emptyDir: 默认的本地存储会随着pod删除而删除、只适合临时目录或缓存使用,没有任何持久性。
mydir实例
mkdir /volumes
cd /volumes
apiVersion: v1
kind: Pod
metadata:
name: volume-pod
namespace: default
labels:
app: myapp
spec:
containers:
- name: myvolume-pod
image: nginx
ports:
- name: http
containerPort: 80
volumeMounts: #容器挂载
- name: mydir
mountPath: /data/web/html/ #挂载路径
volumes:
- name: mydir
emptyDir: {} #大小不限制
kubectl apply -f pod-volume-pod.yaml
hostPath(不能跨节点)
#一、现在node节点上创建目录/data/pod
apiVersion: v1
kind: Pod
metadata:
name: hostpath-pod
namespace: default
spec:
containers:
- name: myhostpath
image: ikubernetes/myapp:v1
volumeMounts:
- name: html
mountPath: /usr/share/nginx/html/
volumes:
- name: html
hostPath:
path: /data/pod
type: DirectoryOrCreate
##kubectl apply -f pod-hostpath.yaml #启动
#在node节点的/data/pod目录下创建index.html 即可用curl访问pod的ip
NFS()
#1、安装nfs yum install -y nfs-utils # mkdir /nfsdir [root@k8s-m volumes]# cat /etc/exports /nfsdir 10.0.0.0/24(rw,sync) chown -R nfsnobody.nfsnobody /nfsdir #[root@k8s-m volumes]# cat pod-nfs.yaml apiVersion: v1 kind: Pod metadata: name: nfs-pod namespace: default spec: containers: - name: myhostpath image: ikubernetes/myapp:v1 volumeMounts: - name: html mountPath: /usr/share/nginx/html/ volumes: - name: html nfs: path: /nfsdir server: k8s-m kubectl apply -f pod-nfs.y [root@k8s-m nfsdir]# echo nfs >index.html [root@k8s-m volumes]# kubectl get pod nfs-pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE nfs-pod 1/1 Running 0 2m 10.244.1.55 node1 <none> [root@k8s-m volumes]# curl 10.244.1.55 nfs
PV
#创建目录 mkdir /nfsdir/{v1,v2,v3,v4,v5} -p [root@k8s-m gfs]# cat /etc/exports /nfsdir 10.0.0.0/24(rw,sync) /nfsdir/v1 10.0.0.0/24(rw,sync) /nfsdir/v2 10.0.0.0/24(rw,sync) /nfsdir/v3 10.0.0.0/24(rw,sync) /nfsdir/v4 10.0.0.0/24(rw,sync)
##下面是pv的yaml文件
apiVersion: v1 kind: PersistentVolume metadata: name: pv01 #不要加名称空间 spec: nfs: path: /data/v1 server: k8s-m accessModes: ["ReadWriteMany","ReadWriteOnce"] capacity: storage: 2Gi --- apiVersion: v1 kind: PersistentVolume metadata: name: pv02 #不要加名称空间 spec: nfs: path: /data/v2 server: k8s-m accessModes: ["ReadWriteMany","ReadWriteOnce"] capacity: storage: 5Gi --- apiVersion: v1 kind: PersistentVolume metadata: name: pv03 #不要加名称空间 spec: nfs: path: /data/v3 server: k8s-m accessModes: ["ReadWriteMany","ReadWriteOnce"] capacity: storage: 10Gi --- apiVersion: v1 kind: PersistentVolume metadata: name: pv04 #不要加名称空间 spec: nfs: path: /data/v4 server: k8s-m accessModes: ["ReadWriteMany","ReadWriteOnce"] capacity: storage: 20Gi
[root@k8s-m ~]# kubectl apply -f mypv.yaml persistentvolume/pv01 configured persistentvolume/pv02 created persistentvolume/pv03 created persistentvolume/pv04 created [root@k8s-m ~]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pv01 2Gi RWO,RWX Retain Available 2m pv02 5Gi RWO,RWX Retain Available 1m pv03 10Gi RWO,RWX Retain Available 1m pv04 20Gi RWO,RWX Retain Available 1m
例子:
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mypvc namespace: default spec: accessModes: ["ReadWriteMany"] resources: requests: storage: 6Gi #要求pv至少大小 --- apiVersion: v1 kind: Pod metadata: name: pvc-pod namespace: default spec: containers: - name: pvc-pod image: ikubernetes/myapp:v2 volumeMounts: - name: html mountPath: /usr/share/nginx/html/ volumes: - name: html persistentVolumeClaim: claimName: mypvc #使用的pvc名字
