当前位置: 移动技术网 > IT编程>开发语言>.net > 使用 `ConfigMap` 挂载配置文件

使用 `ConfigMap` 挂载配置文件

2019年06月02日  | 移动技术网IT编程  | 我要评论

使用 configmap 挂载配置文件

intro

有一些敏感信息比如数据库连接字符串之类的出于安全考虑,这些敏感信息保存在了 azure keyvault 中,最近应用上了 k8s 部署,所以想把 azure keyvault 的信息迁移到 configmap,不再依赖 azure keyvault

configmap

新建一个 configmap,你可以从文件创建,如何创建configmap 可以参考,也可以直接手动编辑,这里用的 configmap 如下所示:

apiversion: v1
kind: configmap
metadata:
  name: reservation-configs
  namespace: default
data:
  appsettings: |
    {      
      "connectionstrings": {
        "redis": "redis-server",
        "reservation": "server=localhost;uid=liweihan;pwd=**;database=reservation",
        "elasticsearch": "elasticsearch"
      },
      "mpwechat":{
        "appid": "wx4a41d3773ae55543",
        "appsecret": "**********",
        "token": "amazingdotnet",
        "aeskey": "------------"
      },
      "appsettings": {
        "wechatsubscribereply": "",
        "sentryclientkey": "https://**"
      },
      "tencent": {
        "captcha": {
          "appid": "2062135016",
          "appsecret": "****"
        }
      },
      "googlerecaptcha": {
        "sitekey": "6lc-**",
        "secret": "6lc-**"
      },
      "logging": {
        "loglevel": {
          "default": "warning",
          "activityreservation": "debug",
          "requestlog": "debug"
        }
      }
    }

挂载 configmap 中的配置文件到 pod

deployment 定义如下所示, 这里直接把上面定义的 appsettings 直接挂载为应用程序的根目录下 appsettings.json 文件

apiversion: apps/v1
kind: deployment
metadata:
  name: activityreservation
  namespace: default
  labels:
    app: activityreservation
spec:
  replicas: 2
  revisionhistorylimit: 2 # how many old replicasets for this deployment you want to retain, https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy
  selector:
    matchlabels:
      app: activityreservation
  minreadyseconds: 0
  strategy:
    type: rollingupdate
    rollingupdate:
      maxunavailable: 1
      maxsurge: 1
  template:
    metadata:
      labels:
        app: activityreservation
    spec:
      dnsconfig:
        options:
          - name: ndots
            value: "1"
      containers:        
        - name: activityreservation
          image: weihanli/activityreservation:20190529.2
          imagepullpolicy: ifnotpresent
          resources:
            limits:
              memory: "256mi"
              cpu: "300m"
          readinessprobe:
            tcpsocket:
              port: 80
            initialdelayseconds: 60
            periodseconds: 30
          livenessprobe:
            httpget:
              path: /health
              port: 80
            initialdelayseconds: 60
            periodseconds: 60
          ports:
            - containerport: 80
          volumemounts:
          - name: settings
            mountpath: /app/appsettings.json
            subpath: appsettings

      volumes:
        - name: settings
          configmap:
            name: reservation-configs

测试

  1. 部署 configmap

    kubectl apply -f configmap.yaml

  2. 部署 deployment

    kubectl apply -f reservation-deployment.yaml

  3. 等待 pod 启动之后,查看 appsettings.json 文件内容是否成功被替换掉

    获取对应的 pod 名称,然后通过 kubectl exec <pod-name> cat /app/appsettings.json 来获取pod中 appsettings.json 文件的内容

    出现 connectionstrings 就证明文件被替换掉了,原始的配置文件里是没有 connectionstrings 节点的,原始的方式是通过从 azure keyvault 中加载的

cat appsettings

reference

您可能感兴趣的文章:

如对本文有疑问, 点击进行留言回复!!

相关文章:

验证码:
最近更新的文章
大家感兴趣的文章
移动技术网