K8s 配置管理

配置管理

ConfigMap配置

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  database.properties: |
    db.host=mysql
    db.port=3306
    db.name=myapp
  app.properties: |
    app.name=MyApplication
    app.version=1.0.0

---
# 在Pod中使用ConfigMap
apiVersion: v1
kind: Pod
metadata:
  name: app-pod
spec:
  containers:
  - name: app
    image: myapp:latest
    env:
    - name: DB_HOST
      valueFrom:
        configMapKeyRef:
          name: app-config
          key: db.host
    volumeMounts:
    - name: config-volume
      mountPath: /app/config
  volumes:
  - name: config-volume
    configMap:
      name: app-config

Secret配置（敏感数据）

# 创建Secret（命令行方式）
kubectl create secret generic db-secret \
  --from-literal=username=admin \
  --from-literal=password=secret123

# 或使用YAML（需base64编码）
apiVersion: v1
kind: Secret
metadata:
  name: db-secret
type: Opaque
data:
  username: YWRtaW4=  # base64编码的admin
  password: c2VjcmV0MTIz  # base64编码的secret123

---
# 在Pod中使用Secret
apiVersion: v1
kind: Pod
metadata:
  name: app-pod
spec:
  containers:
  - name: app
    image: myapp:latest
    env:
    - name: DB_USERNAME
      valueFrom:
        secretKeyRef:
          name: db-secret
          key: username
    - name: DB_PASSWORD
      valueFrom:
        secretKeyRef:
          name: db-secret
          key: password