这里以nginx为例,主要是提供一种思路。
需要用到基础镜像的时候,优先使用官方的,如果官方的不符合要求,则自己做一个,(不用使用centos镜像,推荐使用Alpine、busybox,都是精简过的,达到同样的功能,占用空间少了几百兆)
1.将配置文件储存为configmap
apiVersion: v1 data: nginx.conf: "user nginx; \nworker_processes auto; \npid /var/run/nginx.pid;\nworker_rlimit_nofile 65536; \nevents { \n use epoll; \n worker_connections 65535; \n}\nhttp {\ncharset UTF-8; \nsendfile on; \ntcp_nopush on; \ntcp_nodelay on;\ntypes_hash_max_size 2048;\nkeepalive_timeout 65;\nclient_header_timeout 60s;\nclient_body_timeout 60s;\nsend_timeout 300s;\nserver_tokens off; \nclient_max_body_size 8m; \ninclude /etc/nginx/mime.types;\ndefault_type application/octet-stream;\nlog_format main - [] ; \naccess_log /var/log/nginx/nginx-access.log main;\nerror_log /var/log/nginx/nginx-error.log;\n\n limit_conn_zone $binary_remote_addr zone=perip:10m;\n limit_conn_zone $server_name zone=perserver:10m;\n limit_conn perip 200;\nlimit_conn perserver 200;\nlimit_rate 3000k;\n add_header X-Cache $upstream_cache_status;\n add_header X-Content-Type-Options nosniff;\ngzip on;\ngzip_disable \"msie6\";\n gzip_vary on;\n gzip_proxied any;\n gzip_comp_level 6;\n gzip_buffers 16 8k;\n gzip_http_version 1.1;\n gzip_types image/png text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif; \ninclude /etc/nginx/conf.d/*.conf; \n}\n\n\n" kind: ConfigMap metadata: name: nginx-conf namespace: default
2.创建一个deployment。
注:mountPath的方式挂载会覆盖整个nginx目录,挂载配置文件数据卷,通过subpath的方式指定挂载单个文件
apiVersion: apps/v1 kind: Deployment metadata: annotations: {} labels: app: nginx-test name: nginx-test namespace: default spec: replicas: 1 selector: matchLabels: app: nginx-test strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: creationTimestamp: null labels: app: nginx-test spec: affinity: {} containers: - env: - name: TZ value: Asia/Shanghai - name: LANG value: C.UTF-8 image: nginx:latest imagePullPolicy: Always lifecycle: {} name: nginx-test ports: - containerPort: 80 name: web protocol: TCP resources: limits: cpu: 100m memory: 100Mi requests: cpu: 10m memory: 10Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /usr/share/zoneinfo/Asia/Shanghai name: tz-config - mountPath: /etc/localtime name: tz-config - mountPath: /etc/timezone name: timezone - mountPath: /etc/nginx/nginx.conf name: nginx-config readOnly: true subPath: nginx.conf dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - hostPath: path: /usr/share/zoneinfo/Asia/Shanghai type: "" name: tz-config - hostPath: path: /etc/timezone type: "" name: timezone - configMap: defaultMode: 420 name: nginx-conf name: nginx-config
就是做了一件事,将之前保存到configmap的nginx配置文件挂载到镜像里面覆盖了原有的配置文件
注解:
配置文件挂载方式: volumes: - mountPath: /etc/nginx/nginx.conf name: nginx-config readOnly: true subPath: nginx.conf #一定要指定文件这样他只会覆盖这个文件,要不然覆盖整个目录nginx就没办法启动了