[root@k8s-m volumes]# kubectl apply -f pod-pvc.yaml
persistentvolumeclaim/mypvc unchanged
pod/pvc-pod created
[root@k8s-m volumes]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
mypvc Bound pv03 10Gi RWO,RWX 1m
[root@k8s-m volumes]# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pv01 2Gi RWO,RWX Retain Available 9h
pv02 5Gi RWO,RWX Retain Available 9h
pv03 10Gi RWO,RWX Retain Bound default/mypvc 9h
pv04 20Gi RWO,RWX Retain Available 9h
配置容器应用的方式:
1、之定义命令行 参数
args:[]
2、把配置文件直接写入镜像中
3、环境变量
(1)cloud Native的应用程序一般可直接通过环境变量加载配置
(2)通过entrypoint脚本来预处理变量为配置文件中的配置信息
4、存储卷
#configmap(配置中心)
configmap通过key,valomu数据存储
命令创建
[root@k8s-m ~]# kubectl create configmap nginx-config --from-literal=nginx_port=80 --from-literal=server_name=test.configmap.com [root@k8s-m ~]# kubectl get cm nginx-config -o wide NAME DATA AGE nginx-config 2 54m ###文件创建 [root@k8s-m nfsdir]# cat config_map.conf server { server_name test.textcon.conm; listen 80; root /mnt/html; } kubectl create configmap text-nginx --from-file=./config_map.conf [root@k8s-m nfsdir]# kubectl get cm NAME DATA AGE nginx-config 2 56m text-nginx 1 50m ###使用configmap注入pod [root@k8s-m ~]# cat config-pod-nginx.yaml apiVersion: v1 kind: Pod metadata: name: cm-pod-nginx namespace: default labels: app: my-pod annotations: zhushi: "lalala dsadsadasdasasd" spec: containers: - name: my-configmap-nginx image: ikubernetes/myapp:v1 ports: - name: http containerPort: 80 env: - name: NGINX_SERVER_PORT #定义的变量名 valueFrom: #从哪获取值 configMapKeyRef: #引用configmap name: nginx-config #引用这个configmap(之前创建的) key: nginx_port #引用这个的值 - name: NGINX_SERVER_NAME #定义第二个变量(多个) valueFrom: configMapKeyRef: name: nginx-config key: server_name [root@k8s-m ~]# kubectl apply -f config-pod-nginx.yaml pod/cm-pod-nginx created [root@k8s-m ~]# kubectl get pod cm-pod-nginx -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE cm-pod-nginx 1/1 Running 0 37s 10.244.1.70 node1 <none> ##进入容器中查看 [root@k8s-m ~]# kubectl exec -it cm-pod-nginx -- /bin/sh ##查看变量 / # printenv |grep -i nginx_server NGINX_SERVER_PORT=80 NGINX_SERVER_NAME=test.configmap.com
###在线编辑变量congidfmap配置
[root@k8s-m ~]# kubectl edit cm nginx-conf
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
nginx_port: "9999" ##改成了9999
server_name: test.configmap.com
kind: ConfigMap
metadata:
creationTimestamp: 2018-09-06T12:31:26Z
name: nginx-config
namespace: default
resourceVersion: "168906"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config
uid: c58c7185-b1d0-11e8-96d6-000c2924d722
##查看
[root@k8s-m ~]# kubectl describe cm nginx-config
Name: nginx-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
nginx_port:
----
9999
server_name:
----
test.configmap.com
Events: <none>
##查看容器变量
[root@k8s-m ~]# kubectl exec -it cm-pod-nginx -- /bin/sh
/ # printenv |grep -i nginx_server
NGINX_SERVER_PORT=80
NGINX_SERVER_NAME=test.configmap.com
##结果没变(证明使用环境变量注入配置的方案,只有容器创建时更新)
###configmap挂载卷
[root@k8s-m ~]# cat config-pod-2.yaml
apiVersion: v1
kind: Pod
metadata:
name: cm-pod-2
namespace: default
labels:
app: my-pod
spec:
containers:
- name: my-configmap-nginx-2
image: ikubernetes/myapp:v1
ports:
- name: http
containerPort: 80
