13.kubernetes笔记 Volume存储卷(四) configMap

Bigyong

前言

核心资源类型存储卷,PV、PVC、SC、CSI(Longhorn)
特殊类型的插件:ConfigMap、Secret、downwardAPI

如何为容器化应用提供配置信息:

  1. 启动容器时,直接向应用程序传递参数,args: []
  2. 将定义好的配置文件焙进镜像之中;
  3. 通过环境变量向容器传递配置数据:有个前提要求,应用得支持从环境变量加载配置信息;
    制作镜像时,使用entrypoint脚本来预处理变量,常见的做法就是使用非交互式编辑工具,将环境变量的值替换到应用的配置文件中;
  4. 基于存储卷向容器传递配置文件;
    运行中的改变,需要由应用程序重载;

ConfigMap简介

ConfigMap API资源用来保存key-value pair配置数据,这个数据可以在pods里使用,或者被用来为像controller一样的系统组件存储配置数据。虽然ConfigMap跟Secrets类似,但是ConfigMap更方便的处理不含敏感信息的字符串。 注意:ConfigMaps不是属性配置文件的替代品。ConfigMaps只是作为多个properties文件的引用。你可以把它理解为Linux系统中的/etc目录,专门用来存储配置文件的目录。

ConfigMap 通过env环境变量引用
通过环境变量的配置容器化应用时,需要在容器配置段中嵌套使用env字段,它的值是一个由环境变量构建的列表。每个环项变量通常由name和value(或valueFron)字段构成

  • name <string>:环境变量的名称,必选字段;
  • value <string>:环境变量的值,通过 $(VAR_NAME)引用,逃逸格式为“$$(VAR_NAME)" 默认值为空;
  • valueFrom <object> ∶环境变量值的引用源,例如当前Pod资源的名称、名称空间、标签等,不能与非空值的value字段同时使用,即环境变量的值要么源于value字段,要么源于valuFron字段,二者不可同时提供数据。
  • valueFron: 字段可引用的值有多种来源,包括当前Pod资源的属性值,容器相关的系统资源配置、ConfigMap对象中的key以及Secret对象中的Key,它们分别要使用不同的嵌套字段进行定义。
  • fieldRef <bject>:当前Pod资源的指定字段,目前支持使用的字段包括metadata.mime、metadata.namespce、 metadata.labels、metadeta.annotations、spesc.nodeName、spec.serviceAccountName、status.hostIP和status.podIP等;
  • configMapKeyRef <Object>: ConfigMap对象中的特定Key;
  • secretKeyRef<object>: Secret对象中的特定Key;
  • resourceFieldRef <object>: 当前容器的特定系统资源的最小值(配额)或最大值《限额),目前支持的引用包括 limits.cpu. limits.memory、limits.ephemeral-storage. requests.cpu、reuests.memory和requests.ephemeral-storage
[root@k8s-master ~]# kubectl create configmap --help  #查看示例
...

Examples:
  # Create a new configmap named my-config based on folder bar
  kubectl create configmap my-config --from-file=path/to/bar
  
  # Create a new configmap named my-config with specified keys instead of file basenames on disk
  kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
  
  # Create a new configmap named my-config with key1=config1 and key2=config2
  kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
  
  # Create a new configmap named my-config from the key=value pairs in the file
  kubectl create configmap my-config --from-file=path/to/bar
  
  # Create a new configmap named my-config from an env file
  kubectl create configmap my-config --from-env-file=path/to/bar.env

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
...

