标签：name consul agent pem client key

1. 创建configMap

   -rwxrwxr-x 1 kube kube  713 Aug  1 22:10 agent.json
   -rwxrwxr-x 1 root root 1679 Aug  1 18:09 client-key.pem
   -rwxrwxr-x 1 root root 1086 Aug  1 18:02 client.pem
   -rwxrwxr-x 1 root root  688 Aug  1 18:02 consul-ca.pem
   
   [kube@VM-88-9-centos ~]$ kubectl create cm consul --from-file=a/
   configmap/consul created

2. 创建DeamonSet

   apiVersion: apps/v1
   kind: DaemonSet
   metadata:
     name: consul-agent
     namespace: default
     labels:
       consul: consul-agent
   spec:
     selector:
       matchLabels:
         consul: consul-agent
     template:
       metadata:
         labels:
           consul: consul-agent
       spec:
         tolerations:
         # this toleration is to have the daemonset runnable on master nodes
         # remove it if your masters can't run pods
         - operator: Exists
           #effect: NoExecute
         affinity:
           nodeAffinity:
             requiredDuringSchedulingIgnoredDuringExecution:
               nodeSelectorTerms:
                 - matchExpressions:
                     - key: consul
                       operator: In
                       values:
                         - consul-agent
         containers:
         - name: consul-agent
           image: harbor.ximalaya.local/base/consul:1.4.0
           command:
             - /bin/consul
           args:
             - agent
             - -bind=$(CONSUL_BIND_ADDRESS)
             - -client=0.0.0.0
             - -config-dir=/consul/config/conf
           resources:
             limits:
               cpu: 1
               memory: 1024Mi
             requests:
               cpu: 100m
               memory: 200Mi
           env:
             - name: CONSUL_BIND_ADDRESS
               valueFrom:
                 fieldRef:
                   apiVersion: v1
                   fieldPath: status.hostIP 
           volumeMounts:
           - name: consul-config
             mountPath: /consul/config/conf
           #- name: client-pem
           #  mountPath: /consul/config/client.pem
           #- name: client-key-pem
           #  mountPath: /consul/config/client-key.pem
           #- name: consul-ca-pem
           #  mountPath: /consul/config/consul-ca.pem
           #  readOnly: true
         terminationGracePeriodSeconds: 30
         hostNetwork: true
         securityContext:
           #runAsUser: 100
           #runAsGroup: 1000
           #runAsNonRoot: false
           #fsGroup: 1000
         volumes:
         - name: consul-config
           configMap:
             name: consul
             items:
             - key: agent.json
               path: agent.json
             - key: client.pem
               path: client.pem
             - key: client-key.pem
               path: client-key.pem
             - key: consul-ca.pem
               path: consul-ca.pem

    

搜索

复制

标签：name,consul,agent,pem,client,key
来源： https://www.cnblogs.com/apink/p/16542168.html

本站声明： 1. iCode9 技术分享网（下文简称本站）提供的所有内容，仅供技术学习、探讨和分享；
2. 关于本站的所有留言、评论、转载及引用，纯属内容发起人的个人观点，与本站观点和立场无关；
3. 关于本站的所有言论和文字，纯属内容发起人的个人观点，与本站观点和立场无关；
4. 本站文章均是网友提供，不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属；如您发现该文章侵犯了您的权益，可联系我们第一时间进行删除；
5. 本站为非盈利性的个人网站，所有内容不会用来进行牟利，也不会利用任何形式的广告来间接获益，纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。