节选rabbitmq的k8s部署部分
secret用来配置环境变量
1. Secret.yaml:
1.1.配置文件
secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: rabbitmq-secret
namespace: rabbitmq
type: Opaque
data:
RABBITMQ_ERLANG_COOKIE: MTIzajE5dWVkYXM3ZGFkODEwMjNqMTM5ZGph
RABBITMQ_DEFAULT_USER: c3lzdGVt
RABBITMQ_DEFAULT_PASS: cmJtcXUwMTAxMDgxNzEw配置文件设置了3个data:
RABBITMQ_ERLANG_COOKIE: MTIzajE5dWVkYXM3ZGFkODEwMjNqMTM5ZGph
RABBITMQ_DEFAULT_USER: c3lzdGVt
RABBITMQ_DEFAULT_PASS: cmJtcXUwMTAxMDgxNzEwsecret的环境变量是需要进行base64处理的,这3个字断就是处理过的
sysytem的base64就是c3lzdGVt
1.2.部署
sudo kubectl apply -f Secret.yaml
2. StatefulSet配置Config:
Statefulset.yaml部分
containers:
- name: rabbitmq
image: rabbitmq:3.8.2
env:
- name: RABBITMQ_NODENAME
value: rabbit@$(POD_NAME).rabbitmq-internal.$(POD_NAMESPACE).svc.cluster.local
- name: RABBITMQ_USE_LONGNAME
value: "true"
envFrom:
- secretRef:
name: rabbitmq-secret通过envFrom->secretRef里面配置secret的name,这样就等价于配置env内容了
3. StatefulSet验证Secret配置的环境变量:
export 查看
sudo kubectl exec -it rabbitmq-0 -n rabbitmq -- /bin/bash
Defaulted container "rabbitmq" out of: rabbitmq, fix-readonly-config (init)
root@rabbitmq-0:/# export
declare -x RABBITMQ_DEFAULT_PASS="rbmqu0101081710"
declare -x RABBITMQ_DEFAULT_USER="system"
declare -x RABBITMQ_ERLANG_COOKIE="123j19uedas7dad81023j139dja"
declare -x RABBITMQ_HOME="/opt/rabbitmq"
declare -x RABBITMQ_NODENAME="rabbit@rabbitmq-0.rabbitmq-internal.rabbitmq.svc.cluster.local"
declare -x RABBITMQ_PGP_KEY_ID="0x0A9AF2115F4687BD29803A206B73A36E6026DFCA"为了方便查看,把别的环境变量去除了
可以看到RABBITMQ_DEFAULT_USER="system",其他类比