示例1:comfigMap创建

[root@k8s-master nginx-conf.d]# cat myserver.conf 
server {
    listen 8080;
    server_name www.ik8s.io;

    include /etc/nginx/conf.d/myserver-*.cfg;

    location / {
        root /usr/share/nginx/html;
    }
}
[root@k8s-master nginx-conf.d]# cat myserver-gzip.cfg 
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css  application/xml text/javascript;

[root@k8s-master nginx-conf.d]# cat myserver-status.cfg 
location /nginx-status {
stub_status on;
access_log off;
}

[root@k8s-master nginx-conf.d]# ls   #一共3个配置文件 
myserver.conf  myserver-gzip.cfg  myserver-status.cfg

[root@k8s-master ~]# kubectl create configmap demoapp-config --from-literal=host=0.0.0.0  --from-literal=port=8080   #创建host=0.0.0.0、literal=port=8080为两个val
configmap/demoapp-config created
[root@k8s-master ~]# kubectl get cm
NAME              DATA   AGE
demoapp-config    2      5s    #可以看到DATA为2 2个数据项
my-grafana        1      34d
my-grafana-test   1      34d
[root@k8s-master ~]# kubectl describe cm demoapp-config
Name:         demoapp-config
Namespace:    default
Labels:       <none>
Annotations:  <none>

Data
====
port:             #数据项1  Port:8080
----
8080
host:             #数据项2  host: 0.0.0.
----
0.0.0.0
Events:  <none>

[root@k8s-master ~]# kubectl get cm demoapp-config  -o yaml
apiVersion: v1
data:
  host: 0.0.0.0
  port: "8080"
kind: ConfigMap
metadata:
  creationTimestamp: "2021-08-05T09:16:15Z"
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:data:
        .: {}
        f:host: {}
        f:port: {}
    manager: kubectl-create
    operation: Update
    time: "2021-08-05T09:16:15Z"
  name: demoapp-config
  namespace: default
  resourceVersion: "6906130"
  selfLink: /api/v1/namespaces/default/configmaps/demoapp-config
  uid: 625c38a9-02bc-43c7-b351-b2ce7387cab7
  
[root@k8s-master nginx-conf.d]# kubectl create configmap nginx-config --from-file=./myserver.conf  --from-file=status.cfg=./myserver-status.cfg  #创建2个数据项指定文件,默认以文件名为键名 第2个文件指定status.cfg为键名
configmap/nginx-config created
[root@k8s-master nginx-conf.d]# kubectl get cm 
NAME              DATA   AGE
demoapp-config    2      18m
my-grafana        1      34d
my-grafana-test   1      34d
nginx-config      2      17s

[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config -o yaml
apiVersion: v1
data:
  myserver.conf: |  # |为多行键值分隔符 为了保存多行数据使用了|和缩进
    server {
        listen 8080;
        server_name www.ik8s.io;

        include /etc/nginx/conf.d/myserver-*.cfg;

        location / {
            root /usr/share/nginx/html;
        }
    }
  status.cfg: |
    location /nginx-status {
    stub_status on;
    access_log off;
    }
kind: ConfigMap
metadata:
  creationTimestamp: "2021-08-06T06:35:41Z"
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:data:
        .: {}
        f:myserver.conf: {}
        f:status.cfg: {}
    manager: kubectl-create
    operation: Update
    time: "2021-08-06T06:35:41Z"
  name: nginx-config
  namespace: default
  resourceVersion: "7159858"
  selfLink: /api/v1/namespaces/default/configmaps/nginx-config
  uid: 8dbd637a-fb23-447a-8bb5-9e722d7e871d
[root@k8s-master nginx-conf.d]# ls
myserver.conf  myserver-gzip.cfg  myserver-status.cfg

[root@k8s-master configmap]# kubectl create configmap nginx-config-files --from-file=./nginx-conf.d/
configmap/nginx-config-file created


[root@k8s-master configmap]# kubectl get cm
NAME                DATA   AGE
demoapp-config      2      21h
my-grafana          1      35d
my-grafana-test     1      35d
nginx-config        2      18m
nginx-config-files   3      3s     #3个数据项

