Kubernetes Kustomize:替换修补程序文件中的变量
给定以下kustomize修补程序:Kubernetes Kustomize:替换修补程序文件中的变量,kubernetes,kustomize,Kubernetes,Kustomize,给定以下kustomize修补程序: apiVersion: apps/v1 kind: Deployment metadata: name: flux spec: template: spec: containers: - name: some-name args: - --some-key=some-value ... - --git-url=https:/
apiVersion: apps/v1
kind: Deployment
metadata:
name: flux
spec:
template:
spec:
containers:
- name: some-name
args:
- --some-key=some-value
...
- --git-url=https://user:${PASSWORD}@domain.de
kubectl apply-k${PASSWORD}<> P>我到目前为止唯一的解决方案是用<代码> SED替换<代码> ${Cudio} /Case>,但是我更喜欢KuStUCURE解决方案。
AS @乔纳斯已经建议你应该考虑使用<代码>机密< /代码>。这篇文章描述得很好
我想使用kubectl apply-k并以某种方式为传递一个值 ${PASSWORD},我可以从生成脚本中设置它 我想您的脚本可以将生成的密码存储为变量或保存到某个文件中。您可以按如下方式轻松创建机密$ kustomize edit add secret sl-demo-app --from-literal=db-password=$PASSWORD
$ kustomize edit add secret sl-demo-app --from-file=file/path
kustomization.yamlSecretGeneratorapiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
bases:
- ../../base
patchesStrategicMerge:
- custom-env.yaml
- replica-and-rollout-strategy.yaml
secretGenerator:
- literals:
- db-password=12345
name: sl-demo-app
type: Opaque
apiVersion: v1
data:
db-password: MTIzNDU=
kind: Secret
metadata:
name: sl-demo-app-6ft88t2625
type: Opaque
...
apiVersion: apps/v1
kind: Deployment
metadata:
name: sl-demo-app
spec:
template:
spec:
containers:
- name: app
env:
- name: "DB_PASSWORD"
valueFrom:
secretKeyRef:
name: sl-demo-app
key: db.password
部署apiVersion: apps/v1
kind: Deployment
metadata:
name: flux
spec:
template:
spec:
containers:
- name: some-name
env:
- name: "PASSWORD"
valueFrom:
secretKeyRef:
name: git-secret
key: git.password
args:
- --some-key=some-value
...
- --git-url=https://user:${PASSWORD}@domain.de
您应该尝试使用
密码