ETSI NFV-SOL CNF 更新,包含管理驱动¶
本文档描述了在 Tacker v2 API 中使用管理驱动更新 CNF 的方法。
注意
本文档的内容已确认使用以下 VNF 包有效。
概述¶
下图显示了 CNF 更新的概述。
请求更新 VNF
用户通过请求
update VNF作为修改 VNF 信息操作,向 tacker-server 请求更新 CNF。调用 Kubernetes API
收到 tacker-client 的请求后,tacker-server 会将其重定向到 tacker-conductor。在 tacker-conductor 中,请求会根据 VNF 包中的 VNFD 内容再次重定向到匹配的管理驱动程序(在本例中为容器更新的管理驱动程序)。然后,管理驱动程序调用 Kubernetes API。
更新资源
Kubernetes Master 根据 API 调用更新资源。
管理驱动程序介绍¶
管理驱动程序使用户能够在 VNF 生命周期管理操作之前和/或之后配置其 VNF。用户可以通过实现自己的管理驱动程序来自定义管理驱动程序的逻辑,这些自定义由 NFV-SOL001 v2.6.1 中的“接口”定义指定。
本用户指南中的管理驱动程序支持使用 modify_information_start 和 modify_information_end 操作更新 CNF。
用例¶
在本用户指南中,提供的示例 VNF 包将被实例化然后更新。示例管理驱动程序将在更新期间在 Kubernetes 上更新资源。更新 ConfigMap 和 Secret,并更新 Pod、Deployment、DaemonSet 和 ReplicaSet 中的镜像,其他资源将不会更改。
先决条件¶
应安装以下软件包
tacker
python-tackerclient
您需要将管理驱动程序文件放在 VNF 包的 Scripts 目录中。
注意
您可以在以下路径找到示例管理驱动程序文件:tacker/sol_refactored/mgmt_drivers/container_update_mgmt_v2.py
您还可以参考 ETSI NFV-SOL CNF(容器化 VNF)部署,了解从“准备 Kubernetes VIM”到“实例化 VNF”的准备过程。
如何实例化用于更新的 VNF¶
您可以使用以下示例 VNF 包来实例化要更新的 VNF。 在本文档中,TACKER_ROOT 是服务器上 tacker 仓库的根目录。
$ cd TACKER_ROOT/samples/tests/functional/sol_kubernetes_v2/test_cnf_container_update_before
$ vi pkggen.py
...
vim_id = "your k8s vim's id" (modify this value to your own vim Id)
...
$ python3 pkggen.py
$ ll
...
drwxr-xr-x 5 stack stack 4096 Nov 5 23:46 contents/
-rw-r--r-- 1 stack stack 1922 Nov 5 23:46 pkggen.py
-rw-rw-r-- 1 stack stack 25823 Nov 20 04:30 test_cnf_container_update_before.zip
...
注意
此工具需要一些 Tacker 模块,因此需要在安装了 Tacker 的环境中运行它,例如使用 devstack 的 python 虚拟环境。如果已在 python 虚拟环境中安装了 Tacker,请在使用该工具之前激活它,如下所示。
$ source /opt/stack/data/venv/bin/activate
(venv) $ python3 pkggen.py
完成上述操作后,您将获得示例 VNF 包 test_cnf_container_update_before.zip。
注意
如果存在与正在生成的 zip 文件同名的文件,该工具将失败。 再次运行该工具以生成 zip 文件时,请删除或重命名旧的 zip 文件。
使用 openstack vnf package create 创建 VNF 包后,当 Onboarding State 为 CREATED,Operational State 为 DISABLED,Usage State 为 NOT_IN_USE 时,表示创建成功。
$ openstack vnf package create
+-------------------+-------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+-------------------------------------------------------------------------------------------------+
| ID | 67e8b34a-d303-4ec1-acb0-e6a3bf6aae12 |
| Links | { |
| | "self": { |
| | "href": "/vnfpkgm/v1/vnf_packages/67e8b34a-d303-4ec1-acb0-e6a3bf6aae12" |
| | }, |
| | "packageContent": { |
| | "href": "/vnfpkgm/v1/vnf_packages/67e8b34a-d303-4ec1-acb0-e6a3bf6aae12/package_content" |
| | } |
| | } |
| Onboarding State | CREATED |
| Operational State | DISABLED |
| Usage State | NOT_IN_USE |
| User Defined Data | {} |
+-------------------+-------------------------------------------------------------------------------------------------+
通过运行以下命令将 CSAR zip 文件上传到 VNF 包:openstack vnf package upload --path <vnf 包路径> <vnf 包 ID>。
以下是上传 VNF 包的示例
$ openstack vnf package upload --path test_cnf_container_update_before.zip 67e8b34a-d303-4ec1-acb0-e6a3bf6aae12
Upload request for VNF package 67e8b34a-d303-4ec1-acb0-e6a3bf6aae12 has been accepted.
