共计 16721 个字符,预计需要花费 42 分钟才能阅读完成。
前言
外围资源类型存储卷,PV、PVC、SC、CSI(Longhorn)
非凡类型的插件:ConfigMap、Secret、downwardAPI
如何为容器化利用提供配置信息:
- 启动容器时, 间接向应用程序传递参数,args: []
- 将定义好的配置文件焙进镜像之中;
- 通过环境变量向容器传递配置数据: 有个前提要求,利用得反对从环境变量加载配置信息;
制作镜像时,应用 entrypoint 脚本来预处理变量,常见的做法就是应用非交互式编辑工具,将环境变量的值替换到利用的配置文件中; - 基于存储卷向容器传递配置文件;
运行中的扭转, 须要由应用程序重载;
ConfigMap 简介
ConfigMap API 资源用来保留 key-value pair 配置数据,这个数据能够在 pods 里应用,或者被用来为像 controller 一样的零碎组件存储配置数据。尽管 ConfigMap 跟 Secrets 相似,然而 ConfigMap 更不便的解决不含敏感信息的字符串。留神:ConfigMaps 不是属性配置文件的替代品。ConfigMaps 只是作为多个 properties 文件的援用。你能够把它了解为 Linux 零碎中的 /etc 目录,专门用来存储配置文件的目录。
ConfigMap 通过 env 环境变量援用
通过环境变量的配置容器化利用时,须要在容器配置段中嵌套应用 env 字段,它的值是一个由环境变量构建的列表。每个环项变量通常由 name 和 value(或 valueFron)字段形成
- name <string>: 环境变量的名称, 必选字段;
- value <string>: 环境变量的值,通过 $(VAR_NAME)援用,逃逸格局为“$$(VAR_NAME)” 默认值为空;
- valueFrom <object> ∶环境变量值的援用源,例如以后 Pod 资源的名称、名称空间、标签等,不能与非空值的 value 字段同时应用,即环境变量的值要么源于 value 字段,要么源于 valuFron 字段,二者不可同时提供数据。
- valueFron: 字段可援用的值有多种起源,包含以后 Pod 资源的属性值,容器相干的零碎资源配置、ConfigMap 对象中的 key 以及 Secret 对象中的 Key,它们别离要应用不同的嵌套字段进行定义。
- fieldRef <bject>: 以后 Pod 资源的指定字段,目前反对应用的字段包含 metadata.mime、metadata.namespce、metadata.labels、metadeta.annotations、spesc.nodeName、spec.serviceAccountName、status.hostIP 和 status.podIP 等;
- configMapKeyRef <Object>: ConfigMap 对象中的特定 Key;
- secretKeyRef<object>: Secret 对象中的特定 Key;
- resourceFieldRef <object>: 以后容器的特定系统资源的最小值(配额)或最大值《限额),目前反对的援用包含 limits.cpu. limits.memory、limits.ephemeral-storage. requests.cpu、reuests.memory 和 requests.ephemeral-storage
[root@k8s-master ~]# kubectl create configmap --help #查看示例
...
Examples:
# Create a new configmap named my-config based on folder bar
kubectl create configmap my-config --from-file=path/to/bar
# Create a new configmap named my-config with specified keys instead of file basenames on disk
kubectl create configmap my-config --from-file=key1=/path/to/bar/file1.txt --from-file=key2=/path/to/bar/file2.txt
# Create a new configmap named my-config with key1=config1 and key2=config2
kubectl create configmap my-config --from-literal=key1=config1 --from-literal=key2=config2
# Create a new configmap named my-config from the key=value pairs in the file
kubectl create configmap my-config --from-file=path/to/bar
# Create a new configmap named my-config from an env file
kubectl create configmap my-config --from-env-file=path/to/bar.env
Options:
--allow-missing-template-keys=true: If true, ignore any errors in templates when a field or map key is missing in
...
示例 1:comfigMap 创立
[root@k8s-master nginx-conf.d]# cat myserver.conf
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {root /usr/share/nginx/html;}
}
[root@k8s-master nginx-conf.d]# cat myserver-gzip.cfg
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
[root@k8s-master nginx-conf.d]# cat myserver-status.cfg
location /nginx-status {
stub_status on;
access_log off;
}
[root@k8s-master nginx-conf.d]# ls #一共 3 个配置文件
myserver.conf myserver-gzip.cfg myserver-status.cfg
[root@k8s-master ~]# kubectl create configmap demoapp-config --from-literal=host=0.0.0.0 --from-literal=port=8080 #创立 host=0.0.0.0、literal=port=8080 为两个 val
configmap/demoapp-config created
[root@k8s-master ~]# kubectl get cm
NAME DATA AGE
demoapp-config 2 5s #能够看到 DATA 为 2 2 个数据项
my-grafana 1 34d
my-grafana-test 1 34d
[root@k8s-master ~]# kubectl describe cm demoapp-config
Name: demoapp-config
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
port: #数据项 1 Port:8080
----
8080
host: #数据项 2 host: 0.0.0.
