일프로 미션3 ConfigMap & Secret
▶ 응용1 : Configmap의 환경변수들을 Secret을 사용해서 작성하고, App에서는 같은 결과가 나오도록 확인해 보세요.☞ Secret을 이렇게 사용하는 경우는 별로 보지 못했습니다. 여러가지 방법으로 Secret을 만들어본다는데 의의를 두시면 됩니다. Step1. Secret 생성 (1) - dashboardapiVersion: v1 kind: Secret metadata: namespace: anotherclass-123 name: api-tester-1231-properties labels: part-of: k8s-anotherclass component: backend-server name: api-tester instance: api-tester-1231 version: 1.0.0 managed-by: dashboard stringData: spring_profiles_active: "dev" application_role: "ALL" postgresql_filepath: "/usr/src/myapp/datasource/dev/postgresql-info.yaml"Step1 - Secret 생성 (2) - kubectl #1kubectl apply -f - <<EOF apiVersion: v1 kind: Secret metadata: namespace: anotherclass-123 name: api-tester-1231-properties labels: part-of: k8s-anotherclass component: backend-server name: api-tester instance: api-tester-1231 version: 1.0.0 managed-by: dashboard data: spring_profiles_active: $(echo -n "dev" | base64 -w0) application_role: $(echo -n "ALL" | base64 -w0) postgresql_filepath: $(echo -n "/usr/src/myapp/datasource/dev/postgresql-info.yaml" | base64 -w0) EOFStep1 - Secret 생성 (2) - kubectl #2 (이렇게 쓰는건 label 넣기도 불편하고, 명령어 관리가 불편하긴 해요)kubectl create secret -n anotherclass-123 generic api-tester-1231-properties2 --from-literal=spring_profiles_active=dev --from-literal=application_role=ALL --from-literal=postgresql_filepath="/usr/src/myapp/datasource/dev/postgresql-info.yaml"결과 확인Step2. Deployment의 envFrom.secretRef 부분 업데이트(1) - 대시보드apiVersion: apps/v1 kind: Deployment metadata: namespace: anotherclass-123 name: api-tester-1231 spec: template: spec: nodeSelector: kubernetes.io/hostname: k8s-master containers: - name: api-tester-1231 image: 1pro/api-tester:v1.0.0 envFrom: - secretRef: name: api-tester-1231-propertiesStep2. Deployment의 envFrom.secretRef 부분 업데이트(2) - kubectlkubectl edit -n anotherclass-123 deployments.apps api-tester-1231 ▶ 응용2 : 반대로 Secret의 DB정보를 Configmap으로 만들어보고 App을 동작시켜 보세요☞ Configmap을 Volume에 연결해서 쓰는 케이스는 매우 많습니다.Step1 - ConfigMap 생성apiVersion: v1 kind: ConfigMap metadata: namespace: anotherclass-123 name: api-tester-1231-postgresql labels: part-of: k8s-anotherclass component: backend-server name: api-tester instance: api-tester-1231 version: 1.0.0 managed-by: dashboard data: postgresql-info.yaml: | driver-class-name: "org.postgresql.Driver" url: "jdbc:postgresql://postgresql:5431" username: "dev" password: "dev123"결과Step2. Deployment의 envFrom.secretRef 부분 업데이트(1) - 대시보드apiVersion: apps/v1 kind: Deployment metadata: namespace: anotherclass-123 name: api-tester-1231 spec: template: spec: nodeSelector: kubernetes.io/hostname: k8s-master containers: - name: api-tester-1231 image: 1pro/api-tester:v1.0.0 volumeMounts: - name: configmap-datasource mountPath: /usr/src/myapp/datasource/dev volumes: - name: configmap-datasource configMap: name: api-tester-1231-postgresqlStep2. Deployment의 envFrom.secretRef 부분 업데이트(2) - kubectlkubectl edit -n anotherclass-123 deployments.apps api-tester-1231