通过运行 openstack vnflcm create <VNFD ID> --os-tacker-api-version 2 创建 VNF 实例。
注意
可以通过 openstack vnf package show <vnf 包 ID> 命令找到 VNFD ID。
以下是创建 VNF 的示例
$ openstack vnflcm create 97018ca2-bf29-4715-9e2b-6e432dd1f414
+-----------------------------+------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------------+------------------------------------------------------------------------------------------------------------------+
| ID | dec67077-b67c-46ff-b5bf-3b8d34b4ed79 |
| Instantiation State | NOT_INSTANTIATED |
| Links | { |
| | "self": { |
| | "href": "http://127.0.0.1:9890/vnflcm/v2/vnf_instances/dec67077-b67c-46ff-b5bf-3b8d34b4ed79" |
| | }, |
| | "instantiate": { |
| | "href": "http://127.0.0.1:9890/vnflcm/v2/vnf_instances/dec67077-b67c-46ff-b5bf-3b8d34b4ed79/instantiate" |
| | } |
| | } |
| VNF Configurable Properties | |
| VNF Instance Description | |
| VNF Instance Name | |
| VNF Product Name | Sample VNF |
| VNF Provider | Company |
| VNF Software Version | 1.0 |
| VNFD ID | 97018ca2-bf29-4715-9e2b-6e432dd1f414 |
| VNFD Version | 1.0 |
+-----------------------------+------------------------------------------------------------------------------------------------------------------+
以下示例显示了部署 Kubernetes 资源的 yaml 文件。 您可以看到资源定义文件作为 additionalParams 中的 lcm-kubernetes-def-files 的值包含在内。
$ cat ./instance_kubernetes.json
{
"flavourId": "simple",
"vimConnectionInfo": {
"vim1": {
"vimId": "b7e657dc-8f16-4c1c-8fa4-a7c298d6a827",
"vimType": "ETSINFV.KUBERNETES.V_1"
}
},
"additionalParams": {
"lcm-kubernetes-def-files": [
"Files/kubernetes/configmap_1.yaml",
"Files/kubernetes/deployment.yaml",
"Files/kubernetes/pod_env.yaml",
"Files/kubernetes/pod_volume.yaml",
"Files/kubernetes/replicaset.yaml",
"Files/kubernetes/secret_1.yaml",
"Files/kubernetes/configmap_3.yaml",
"Files/kubernetes/pod_env_2.yaml",
"Files/kubernetes/pod_volume_2.yaml",
"Files/kubernetes/daemonset.yaml",
"Files/kubernetes/deployment_2.yaml",
"Files/kubernetes/secret_3.yaml"
]
}
}
在执行上述命令后,通过运行以下命令实例化 VNF:openstack vnflcm instantiate <VNF 实例 ID> <json 文件> --os-tacker-api-version 2。
$ openstack vnflcm instantiate VNF_INSTANCE_ID instance_kubernetes.json --os-tacker-api-version 2
Instantiate request for VNF Instance dec67077-b67c-46ff-b5bf-3b8d34b4ed79 has been accepted.