----
0.0.0.0
Events: <none>
[root@k8s-master ~]# kubectl get cm demoapp-config -o yaml
apiVersion: v1
data:
host: 0.0.0.0
port: "8080"
kind: ConfigMap
metadata:
creationTimestamp: "2021-08-05T09:16:15Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:host: {}
f:port: {}
manager: kubectl-create
operation: Update
time: "2021-08-05T09:16:15Z"
name: demoapp-config
namespace: default
resourceVersion: "6906130"
selfLink: /api/v1/namespaces/default/configmaps/demoapp-config
uid: 625c38a9-02bc-43c7-b351-b2ce7387cab7
[root@k8s-master nginx-conf.d]# kubectl create configmap nginx-config --from-file=./myserver.conf --from-file=status.cfg=./myserver-status.cfg #创立 2 个数据项指定文件, 默认以文件名为键名 第 2 个文件指定 status.cfg 为键名
configmap/nginx-config created
[root@k8s-master nginx-conf.d]# kubectl get cm
NAME DATA AGE
demoapp-config 2 18m
my-grafana 1 34d
my-grafana-test 1 34d
nginx-config 2 17s
[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config -o yaml
apiVersion: v1
data:
myserver.conf: | # | 为多行键值分隔符 为了保留多行数据应用了 | 和缩进
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {root /usr/share/nginx/html;}
}
status.cfg: |
location /nginx-status {
stub_status on;
access_log off;
}
kind: ConfigMap
metadata:
creationTimestamp: "2021-08-06T06:35:41Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:myserver.conf: {}
f:status.cfg: {}
manager: kubectl-create
operation: Update
time: "2021-08-06T06:35:41Z"
name: nginx-config
namespace: default
resourceVersion: "7159858"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config
uid: 8dbd637a-fb23-447a-8bb5-9e722d7e871d
[root@k8s-master nginx-conf.d]# ls
myserver.conf myserver-gzip.cfg myserver-status.cfg
[root@k8s-master configmap]# kubectl create configmap nginx-config-files --from-file=./nginx-conf.d/
configmap/nginx-config-file created
[root@k8s-master configmap]# kubectl get cm
NAME DATA AGE
demoapp-config 2 21h
my-grafana 1 35d
my-grafana-test 1 35d
nginx-config 2 18m
nginx-config-files 3 3s #3 个数据项
[root@k8s-master nginx-conf.d]# kubectl get cm nginx-config-files -o yaml
apiVersion: v1
data:
myserver-gzip.cfg: |
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
myserver-status.cfg: |
location /nginx-status {
stub_status on;
access_log off;
}
myserver.conf: |
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {root /usr/share/nginx/html;}
}
kind: ConfigMap
metadata:
creationTimestamp: "2021-08-06T08:02:34Z"
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:myserver-gzip.cfg: {}
f:myserver-status.cfg: {}
f:myserver.conf: {}
manager: kubectl-create
operation: Update
time: "2021-08-06T08:02:34Z"
name: nginx-config-files
namespace: default
resourceVersion: "7177123"
selfLink: /api/v1/namespaces/default/configmaps/nginx-config-files
uid: 2fd21dc3-5e61-4413-bcd5-35337b1ce286
示例 2: configMap 援用
[root@k8s-master configmap]# cat configmaps-env-demo.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: demoapp-config
namespace: default
data:
demoapp.port: "8080"
demoapp.host: 0.0.0.0
---
apiVersion: v1
kind: Pod
metadata:
name: configmaps-env-demo
namespace: default
spec:
containers:
- image: ikubernetes/demoapp:v1.0
name: demoapp
env:
- name: PORT
valueFrom:
configMapKeyRef: #援用 configMap 键值
name: demoapp-config
key: demoapp.port
optional: false #是否为可有可无项 false 为必选项
- name: HOST
valueFrom:
configMapKeyRef:
name: demoapp-config
key: demoapp.host
optional: true #是否可有可无 ture 非必选项
[root@k8s-master configmap]# kubectl apply -f configmaps-env-demo.yaml
