从.env文件创建kubernetes env var秘密 [英] Create kubernetes env var secrets from .env file

问题描述

我有一个nodejs应用程序，该应用程序将变量存储在环境变量中.

I have a nodejs application which stores variables in environment variables.

我正在使用 dotenv 模块，所以我有一个 .env文件如下:

I'm using the dotenv module, so I have a .env file that looks like :

VAR1=value1
VAR2=something_else

我当前正在设置一个BitBucket管道，以将其自动部署到Kubernetes集群.
尽管我仔细阅读它们，但我对kubernetes的秘密不是很熟悉.

I'm currently setting up a BitBucket Pipeline to auto deploy this to a Kubernetes cluster.
I'm not very familiar with kubernetes secrets, though I'm reading up on them.

我想知道:

是否有一种简单的方法可以将我在 .env 文件中定义的所有环境变量发送到Docker容器/kubernetes-deployment，以便它们在我的Pod中可用应用正在运行吗?

Is there an easy way to send to a Docker-container / kubernetes-deployment all of the environment variables I have defined in my .env file so they are available in the pods my app is running in ?

我希望找到一个示例文件 secrets.yml 或类似文件，该文件可以将 .env 中的所有内容都放入容器中的环境变量中.但这也可以在BitBucket管道级别或Docker容器级别完成..我不确定...

I'm hoping for an example secrets.yml file or similar which takes everything from .env and makes in into environment variables in the container. But it could also be done in the BitBucket pipeline level, or at the Docker container level .. I'm not sure ...

推荐答案

步骤1:使用您的 .env 文件创建一个k8s机密:

Step 1: Create a k8s secret with your .env file:

# kubectl create secret generic <secret-name> --from-env-file=<path-to-env-file> 

$ kubectl create secret generic my-env-list --from-env-file=.env 
secret/my-env-list created

第2步:更改秘密:

$ kubectl get secret my-env-list -o yaml
apiVersion: v1
data:
  VAR1: dmFsdWUx
  VAR2: c29tZXRoaW5nX2Vsc2U=
kind: Secret
metadata:
  name: my-env-list
  namespace: default
type: Opaque

步骤3:将 env 添加到容器的容器中:

Step 3: Add env to your pod's container:

apiVersion: v1
kind: Pod
metadata:
  name: demo-pod
spec:
  containers:
    - name: demo-container
      image: k8s.gcr.io/busybox
      command: [ "/bin/sh", "-c", "env" ]
      envFrom:
      - secretRef:
          name: my-env-list # <---- here
  restartPolicy: Never

步骤4::运行广告连播，并检查 env 是否存在:

Step 4: Run the pod and check if the env exist or not:

$ kubectl apply -f pod.yaml 
pod/demo-pod created

$ kubectl logs -f demo-pod 
KUBERNETES_PORT=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT=443
HOSTNAME=demo-pod
SHLVL=1
HOME=/root
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
VAR1=value1  # <------------------------------------------------------here 
VAR2=something_else # <-----------------------------------------------here
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT_HTTPS=443
PWD=/
KUBERNETES_SERVICE_HOST=10.96.0.1

这篇关于从.env文件创建kubernetes env var秘密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！