configmap-secretlisted
Install: claude install-skill ryukyagamilight/terminal-skills
# ConfigMap 与 Secret
## 概述
配置管理、敏感信息处理等技能。
## ConfigMap
### 创建 ConfigMap
```bash
# 从字面值创建
kubectl create configmap my-config --from-literal=key1=value1 --from-literal=key2=value2
# 从文件创建
kubectl create configmap my-config --from-file=config.properties
kubectl create configmap my-config --from-file=my-key=config.properties
# 从目录创建
kubectl create configmap my-config --from-file=config-dir/
# 从环境文件创建
kubectl create configmap my-config --from-env-file=env.properties
```
### ConfigMap YAML
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: my-config
data:
# 简单键值对
database_url: "mysql://localhost:3306/mydb"
log_level: "info"
# 多行配置文件
nginx.conf: |
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
}
}
# JSON 配置
config.json: |
{
"debug": true,
"port": 8080
}
```
### 使用 ConfigMap
#### 环境变量方式
```yaml
spec:
containers:
- name: app
env:
# 单个键
- name: DATABASE_URL
valueFrom:
configMapKeyRef:
name: my-config
key: database_url
# 所有键
envFrom:
- configMapRef:
name: my-config
```
#### 挂载为文件
```yaml
spec:
containers:
- name: app
volumeMounts:
- name: config-volume
mountPath: /etc/config
volumes:
- name: config-volume
configMap:
name: my-config
# 可选:指定特定键
items:
- key: nginx.conf
path: nginx.conf
```
#### 挂载为单个文件(不覆盖目录)
```yaml