volumeMounts:
- name: vlou-conf
mountPath: /etc/nginx/config.d/
readOnly: true #不允许容器改变挂载中的内容
volumes: #挂载存储卷
- name: vlou-conf
configMap:
name: nginx-config
[root@k8s-m ~]# kubectl apply -f config-pod-2.yaml
pod/cm-pod-2 created
[root@k8s-m ~]# kubectl get pod cm-pod-2
NAME READY STATUS RESTARTS AGE
cm-pod-2 1/1 Running 0 1m
##测试
#进入容器查看
[root@k8s-m ~]# kubectl exec -it cm-pod-2 -- /bin/sh
/ # ls /etc/nginx/config.d/
nginx_port server_name
/ # cat /etc/nginx/config.d/nginx_port
9999/ # ###这是之前定义的配置
##动态修改后再查看
[root@k8s-m ~]# kubectl edit cm nginx-config
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
nginx_port: "8888" ###改成8888端口
server_name: test.configmap.com
kind: ConfigMap
metadata:
creationTimestamp: 2018-09-06T12:31:26Z
name: nginx-config
namespace: default
resourceVersion: "174082"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config
uid: c58c7185-b1d0-11e8-96d6-000c2924d722
###查看容器中的变量值(需要等一会)
/ # cat /etc/nginx/config.d/nginx_port
8888/ #
###测试将nginx配置传入容器中
[root@k8s-m ~]# cat config-pod-3.yaml
apiVersion: v1
kind: Pod
metadata:
name: cm-pod-3
namespace: default
labels:
app: my-pod
spec:
containers:
- name: my-ng-conf
image: ikubernetes/myapp:v1
ports:
- name: http
containerPort: 80
volumeMounts:
- name: vlou-conf
mountPath: /etc/nginx/conf.d/
readOnly: true #不允许容器改变挂载中的内容
volumes: #挂载存储卷
- name: vlou-conf
configMap:
name: text-nginx
[root@k8s-m ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
cm-pod-3 1/1 Running 0 3s
[root@k8s-m ~]# kubectl exec -it cm-pod-3 -- /bin/sh
/ # ls /etc/nginx/conf.d/
..2018_09_07_12_45_59.366917455/ ..data/ config_map.conf
/ # ls /etc/nginx/conf.d/config_map.conf
/etc/nginx/conf.d/config_map.conf
/ # cat /etc/nginx/conf.d/config_map.conf
server {
server_name test.textcon.conm;
listen 80;
root /mnt/html;
}
###成功
###secret (值通过bash64编码加密)使用bash64命令可以轻松获取数据
##创建一个secret ##命令行 [root@k8s-m ~]# kubectl create secret generic mysql-root-password --from-literal=password=123456 secret/mysql-root-password created [root@k8s-m ~]# kubectl get secret NAME TYPE DATA AGE mysql-root-password Opaque 1 38s [root@k8s-m ~]# kubectl describe secret mysql-root-password Name: mysql-root-password Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password: 6 bytes ##只显示密码长度
[root@k8s-m ~]# kubectl get secret mysql-root-password -o yaml
apiVersion: v1
data:
password: MTIzNDU2 ##值使用的是bash64进行的编码
kind: Secret
metadata:
creationTimestamp: 2018-09-08T00:22:12Z
name: mysql-root-password
namespace: default
resourceVersion: "198879"
selfLink: /api/v1/namespaces/default/secrets/mysql-root-password
uid: 3b839912-b2fd-11e8-9a6e-000c2924d722
type: Opaque
###使用base64解码
[root@k8s-m ~]# echo MTIzNDU2|base64 -d
123456[root@k8s-m ~]#
##secret使用(环境变量注入)
[root@k8s-m ~]# cat config-secret.yaml
apiVersion: v1
kind: Pod
metadata:
name: cm-pod-secret
namespace: default
labels:
app: my-pod
spec:
containers:
- name: my-secret-nginx
image: ikubernetes/myapp:v1
ports:
- name: http
containerPort: 80
env:
- name: MYSQL_ROOT_PASSWORD #定义的变量名
valueFrom: #从哪获取值
secretKeyRef: #引用configmap
name: mysql-root-password #引用这个secret(之前创建的)
key: password #引用这个的值
#查看
[root@k8s-m ~]# kubectl exec -it cm-pod-secret -- printenv|grep -i mysql
MYSQL_ROOT_PASSWORD=123456 #已解码