[root@k8s-master configmap]# kubectl get pod
NAME READY STATUS RESTARTS AGE
centos-deployment-66d8cd5f8b-95brg 1/1 Running 0 46h
configmaps-env-demo 1/1 Running 0 118s
my-grafana-7d788c5479-bpztz 1/1 Running 1 46h
volumes-pvc-longhorn-demo 1/1 Running 0 27h
[root@k8s-master comfigmap]# kubectl exec configmaps-env-demo -- netstat -tnl #查看配置是否失效
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
[root@k8s-master configmap]# cat configmaps-volume-demo.yaml
apiVersion: v1
kind: Pod
metadata:
name: configmaps-volume-demo
namespace: default
spec:
containers:
- image: nginx:alpine
name: nginx-server
volumeMounts:
- name: ngxconfs
mountPath: /etc/nginx/conf.d/
readOnly: true
volumes :
- name: ngxconfs
configMap:
name: nginx-config-files #援用后面定义的 configmap
optional: false
[root@k8s-master configmap]# kubectl get pod
NAME READY STATUS RESTARTS AGE
centos-deployment-66d8cd5f8b-95brg 1/1 Running 0 46h
configmaps-env-demo 1/1 Running 0 35m
configmaps-volume-demo 1/1 Running 0 6m8s
my-grafana-7d788c5479-bpztz 1/1 Running 1 46h
volumes-pvc-longhorn-demo 1/1 Running 0 28h
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # nginx -T
......
# configuration file /etc/nginx/conf.d/myserver.conf: #看容器配置文件是否加载 configmap 配置
server {
listen 8080;
server_name www.ik8s.io;
include /etc/nginx/conf.d/myserver-*.cfg;
location / {root /usr/share/nginx/html;}
}
# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
# configuration file /etc/nginx/conf.d/myserver-status.cfg:
location /nginx-status {
stub_status on;
access_log off;
}
[root@k8s-master configmap]# kubectl get pods configmaps-volume-demo -o go-template={{.status.podIP}}
10.244.1.177
[root@k8s-master configmap]# curl 10.244.1.177:8080 #默认页面
...
<h1>Welcome to nginx!</h1>
[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status #自定义页面
Active connections: 1
server accepts handled requests
2 2 2
Reading: 0 Writing: 1 Waiting: 0
挂载 configMap 一部分资源时有两种办法
1. 挂载卷时通过 items: 参数 指定容许输入到卷的键
2. 在容器挂载卷时,指定挂载哪些卷
示例 3 configMap items: 指定输入 key
1. 挂载卷时通过 items: 参数 指定容许输入到卷的键
[root@k8s-master configmap]# ls demoapp-conf.d/ #3 个配置文件
envoy.yaml lds.conf myserver.conf
[root@k8s-master configmap]# cat demoapp-conf.d/envoy.yaml
node:
id: sidecar-proxy
cluster: demoapp-cluster
admin:
access_log_path: /tmp/admin_access.log
address:
socket_address: {address: 0.0.0.0, port_value: 9901}
dynamic_resources:
lds_config:
path: '/etc/envoy/lds.conf'
static_resources:
clusters:
- name: local_service
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
[root@k8s-master configmap]# cat demoapp-conf.d/lds.conf
{
"version_info": "0",
"resources": [
{
"@type": "type.googleapis.com/envoy.api.v2.Listener",
"name": "listener_0",
"address": {
"socket_address": {
"address": "0.0.0.0",
"port_value": 80
}
},
"filter_chains": [
{
"filters": [
{
"name": "envoy.http_connection_manager",
"config": {
"stat_prefix": "ingress_http",
"codec_type": "AUTO",
"route_config": {
"name": "local_route",
"virtual_hosts": [
{
"name": "local_service",
"domains": ["*"],
"routes": [
{
"match": {"prefix": "/"},
"route": {"cluster": "local_service"}
}
]
}
]
},
"http_filters": [
{"name": "envoy.router"}
]
}
}
]
}
]
}
]
}
[root@k8s-master configmap]# cat configmaps-volume-demo2.yaml
apiVersion: v1
kind: Pod
metadata:
name: configmaps-volume-demo2
namespace: default
spec:
containers:
- name: proxy
image: envoyproxy/envoy-alpine:v1.14.1
command: ['/bin/sh','-c','envoy -c /etc/envoy/..data/envoy.yaml']
volumeMounts:
- name: appconfs #通过挂载卷援用 comfigmap
mountPath: /etc/envoy
readOnly: true
- name: demo
image: ikubernetes/demoapp:v1.0
imagePullPolicy: IfNotPresent
env: #通过环境变量援用 但这里援用的 comfigmap 文件中并没有定义
- name: PORT
valueFrom:
configMapKeyRef:
name: demoapp-confs
key: demoapp.port
optional: false
- name: HOST
valueFrom:
configMapKeyRef:
name: demoapp-confs
key: demoapp.host
optional: true
volumes:
- name: appconfs
configMap:
name: demoapp-confs #这里只援用的 2 个文件
items: #默认只容许哪些键 输入给存储卷
- key: envoy.yaml #挂载的键名
path: envoy.yaml #挂载的文件名 能够和下面不一样
mode: 0644 #挂载后的权限
- key: lds.conf
path: lds.conf
mode: 0644
optional: false
[root@k8s-master configmap]# kubectl create cm demoapp-confs --from-literal=demoapp.host=127.0.0.1 --from-literal=demoapp.port="8080" --from-file=./demoapp-conf.d/ #创立时定义 demoapp.host、demoapp.port
[root@k8s-master ~]# kubectl describe cm demoapp-confs
Name: demoapp-confs
Namespace: default
Labels: <none>
Annotations: <none>
Data
====
demoapp.host:
----
127.0.0.1
demoapp.port:
----
8080
envoy.yaml:
----
node:
id: sidecar-proxy
cluster: demoapp-cluster
admin:
access_log_path: /tmp/admin_access.log
address:
socket_address: {address: 0.0.0.0, port_value: 9901}
dynamic_resources:
lds_config:
path: '/etc/envoy/lds.conf'
static_resources:
clusters:
- name: local_service
connect_timeout: 0.25s
type: STATIC
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: local_service
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 8080
lds.conf:
----
{
"version_info": "0",
"resources": [
{
"@type": "type.googleapis.com/envoy.api.v2.Listener",
"name": "listener_0",
"address": {
"socket_address": {
"address": "0.0.0.0",
"port_value": 80
}
},
"filter_chains": [
{
"filters": [
{
"name": "envoy.http_connection_manager",
"config": {
"stat_prefix": "ingress_http",
"codec_type": "AUTO",
"route_config": {
"name": "local_route",
"virtual_hosts": [
{
"name": "local_service",
"domains": ["*"],
"routes": [
{
"match": {"prefix": "/"},
"route": {"cluster": "local_service"}
}
]
}
]
},
"http_filters": [
{"name": "envoy.router"}
]
}
}
]
}
]
}
]
}
Events: <none>
[root@k8s-master configmap]# kubectl apply -f configmaps-volume-demo2.yaml
pod/configmaps-volume-demo2 created
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
configmaps-volume-demo 1/1 Running 0 6h47m 10.244.1.177 k8s-node1 <none> <none>
configmaps-volume-demo2 2/2 Running 0 35m 10.244.1.182 k8s-node1 <none> <none>
my-grafana-7d788c5479-bpztz 1/1 Running 1 2d5h 10.244.2.120 k8s-node2 <none> <none>
volumes-pvc-longhorn-demo 1/1 Running 0 35h 10.244.2.124 k8s-node2 <none> <none>
[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c demo -- netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 1/python3
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN 1/envoy
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1/envoy
[root@k8s-master ~]# kubectl exec configmaps-volume-demo2 -c proxy -- ls /etc/envoy
envoy.yaml
lds.conf
示例 4: configMap subPath 挂载指定键
2. 在容器挂载卷时,指定挂载哪些键
[root@k8s-master configmap]# cat configmaps-volume-demo3.yaml
apiVersion: v1
kind: Pod
metadata:
name: configmap-volume-demo3
namespace: default
spec:
containers:
- image: nginx:alpine
name: nginx-server
volumeMounts:
- name: ngxconfs
mountPath: /etc/nginx/conf.d/myserver.conf #本机挂载目录
subPath: myserver.conf #挂载 configMap 中的子项 目录或某个值
readOnly: true
- name: ngxconfs
mountPath: /etc/nginx/conf.d/myserver-gzip.cfg
subPath: myserver-gzip.cfg
readOnly: true
volumes:
- name: ngxconfs
configMap:
