Kubernetes Logs, Exec, Resource Constraint, ConfigMap, Secret

Posted on 2020-07-12 In Kubernetes

logs

1
2
3

kubectl get pods
kubectl logs podname -p
kubectl logs podname

exec

1
2
3

kubectl exec -it pod-name /bin/bash
# 查看cgroup配置
cd /sys/fs/cgroup/memory

Constraint CPU & Memory

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: myboot
  name: myboot
spec:
  replicas: 1
  selector:
    matchLabels:
      app: myboot
  template:
    metadata:
      labels:
        app: myboot
    spec:
      containers:
      - name: myboot
        image: 9stepsawesome/myboot:v1     
        ports:
          - containerPort: 8080
        resources:
          requests: 
            memory: "300Mi" 
            cpu: "250m" # 1/4 core
          limits:
            memory: "400Mi"
            cpu: "1000m" # 1 core

ConfigMap

First Let’s see the environment.

Change the environment on deployment:

1	kubectl set env deployment/myboot GREETING="hi"

Unset environment:

1	kubectl set env deployment/myboot GREETING-

Then let’s see the config map.

kubectl create cm my-config --from-env-file=config/some.properties

some.properties:

1 2	GREETING=LiuLixiang MSG=hello

deployment.yml which uses the ConfigMap:

spec:
    containers:
    - name: myboot
    envFrom:
    - configMapRef:
        name: my-config

Partial.java

@Autowired
private Environment environment;

String greeting = environment.getProperties("GREETING", "default");

Secrets

1 2	kubectl create secret generic mysecret --from-literal=user='username' --from-literal=password='mypassord' kubectl get secret mysecret -o yaml

Secrets’s data is encoded.

1	echo 'dXNlcm5hbWU=' \| base64 --decode

use the secret in the yaml:

spec:
    containers:
    - name: myboot
    image: 9stepsawesome/myboot:v1  
    ports:
        - containerPort: 8080
    volumeMounts:          
        - name: mysecretvolume
        mountPath: /mystuff/secretstuff
        readOnly: true
    volumes:
    - name: mysecretvolume
        secret:
        secretName: mysecret

use in the container:

kubectl exec -it podname /bin/bash
# in the pod
cd /mystuff/secretstuff
cat username