k8s之Secret

  一、密鑰配置,簡單一點就是重要的密鑰管理。

  、阿里雲(其他docker倉庫也適用)的密鑰管理

  1)登錄自己的docker倉庫

docker login --username=<email> registry.cn-chengdu.aliyuncs.com

  2)獲取密鑰並轉成base64

cat ~/.docker/config.json | base64

  

   3)編寫Secret

apiVersion: v1
kind: Secret
metadata:
  name: aliyun-secret
  namespace: default
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJ...

  三、鏡像拉取配置

apiVersion: apps/v1
kind: Deployment
metadata:
  name: xbd-nacos
spec:
  replicas: 2
  selector:
    matchLabels:
      app: xbd-nacos
  template:
    metadata:
      labels:
        app: xbd-nacos
    spec:
      containers:
        - name: xbd-nacos
          image: registry.cn-chengdu.aliyuncs.com/xbd/xbd-nacos:1.0
          imagePullPolicy: IfNotPresent
          env:
            - name: MODE
              value: standalone
            - name: SPRING_DATASOURCE_PLATFORM
              value: mysql
            - name: MYSQL_SERVICE_HOST
              value: xbd-mysql
            - name: MYSQL_SERVICE_PORT
              value: "3306"
            - name: MYSQL_SERVICE_DB_NAME
              value: xbd_nacos
            - name: MYSQL_SERVICE_USER
              value: root
            - name: MYSQL_SERVICE_PASSWORD
              value: root
            - name: MYSQL_SERVICE_DB_PARAM
              value: characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=GMT%2B8&allowMultiQueries=true&allowPublicKeyRetrieval=true
      imagePullSecrets:
        - name: aliyun-secret
apiVersion: v1
kind: Service
metadata:
  name: xbd-nacos
spec:
  ports:
    - port: 8848
      targetPort: 8848
  selector:
    app: xbd-nacos
  type: ClusterIP

 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章