name: nginx-config-files #之前示例中曾经创立 蕴含 3 个 DATA 数据项
[root@k8s-master configmap]# kubectl apply -f configmaps-volume-demo3.yaml
pod/configmap-volume-demo3 created
[root@k8s-master configmap]# kubectl exec configmap-volume-demo3 -it -- /bin/sh #只援用了其中 2 项数据
/ # ls /etc/nginx/conf.d/
default.conf myserver-gzip.cfg myserver.conf
configMap 文件的援用、重载
[root@k8s-master configmap]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
centos-deployment-66d8cd5f8b-95brg 1/1 Running 0 2d18h 10.244.2.117 k8s-node2 <none> <none>
configmap-volume-demo3 1/1 Running 0 11m 10.244.1.186 k8s-node1 <none> <none>
configmaps-env-demo 1/1 Running 0 20h 10.244.1.173 k8s-node1 <none> <none>
configmaps-volume-demo 1/1 Running 0 19h 10.244.1.177 k8s-node1 <none> <none>
configmaps-volume-demo2 2/2 Running 0 13h 10.244.1.182 k8s-node1 <none> <none>
my-grafana-7d788c5479-bpztz 1/1 Running 1 2d18h 10.244.2.120 k8s-node2 <none> <none>
volumes-pvc-longhorn-demo 1/1 Running 0 2d 10.244.2.124 k8s-node2 <none> <none>
[root@k8s-master configmap]# curl -H "Host:www.ik8s.io" 10.244.1.177:8080/nginx-status
Active connections: 1
server accepts handled requests
4 4 4
Reading: 0 Writing: 1 Waiting: 0
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # cd /etc/nginx/conf.d/
/etc/nginx/conf.d # ls -lA #援用的 comfigMap 理论指向是一个暗藏工夫戳文件
total 0
drwxr-xr-x 2 root root 79 Aug 6 08:02 ..2021_08_06_08_02_41.172956995
lrwxrwxrwx 1 root root 31 Aug 6 08:02 ..data -> ..2021_08_06_08_02_41.172956995
lrwxrwxrwx 1 root root 24 Aug 6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
lrwxrwxrwx 1 root root 26 Aug 6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
lrwxrwxrwx 1 root root 20 Aug 6 08:02 myserver.conf -> ..data/myserver.conf
/etc/nginx/conf.d # cd ..data/ #外面才是实在的配置文件
/etc/nginx/conf.d/..2021_08_06_08_02_41.172956995 # ls
myserver-gzip.cfg myserver-status.cfg myserver.conf
/etc/nginx/conf.d # exit
[root@k8s-master configmap]# kubectl get cm
NAME DATA AGE
demoapp-config 4 42h
demoapp-confs 4 13h
nginx-config 2 21h
nginx-config-files 3 19h
[root@k8s-master configmap]# kubectl edit cm nginx-config-files #批改对应的 configMap
apiVersion: v1
data:
myserver-gzip.cfg: |
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
myserver-status.cfg: |
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.0/8; #轻易增加 2 行配置
deny all;
}
...
configmap/nginx-config-files edited
[root@k8s-master configmap]# kubectl exec configmaps-volume-demo -it -- /bin/sh
/ # cd /etc/nginx/conf.d/..
..2021_08_06_08_02_41.172956995/ ..data/
/ # cd /etc/nginx/conf.d/
/etc/nginx/conf.d # ls -lA
total 0
drwxr-xr-x 2 root root 79 Aug 7 03:58 ..2021_08_07_03_58_59.548609753
lrwxrwxrwx 1 root root 31 Aug 7 03:58 ..data -> ..2021_08_07_03_58_59.548609753 #链接的工夫戳文件曾经产生扭转 重载的工夫会在短时间内随机生成 并不是所有 Pod 同一时间重载
lrwxrwxrwx 1 root root 24 Aug 6 08:02 myserver-gzip.cfg -> ..data/myserver-gzip.cfg
lrwxrwxrwx 1 root root 26 Aug 6 08:02 myserver-status.cfg -> ..data/myserver-status.cfg
lrwxrwxrwx 1 root root 20 Aug 6 08:02 myserver.conf -> ..data/myserver.conf
/ # nginx -T #利用是否反对热加载和主动重载须要看具体的利用,个别云原生利用都会反对热加载当检测到配置有更新之后会主动重载,个别非原生利用可能须要重启 Pod
# configuration file /etc/nginx/conf.d/myserver-gzip.cfg:
gzip on;
gzip_comp_level 5;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/xml text/javascript;
# configuration file /etc/nginx/conf.d/myserver-status.cfg:
location /nginx-status {
stub_status on;
access_log off;
allow 127.0.0.0/8;
deny all;
}
/etc/nginx/conf.d # exit
正文完
发表至: kubernetes
2021-10-25