IT/CKA

[CKA독학]configmap/secret 사용법

반응형

configmap 생성 명령어


# config map생성

kubectl create configmap <configmap_name> --from-literal=<key>=<value>

kubectl create configmap app-config-map --from-literal=APP_ENV=prod --from-literal=APP_CODE=code

configmap.yaml 예시


apiVersion: v1

kind: ConfigMap

metadata:

name: app-config-map

data:

APP_ENV: prod

APP_CODE: code

pod에 ENV(환경변수) 적용 yaml 예시


apiVersion: v1

kind: Pod

metadata:

labels:

name: nginx

name: nginx

namespace: default

spec:

containers:

- name: nginx

image: nginx

# ------------------------

env:

- name: APP_ENV

value: prod

- name: APP_CODE

value: code

# ------------------------

pod에 configmap적용 yaml예시 - configmap전체


apiVersion: v1

kind: Pod

metadata:

labels:

name: nginx

name: nginx

namespace: default

spec:

containers:

- name: nginx

image: nginx

# ------------------------

envFrom:

- configMapRef:

name: app-config-map

# ------------------------

pod에 configmap적용 yaml 예시 - 단일 환경변수


apiVersion: v1

kind: Pod

metadata:

labels:

name: nginx

name: nginx

namespace: default

spec:

containers:

- name: nginx

image: nginx

# ------------------------

env:

- name: APP_ENV

valueFrom:

configMapKeyRef:

name: app-config-map

key: APP_ENV

- name: APP_CODE

valueFrom:

configMapKeyRef:

name: app-config-map

key: APP_CODE

# ------------------------

secret 생성 명령어


# secret생성 generic옵션을 주면 type=Opaque으로 설정되며 이는 사용자가 커스텀하는 데이터를 말함

kubectl create secret generic <secret_name> --from-literal=<key>=<value>

kubectl create secret generic app-secret --from-literal=DB_HOST=www.test.com --from-literal=DB_USER=admin --from-literal=DB_PASS=admin

secrect.yaml 예시


apiVersion: v1

kind: Secret

metadata:

name: app-secret

type: Opaque

data:

DB_HOST: base64로_암호화된값

DB_USER: base64로_암호화된값

DB_PASS: base64로_암호화된값

base64암호화 및 복호화


# 암호화

echo -n 'mysql' | base64



# 복호화

echo VGVzdEJhc2U2NA== | base64 --decode

secret사용 하는 yaml 예시 - secret 전체


apiVersion: v1

kind: Pod

metadata:

labels:

name: nginx

name: nginx

namespace: default

spec:

containers:

- name: nginx

image: nginx

# ------------------------

envFrom:

- secretRef:

name: app-secret

# ------------------------

secret사용 하는 yaml 예시 - 단일 환경 변수


apiVersion: v1

kind: Pod

metadata:

labels:

name: nginx

name: nginx

namespace: default

spec:

containers:

- name: nginx

image: nginx

# ------------------------

env:

- name: DB_HOST

valueFrom:

secretKeyRef:

name: app-secret

key: DB_HOST

- name: DB_USER

valueFrom:

secretKeyRef:

name: app-secret

key: DB_USER

# ------------------------
반응형
저작자표시 비영리

'IT > CKA' 카테고리의 다른 글

[CKA독학]Pod의 Multi container/Init container  (0) 2021.06.16
[CKA독학]필수 시험 초기 설정 + 잡기술  (0) 2021.06.11
[CKA독학]docker CMD/ENTRYPOINT 의 차이와 kubernetes command/args 관계  (0) 2021.06.07
[CKA독학]kubernetes Cluster Maintenance 정리(drain/cordon/uncordon/ectd 백업&복구)  (0) 2021.06.04
[CKA독학]kubernetes Static pod/multi scheduler 정리  (0) 2021.06.03

    티스토리툴바