[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config-files -o yaml
apiVersion: v1
data:
  myserver-gzip.cfg: |
    gzip on;
    gzip_comp_level 5;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css  application/xml text/javascript;
  myserver-status.cfg: |
    location /nginx-status {
    stub_status on;
    access_log off;
    }
  myserver.conf: |
    server {
        listen 8080;
        server_name www.ik8s.io;

        include /etc/nginx/conf.d/myserver-*.cfg;

        location / {
            root /usr/share/nginx/html;
        }
    }
kind: ConfigMap
metadata:
  creationTimestamp: "2021-08-06T08:02:34Z"
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:data:
        .: {}
        f:myserver-gzip.cfg: {}
        f:myserver-status.cfg: {}
        f:myserver.conf: {}
    manager: kubectl-create
    operation: Update
    time: "2021-08-06T08:02:34Z"
  name: nginx-config-files
  namespace: default
  resourceVersion: "7177123"
  selfLink: /api/v1/namespaces/default/configmaps/nginx-config-files
  uid: 2fd21dc3-5e61-4413-bcd5-35337b1ce286

示例2: configMap引用

[root@k8s-master configmap]# cat configmaps-env-demo.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: demoapp-config
  namespace: default
data:
  demoapp.port: "8080"
  demoapp.host: 0.0.0.0
---
apiVersion: v1
kind: Pod
metadata:
  name: configmaps-env-demo
  namespace: default
spec:
  containers:
  - image: ikubernetes/demoapp:v1.0
    name: demoapp
    env:
    - name: PORT
      valueFrom:
        configMapKeyRef:  #引用configMap 键值
          name: demoapp-config
          key: demoapp.port
          optional: false   #是否为可有可无项 false 为必选项
    - name: HOST
      valueFrom:
        configMapKeyRef:
          name: demoapp-config
          key: demoapp.host
          optional: true  #是否可有可无 ture 非必选项

[root@k8s-master configmap]# kubectl apply -f configmaps-env-demo.yaml
[root@k8s-master configmap]# kubectl get pod
NAME                                 READY   STATUS    RESTARTS   AGE
centos-deployment-66d8cd5f8b-95brg   1/1     Running   0          46h
configmaps-env-demo                  1/1     Running   0          118s
my-grafana-7d788c5479-bpztz          1/1     Running   1          46h
volumes-pvc-longhorn-demo            1/1     Running   0          27h
[root@k8s-master comfigmap]# kubectl exec configmaps-env-demo  -- netstat -tnl   #查看配置是否生效
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN  

[root@k8s-master configmap]# cat configmaps-volume-demo.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: configmaps-volume-demo
  namespace: default
spec:
  containers:
  - image: nginx:alpine
    name: nginx-server
    volumeMounts:
    - name: ngxconfs
      mountPath: /etc/nginx/conf.d/ 
      readOnly: true
  volumes :
  - name: ngxconfs
    configMap:
      name: nginx-config-files  #引用前面定义的configmap
      optional: false


[root@k8s-master configmap]# kubectl get pod
NAME                                 READY   STATUS    RESTARTS   AGE
centos-deployment-66d8cd5f8b-95brg   1/1     Running   0          46h
configmaps-env-demo                  1/1     Running   0          35m
configmaps-volume-demo               1/1     Running   0          6m8s
my-grafana-7d788c5479-bpztz          1/1     Running   1          46h
volumes-pvc-longhorn-demo            1/1     Running   0          28h


[root@k8s-master configmap]# kubectl exec configmaps-volume-demo  -it -- /bin/sh
/ # nginx -T

......
# configuration file /etc/nginx/conf.d/myserver.conf:  #看容器配置文件是否加载configmap配置
server {
    listen 8080;
    server_name www.ik8s.io;

    include /etc/nginx/conf.d/myserver-*.cfg;

    location / {
        root /usr/share/nginx/html;
    }
}

# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css  application/xml text/javascript;

# configuration file /etc/nginx/conf.d/myserver-status.cfg:
location /nginx-status {
stub_status on;
access_log off;
}

[root@k8s-master configmap]# kubectl get pods configmaps-volume-demo -o go-template={{.status.podIP}}
10.244.1.177
[root@k8s-master configmap]# curl 10.244.1.177:8080  #默认页面
...
<h1>Welcome to nginx!</h1>


[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status  #自定义页面
Active connections: 1 
server accepts handled requests
 2 2 2 
Reading: 0 Writing: 1 Waiting: 0

