Pod数据传递

头像
麦穗儿
    阅读 7 分钟

    <1>使用环境变量传递参数

    在.yaml文件的container部分使用

    env:
- name: DEMO_PARAM1
  value: "Parameter from the environment"

    设置参数
    podenv.yaml内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: podenv-demo
  labels:
    purpose: demo-podenv
spec:
  containers:
  - name: podenv-demo-container
    image: busybox
    env:
    - name: DEMO_PARAM1
      value: "Parameter from the environment"
    command: ["/bin/sh"]
    args: ["-c", "while true; do echo $(DEMO_PARAM1); sleep 10; done"]

    执行命令

    kubectl apply -f podenv.yaml

    进入pod

    kubectl -it exec podenv-demo /bin/sh

    查看参数

    printenv

    可看到传入的参数

    ...
DEMO_PARAM1=Parameter from the environment
...

    <2>使用Secret

    创建Secret

    kubectl create secret generic test-secret --from-literal=username='admin' --from-literal=password='testsecret123'
    • 将secret数据作为文件在pod中通过volume访问

    secretpod-volume.yaml内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: secret-test-pod
spec:
  containers:
    - name: test-container
      image: nginx
      volumeMounts:
        - name: secret-volume
          mountPath: /etc/secret-volume
  volumes:
    - name: secret-volume
      secret:
        secretName: test-secret

    生成pod执行命令

    kubectl apply -f secretpod-volume.yaml

    进入pod查看

    kubectl -it exec secret-test-pod /bin/sh

    在/etc/secret-volume下有对应的secret数据

    password  username
    • 通过创建环境变量的方式访问secret数据

    secretpod-keyref.yaml内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: secret-envars-test-pod
spec:
  containers:
  - name: envars-test-container
    image: nginx
    env:
    - name: SECRET_USERNAME
      valueFrom:
        secretKeyRef:
          name: test-secret
          key: username
    - name: SECRET_PASSWORD
      valueFrom:
        secretKeyRef:
          name: test-secret
          key: password

    创建Pod

    kubectl apply -f secretpod-keyref.yaml

    进入Pod

    kubectl -it exec secret-envars-test-pod /bin/sh

    显示环境变量
    执行命令
    printenv

    ...
SECRET_USERNAME=admin
SECRET_PASSWORD=testsecret123
...

    取得Pod配置信息

    取得Pod的信息挂载的volume
    podvolumelabel.yaml内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: kubernetes-downwardapi-volume-example
  labels:
    zone: ue-est-coast
    cluster: test-cluster1
    rack: rack-22
  annotations:
    build: two
    builder: john-doe
spec:
  containers:
    - name: client-container
      image: busybox
      command: ["sh", "-c"]
      args:
      - while true; do
          if [[ -e /etc/podinfo/labels ]]; then
            echo -en '\n\n'; cat /etc/podinfo/labels; fi;
          if [[ -e /etc/podinfo/annotations ]]; then
            echo -en '\n\n'; cat /etc/podinfo/annotations; fi;
          sleep 5;
        done;
      volumeMounts:
        - name: podinfo
          mountPath: /etc/podinfo
          readOnly: false
  volumes:
    - name: podinfo
      downwardAPI:
        items:
          - path: "labels"
            fieldRef:
              fieldPath: metadata.labels
          - path: "annotations"
            fieldRef:
              fieldPath: metadata.annotations

    创建Pod

    kubectl apply -f getpodinf.yaml

    进入Pod

    kubectl -it exec k8s-downwardapi-demo /bin/sh

    查看/etc/podinfo下有如下文件

    annotations  labels

    取得容器配置信息

    取得容器的配置信息如请求内存,CPU资源,内存,CPU限定资源等
    podvolumeresourceref.yaml内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: k8s-downwardapi-volume-resourceref
spec:
  containers:
    - name: resourceref-container
      image: busybox
      command: ["sh", "-c"]
      args:
      - while true; do
          echo -en '\n';
          if [[ -e /etc/podinfo/cpu_limit ]]; then
            echo -en '\n'; cat /etc/podinfo/cpu_limit; fi;
          if [[ -e /etc/podinfo/cpu_request ]]; then
            echo -en '\n'; cat /etc/podinfo/cpu_request; fi;
          if [[ -e /etc/podinfo/mem_limit ]]; then
            echo -en '\n'; cat /etc/podinfo/mem_limit; fi;
          if [[ -e /etc/podinfo/mem_request ]]; then
            echo -en '\n'; cat /etc/podinfo/mem_request; fi;
          sleep 5;
        done;
      resources:
        requests:
          memory: "32Mi"
          cpu: "125m"
        limits:
          memory: "64Mi"
          cpu: "250m"
      volumeMounts:
        - name: podinfo
          mountPath: /etc/podinfo
          readOnly: false
  volumes:
    - name: podinfo
      downwardAPI:
        items:
          - path: "cpu_limit"
            resourceFieldRef:
              containerName: resourceref-container
              resource: limits.cpu
              divisor: 1m
          - path: "cpu_request"
            resourceFieldRef:
              containerName: resourceref-container
              resource: requests.cpu
              divisor: 1m
          - path: "mem_limit"
            resourceFieldRef:
              containerName: resourceref-container
              resource: limits.memory
              divisor: 1Mi
          - path: "mem_request"
            resourceFieldRef:
              containerName: resourceref-container
              resource: requests.memory
              divisor: 1Mi

