kubernetes部署springboot项目使用configmap尝试

kubernetes部署springboot项目使用configmap尝试

背景：

1. kubernetes部署springboot项目使用configmap

1. 将用到的参数变量化

2. 生成jar包并构建docker image

FROM openjdk:8-jdk-alpine VOLUME /tmp ADD target/game-1.0-SNAPSHOT.jar game-1.0-SNAPSHOT.jar ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/game-1.0-SNAPSHOT.jar"]

docker build -t ccr.ccs.tencentyun.com/xxxx/xxxx:0.2 . docker push ccr.ccs.tencentyun.com/xxxx/xxxx:0.2

3. 生成configmap文件

cat spring-boot.yaml

apiVersion: v1 kind: ConfigMap metadata: name: spring-config data: dev-config.json: '{ "redis.database.host": "xxxx", "redis.database.port": "xxxx", "redis.database.password": "xxxx", "mysql.database.url": "jdbc:mysql://xxxx:3306/xxxx", "mysql.database.username": "xxxx", "mysql.database.password": "xxxxx", "cloud.nacos.server-addr": "http://xxxx:8848", "cloud.nacos.discovery.server-addr": "http://xxxx:8848" }'

kubectl apply -f spring-config.yaml -n qa

4. 部署springboot 服务

cat test.yaml

apiVersion: apps/v1 kind: Deployment metadata: name: pvp-test spec: replicas: 1 strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 selector: matchLabels: app: pvp-test template: metadata: labels: app: pvp-test spec: containers: - name: pvp-test image: ccr.ccs.tencentyun.com/xxxx/xxxx:0.2 env: - name: SPRING_PROFILES_ACTIVE value: "qa" - name: SPRING_APPLICATION_JSON valueFrom: configMapKeyRef: name: spring-config key: dev-config.json envFrom: - configMapRef: name: deploy ports: - containerPort: 8001 name: game-http - containerPort: 8011 name: game-tcp resources: requests: memory: "512M" cpu: "500m" limits: memory: "512M" cpu: "500m" imagePullSecrets: - name: tencent --- apiVersion: v1 kind: Service metadata: name: pvp-test labels: app: pvp-test spec: ports: - port: 8001 name: game-http targetPort: 8001 - port: 8011 name: game-tcp targetPort: 8011 selector: app: pvp-test

kubectl apply -f 2.yaml -n qa

注： imagePullSecrets为下载image的秘钥。如果你是公开的仓库可以忽略。我的仓库用的腾讯云的个人版。秘钥自己创建名字就叫tencent了.测试时候比较仓库 配置文件都起名 1 2 这样的yaml文件了见谅

5. 查看部署结果与nacos注册状况

kubectl get pods -n qa kubectl logs -f pvp-test-7f49fcdb9-dsjlz -n qa

6. 关于报错：

字面上的意思吧？User "system:serviceaccount:qa:default" cannot get resource "configmaps" in API group "" in the namespace "qa".这里算是RBAC clusterrole rolebinding的一个复习吧。 cat configmap-get.yaml

kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: qa name: configmap-get rules: - apiGroups: [""] resources: ["configmap"] verbs: ["get"]

与serviceaccount:qa:default绑定

kubectl create clusterrolebinding configmap-get-configmap --clusterrole=configmap-get --serviceaccount=qa:default

杀死容器继续查看新的容器 的log

kubectl delete pods pvp-test-7f49fcdb9-dsjlz -n qa kubectl logs -f pvp-test-7f49fcdb9-ck9m6 -n qa

​

kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: qa name: configmap-get rules: - apiGroups: [""] resources: ["configmaps"] verbs: ["get"]

apply 重新部署clusterrole。删除旧pod重新查看日志：

kubectl apply -f configmap-get.yaml kubectl delete pods pvp-test-7f49fcdb9-ck9m6 -n qa

后记：

今天复习了好几个知识点......

configmap clusterrole rolebinding

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。