挂载configMap一部分资源时有两种方法
1.挂载卷时通过items:参数 指定允许输出到卷的键
2.在容器挂载卷时,指定挂载哪些卷

示例3 configMap items:指定输出key

1.挂载卷时通过items:参数 指定允许输出到卷的键

[root@k8s-master configmap]# ls demoapp-conf.d/  #3个配置文件
envoy.yaml  lds.conf  myserver.conf

[root@k8s-master configmap]# cat demoapp-conf.d/envoy.yaml 
node:
  id: sidecar-proxy
  cluster: demoapp-cluster
  
admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address: { address: 0.0.0.0, port_value: 9901 }

dynamic_resources:
  lds_config:
    path: '/etc/envoy/lds.conf'

static_resources:
  clusters:
  - name: local_service
    connect_timeout: 0.25s
    type: STATIC
    lb_policy: ROUND_ROBIN
    load_assignment:
      cluster_name: local_service
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: 127.0.0.1
                port_value: 8080

[root@k8s-master configmap]# cat demoapp-conf.d/lds.conf 
{
  "version_info": "0",
  "resources": [
    {
      "@type": "type.googleapis.com/envoy.api.v2.Listener",
      "name": "listener_0",
      "address": {
        "socket_address": {
          "address": "0.0.0.0",
          "port_value": 80
        }
      },
      "filter_chains": [
        {
          "filters": [
            {
              "name": "envoy.http_connection_manager",
              "config": {
                "stat_prefix": "ingress_http",
                "codec_type": "AUTO",
                "route_config": {
                  "name": "local_route",
                  "virtual_hosts": [
                    {
                      "name": "local_service",
                      "domains": [
                        "*"
                      ],
                      "routes": [
                        {
                          "match": {
                            "prefix": "/"
                          },
                          "route": {
                            "cluster": "local_service"
                          }
                        }
                      ]
                    }
                  ]
                },
                "http_filters": [
                  {
                    "name": "envoy.router"
                  }
                ]
              }
            }
          ]
        }
      ]
    }
  ]
}


[root@k8s-master configmap]# cat configmaps-volume-demo2.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: configmaps-volume-demo2
  namespace: default
spec:
  containers:
  - name: proxy
    image: envoyproxy/envoy-alpine:v1.14.1
    command: ['/bin/sh','-c','envoy -c /etc/envoy/..data/envoy.yaml']
    volumeMounts:
    - name: appconfs      #通过挂载卷引用comfigmap
      mountPath: /etc/envoy
      readOnly: true
  - name: demo
    image: ikubernetes/demoapp:v1.0
    imagePullPolicy: IfNotPresent
    env:      #通过环境变量引用 但这里引用的comfigmap文件中并没有定义
    - name: PORT
      valueFrom:
        configMapKeyRef:
          name: demoapp-confs
          key: demoapp.port
          optional: false
    - name: HOST
      valueFrom:
        configMapKeyRef:
          name: demoapp-confs
          key: demoapp.host
          optional: true
  volumes:
  - name: appconfs
    configMap:
      name: demoapp-confs   #这里只引用的2个文件
      items:  #默认只允许哪些键 输出给存储卷
      - key: envoy.yaml  #挂载的键名
        path: envoy.yaml  #挂载的文件名  可以和上面不一样
        mode: 0644  #挂载后的权限
      - key: lds.conf
        path: lds.conf
        mode: 0644
      optional: false

[root@k8s-master configmap]# kubectl create  cm demoapp-confs --from-literal=demoapp.host=127.0.0.1 --from-literal=demoapp.port="8080" --from-file=./demoapp-conf.d/   #创建时定义demoapp.host、demoapp.port

[root@k8s-master ~]# kubectl describe cm demoapp-confs
Name:         demoapp-confs
Namespace:    default
Labels:       <none>
Annotations:  <none>