    创建Pod

    kubectl apply -f podvolumeresourceref.yaml

    进入Pod

    kubectl -it exec k8s-downwardapi-volume-resourceref /bin/sh

    查看/etc/podinfo下有如下文件

    cpu_limit    cpu_request  mem_limit    mem_request

    用Pod字段作为环境变量

    在实际应用中Pod的name,IP等都需要在程序中取得,可以通过将Pod的这些值设为环境变量来获取
    podvaluesenv.yaml内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: podvalue-env-fieldref
spec:
  containers:
    - name: podvalue-demo-container
      image: busybox
      command: [ "sh", "-c" ]
      args:
      - while true; do
          echo -en '\n';
          printenv MY_NODE_NAME MY_POD_NAME MY_POD_NAMESPACE;
          printenv MY_POD_IP MY_POD_SERVICE_ACCOUNT;
          sleep 10;
        done;
      env:
        - name: MY_NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        - name: MY_POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: MY_POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        - name: MY_POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: MY_POD_SERVICE_ACCOUNT
          valueFrom:
            fieldRef:
              fieldPath: spec.serviceAccountName
  restartPolicy: Never

    创建Pod

    kubectl apply -f podvalueasenv.yaml

    进入Pod

    kubectl -it exec podvalue-env-fieldref /bin/sh

    执行命令printenv查看环境变量

    ...
MY_POD_SERVICE_ACCOUNT=default
MY_POD_NAMESPACE=default
MY_POD_IP=172.20.2.93
MY_NODE_NAME=xxxxx
MY_POD_NAME=podvalue-env-fieldref
...

    容器字段的值作为环境变量

    获取容器的CPU,内存limit的值,CPU,内存的request的值作为Pod的环境变量

    .yaml文件内容如下

    apiVersion: v1
kind: Pod
metadata:
  name: containervalue-env-resourcefieldref
spec:
  containers:
    - name: cvenv-test-container
      image: busybox
      command: ["sh", "-c"]
      args:
      - while true; do
          echo -en '\n';
          printenv MY_CPU_REQUEST MY_CPU_LIMIT;
          printenv MY_MEM_REQUEST MY_MEM_LIMIT;
          sleep 10;
        done;
      resources:
        requests:
          memory: "32Mi"
          cpu: "125m"
        limits:
          memory: "64Mi"
          cpu: "250m"
      env:
        - name: MY_CPU_REQUEST
          valueFrom:
            resourceFieldRef:
              containerName: cvenv-test-container
              resource: limits.cpu
        - name: MY_CPU_LIMIT
          valueFrom:
            resourceFieldRef:
              containerName: cvenv-test-container
              resource: limits.cpu
        - name: MY_MEM_REQUEST
          valueFrom:
            resourceFieldRef:
              containerName: cvenv-test-container
              resource: requests.memory
        - name: MY_MEM_LIMIT
          valueFrom:
            resourceFieldRef:
              containerName: cvenv-test-container
              resource: limits.memory
  restartPolicy: Never

    创建Pod

    kubectl -it exec containervalue-env-resourcefieldref /bin/sh

    进入Pod

    kubectl -it exec containervalue-env-resourcefieldref /bin/sh

    执行命令printenv查看环境变量

    ...
MY_MEM_LIMIT=67108864
MY_CPU_LIMIT=1
MY_MEM_REQUEST=33554432
MY_CPU_REQUEST=1
...
    kubernetes
    麦穗儿
    127 声望15 粉丝

    程序猿以技术为本

    « 上一篇
    机器学习数学基础概念
    下一篇 »
    示例如何将配置信息传入Pod

    引用和评论

    推荐阅读
    头像
    Mac下ffmpeg编译问题和解决办法

    麦穗儿阅读 2.1k

    头像
    张晋涛:KubeCon China 2024 回顾

    张晋涛2阅读 620评论 1

    头像
    保证Redis和数据库数据一致性的方法

    蓝易云1阅读 232

    头像
    docker 使用--storage-opt参数约束容器文件系统大小

    李朝阳2阅读 4.6k

    头像
    Kubenetes里pod和service绑定的实现方式

    注销阅读 4k

    头像
    通过一个实际例子理解Kubernetes里pod的自动scale - 水平自动伸缩

    注销阅读 3.6k

    头像
    Kubernetes 网关流量管理:Ingress 与 Gateway API

    凌虚1阅读 873

    0 条评论
    得票最新