONGO_ADDRESS
valueFrom:
configMapKeyRef:
name: mongo-config
key: mongoAddress4. 实战操作-容器内打印
代码语言:txt复制[root@master configmap]# kubectl apply -f ./mongo.yaml
[root@master configmap]# kubectl apply -f ./app.yaml
[root@master configmap]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mongodb-0 1/1 Running 0 5m23s
test-k8s-6959f4697f-cbb2z 1/1 Running 0 4m56s
test-k8s-6959f4697f-sxrm7 1/1 Running 0 4m56s
[root@master configmap]# kubectl exec -it pod/test-k8s-6959f4697f-cbb2z -c test-k8s -- bash
root@test-k8s-6959f4697f-cbb2z:/app# echo $MONGO_USERNAME
mongouser
root@test-k8s-6959f4697f-cbb2z:/app# echo $MONGO_PASSWORD
mongopass
root@test-k8s-6959f4697f-cbb2z:/app# echo $MONGO_ADDRESS
mongodb-0.mongodb:270175.实战操作2-进入数据库操作
代码语言:txt复制[root@master configmap]# kubectl run mongodb-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mongodb:4.4.10-debian-10-r20 --command -- bash
I have no name!@mongodb-client:/$ mongo --host mongo-0.mongo
> show dbs
> use test
switched to db test
> db.users.find()
Error: error: {
"ok" : 0,
"errmsg" : "command find requires authentication",
"code" : 13,
"codeName" : "Unauthorized"
}
> exit但是如果我现在用另外一种方式去做
代码语言:txt复制I have no name!@mongodb-client:/$ mongo --host mongodb-0.mongodb -u mongouser -p mongopass
> show dbs
admin 0.000GB
config 0.000GB
local 0.000GB
> use test
switched to db test
> db.users.find()这样就不会失败,连接成功