Data
====
demoapp.host:
----
127.0.0.1
demoapp.port:
----
8080
envoy.yaml:
----
node:
  id: sidecar-proxy
  cluster: demoapp-cluster
  
admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address: { address: 0.0.0.0, port_value: 9901 }

dynamic_resources:
  lds_config:
    path: '/etc/envoy/lds.conf'

static_resources:
  clusters:
  - name: local_service
    connect_timeout: 0.25s
    type: STATIC
    lb_policy: ROUND_ROBIN
    load_assignment:
      cluster_name: local_service
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: 127.0.0.1
                port_value: 8080

lds.conf:
----
{
  "version_info": "0",
  "resources": [
    {
      "@type": "type.googleapis.com/envoy.api.v2.Listener",
      "name": "listener_0",
      "address": {
        "socket_address": {
          "address": "0.0.0.0",
          "port_value": 80
        }
      },
      "filter_chains": [
        {
          "filters": [
            {
              "name": "envoy.http_connection_manager",
              "config": {
                "stat_prefix": "ingress_http",
                "codec_type": "AUTO",
                "route_config": {
                  "name": "local_route",
                  "virtual_hosts": [
                    {
                      "name": "local_service",
                      "domains": [
                        "*"
                      ],
                      "routes": [
                        {
                          "match": {
                            "prefix": "/"
                          },
                          "route": {
                            "cluster": "local_service"
                          }
                        }
                      ]
                    }
                  ]
                },
                "http_filters": [
                  {
                    "name": "envoy.router"
                  }
                ]
              }
            }
          ]
        }
      ]
    }
  ]
}

Events:  <none>

[root@k8s-master configmap]# kubectl apply  -f configmaps-volume-demo2.yaml 
pod/configmaps-volume-demo2 created

[root@k8s-master ~]# kubectl get pod -o wide
NAME                                 READY   STATUS    RESTARTS   AGE     IP             NODE        NOMINATED NODE   READINESS GATES
configmaps-volume-demo               1/1     Running   0          6h47m   10.244.1.177   k8s-node1   <none>           <none>
configmaps-volume-demo2              2/2     Running   0          35m     10.244.1.182   k8s-node1   <none>           <none>
my-grafana-7d788c5479-bpztz          1/1     Running   1          2d5h    10.244.2.120   k8s-node2   <none>           <none>
volumes-pvc-longhorn-demo            1/1     Running   0          35h     10.244.2.124   k8s-node2   <none>           <none>

[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c demo -- netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:9901            0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      1/python3
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      -

[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:9901            0.0.0.0:*               LISTEN      1/envoy
tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1/envoy

[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- ls /etc/envoy
envoy.yaml
lds.conf

示例4: configMap subPath挂载指定键

2.在容器挂载卷时,指定挂载哪些键

[root@k8s-master configmap]# cat configmaps-volume-demo3.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: configmap-volume-demo3
  namespace: default
spec:
  containers:
  - image: nginx:alpine
    name: nginx-server
    volumeMounts:
    - name: ngxconfs
      mountPath: /etc/nginx/conf.d/myserver.conf  #本机挂载目录
      subPath: myserver.conf  #挂载configMap中的子项 目录或某个值
      readOnly: true
    - name: ngxconfs
      mountPath: /etc/nginx/conf.d/myserver-gzip.cfg
      subPath: myserver-gzip.cfg
      readOnly: true
  volumes:
  - name: ngxconfs
    configMap:
      name: nginx-config-files  #之前示例中已经创建 包含3个DATA数据项

[root@k8s-master configmap]# kubectl apply  -f configmaps-volume-demo3.yaml 
pod/configmap-volume-demo3 created

[root@k8s-master configmap]# kubectl exec configmap-volume-demo3 -it -- /bin/sh  #只引用了其中2项数据
/ # ls /etc/nginx/conf.d/
default.conf       myserver-gzip.cfg  myserver.conf

configMap 文件的引用、重载

[root@k8s-master configmap]# kubectl get pod -o wide
NAME                                 READY   STATUS    RESTARTS   AGE     IP             NODE        NOMINATED NODE   READINESS GATES
centos-deployment-66d8cd5f8b-95brg   1/1     Running   0          2d18h   10.244.2.117   k8s-node2   <none>           <none>
configmap-volume-demo3               1/1     Running   0          11m     10.244.1.186   k8s-node1   <none>           <none>
configmaps-env-demo                  1/1     Running   0          20h     10.244.1.173   k8s-node1   <none>           <none>
configmaps-volume-demo               1/1     Running   0          19h     10.244.1.177   k8s-node1   <none>           <none>
configmaps-volume-demo2              2/2     Running   0          13h     10.244.1.182   k8s-node1   <none>           <none>
my-grafana-7d788c5479-bpztz          1/1     Running   1          2d18h   10.244.2.120   k8s-node2   <none>           <none>
volumes-pvc-longhorn-demo            1/1     Running   0          2d      10.244.2.124   k8s-node2   <none>           <none>
[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status
Active connections: 1 
server accepts handled requests
 4 4 4 
Reading: 0 Writing: 1 Waiting: 0 
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # cd /etc/nginx/conf.d/
/etc/nginx/conf.d # ls -lA    #引用的comfigMap实际指向是一个隐藏时间戳文件
total 0
drwxr-xr-x    2 root     root            79 Aug  6 08:02 ..2021_08_06_08_02_41.172956995
lrwxrwxrwx    1 root     root            31 Aug  6 08:02 ..data -> ..2021_08_06_08_02_41.172956995
lrwxrwxrwx    1 root     root            24 Aug  6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
lrwxrwxrwx    1 root     root            26 Aug  6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
lrwxrwxrwx    1 root     root            20 Aug  6 08:02 myserver.conf -> ..data/myserver.conf

/etc/nginx/conf.d # cd ..data/  #里面才是真实的配置文件 
/etc/nginx/conf.d/..2021_08_06_08_02_41.172956995 # ls
myserver-gzip.cfg    myserver-status.cfg  myserver.conf
/etc/nginx/conf.d # exit

[root@k8s-master configmap]# kubectl get cm
NAME                 DATA   AGE
demoapp-config       4      42h
demoapp-confs        4      13h
nginx-config         2      21h
nginx-config-files   3      19h
[root@k8s-master configmap]# kubectl edit cm nginx-config-files  #修改对应的configMap
apiVersion: v1
data:
  myserver-gzip.cfg: |
    gzip on;
    gzip_comp_level 5;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css  application/xml text/javascript;
  myserver-status.cfg: |
    location /nginx-status {
    stub_status on;
    access_log off;
    allow 127.0.0.0/8;  #随便添加2行配置
    deny all;
    }
...
configmap/nginx-config-files edited
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # cd /etc/nginx/conf.d/..
..2021_08_06_08_02_41.172956995/  ..data/
/ # cd /etc/nginx/conf.d/
/etc/nginx/conf.d # ls -lA
total 0
drwxr-xr-x    2 root     root            79 Aug  7 03:58 ..2021_08_07_03_58_59.548609753
lrwxrwxrwx    1 root     root            31 Aug  7 03:58 ..data -> ..2021_08_07_03_58_59.548609753   #链接的时间戳文件已经发生改变 重载的时间会在短时间内随机生成 并不是所有Pod同一时间重载
lrwxrwxrwx    1 root     root            24 Aug  6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
lrwxrwxrwx    1 root     root            26 Aug  6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
lrwxrwxrwx    1 root     root            20 Aug  6 08:02 myserver.conf -> ..data/myserver.conf

/ # nginx -T    #应用是否支持热加载和自动重载需要看具体的应用,一般云原生应用都会支持热加载当检测到配置有更新之后会自动重载,一般非原生应用可能需要重启Pod
# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css  application/xml text/javascript;

# configuration file /etc/nginx/conf.d/myserver-status.cfg:
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.0/8;
deny all;
}

/etc/nginx/conf.d # exit
阅读 112
16 声望
4 粉丝
0 条评论
你知道吗?

16 声望
4 粉丝
文章目录
宣传栏