CNF 更新过程¶
如 先决条件 中所述,在执行更新之前必须实例化 VNF。
接下来,用户可以使用原始 vnf 包作为模板创建一个新的 vnf 包,其中可以更改 ConfigMap、Secret、Pod、Deployment、DaemonSet 和 ReplicaSet 的 yaml 文件。
注意
可以更改 ConfigMap 和 Secret 的 yaml 文件。 种类、命名空间和名称不能更改,但文件名和文件路径可以更改。
也可以更改 Pod、Deployment、DaemonSet 和 ReplicaSet 的 yaml 文件,但只能更改镜像字段,不能更改其他字段。
不允许更改其他 yaml 文件。
如果在 Pod、Deployment、DaemonSet 和 ReplicaSet 的 yaml 文件中进行了除镜像以外的其他更改,则这些更改将不会生效。 但是,如果此时修复整个 VNF,则资源将在实例化期间基于新的 yaml,并且所有更改将生效。
然后,在创建和上传新的 vnf 包后,您可以执行更新操作。 更新后,管理驱动程序将重新启动 pod 以更新和重新创建 deployment、DaemonSet 和 ReplicaSet 以进行更新。
注意
本文档提供了新的 vnf 包,路径为 samples/tests/functional/sol_kubernetes_v2/test_cnf_container_update_after
CLI 命令的详细信息在 v2 Tacker 的 VNF 生命周期管理 中描述。
如何更新 CNF¶
执行更新 CLI 命令并检查更新前后资源的狀態。
这是为了确认在更新 CNF 后,Kubernetes 中部署的资源已更新。 以下是整个过程的示例。 更新前的资源信息
ConfigMap
$ kubectl get configmaps NAME DATA AGE cm-data 1 70s cm-data3 1 70s kube-root-ca.crt 1 14d $ kubectl describe configmaps cm-data Name: cm-data Namespace: default Labels: <none> Annotations: <none> Data ==== cmKey1.txt: ---- configmap data foo bar BinaryData ==== Events: <none> $ kubectl describe configmaps cm-data3 Name: cm-data3 Namespace: default Labels: <none> Annotations: <none> Data ==== cmKey1.txt: ---- configmap data foo bar BinaryData ==== Events: <none>
Secret
$ kubectl get secrets NAME TYPE DATA AGE default-token-k8svim kubernetes.io/service-account-token 3 33m secret-data Opaque 2 2m53s secret-data3 Opaque 2 2m53s $ kubectl describe secrets secret-data Name: secret-data Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password: 15 bytes secKey1.txt: 15 bytes $ kubectl describe secrets secret-data3 Name: secret-data3 Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password: 15 bytes secKey1.txt: 15 bytes
Pod
$ kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES daemonset-vdu5-jgjq9 1/1 Running 0 6m38s 10.0.0.107 vagrant <none> <none> deployment2-vdu6-86579d6868-6mbsl 1/1 Running 0 6m38s 10.0.0.79 vagrant <none> <none> env-test 1/1 Running 0 6m38s 10.0.0.108 vagrant <none> <none> env-test2 1/1 Running 0 6m38s 10.0.0.97 vagrant <none> <none> vdu1-update-6fcf66b5dd-nngts 1/1 Running 0 6m38s 10.0.0.116 vagrant <none> <none> vdu2-update-2wvxj 1/1 Running 0 6m38s 10.0.0.91 vagrant <none> <none> volume-test 1/1 Running 0 6m38s 10.0.0.74 vagrant <none> <none> volume-test2 1/1 Running 0 6m38s 10.0.0.98 vagrant <none> <none> $ kubectl describe pod volume-test Name: volume-test Namespace: default ... Containers: nginx: Container ID: cri-o://f08eaee4d9fb0cdaaf9803fb97891ff61507239af1c6317464300bcc5d1f9f08 Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Volumes: cm-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: cm-data Optional: false sec-volume: Type: Secret (a volume populated by a Secret) SecretName: secret-data Optional: false ... $ kubectl describe pod volume-test2 Name: volume-test2 Namespace: default ... Containers: nginx: Container ID: cri-o://6255e5c8d0af561789919c5aa07ac90ea691b4d0a91b5f88b9c00592295e9c9b Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Volumes: cm-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: cm-data3 Optional: false sec-volume: Type: Secret (a volume populated by a Secret) SecretName: secret-data3 Optional: false ...
部署
$ kubectl get deployments.apps -o wide NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR deployment2-vdu6 1/1 1 1 20m nginx nginx app=webserver vdu1-update 1/1 1 1 20m nginx nginx app=webserver $ kubectl describe pod deployment2-vdu6-86579d6868-6mbsl Name: deployment2-vdu6-86579d6868-6mbsl Namespace: default ... Containers: nginx: Container ID: cri-o://eece8b07f2b66760bdc57e7a3fbc073938d73b37e62401d394d058e4273cdd90 Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Environment Variables from: cm-data3 ConfigMap with prefix 'CM_' Optional: false secret-data3 Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data3'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data3'> Optional: false ... $ kubectl describe pod vdu1-update-6fcf66b5dd-nngts Name: vdu1-update-6fcf66b5dd-nngts Namespace: default ... Containers: nginx: Container ID: cri-o://55db77c8612cbddc6041431a9fd1c065cd5251253b07e86288107043e84d9dab Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Environment Variables from: cm-data ConfigMap with prefix 'CM_' Optional: false secret-data Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data'> Optional: false ...
DaemonSet
$ kubectl get daemonset -o wide NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR daemonset-vdu5 1 1 1 1 1 <none> 27m nginx nginx app=nginx $ kubectl describe pod daemonset-vdu5-jgjq9 Name: daemonset-vdu5-jgjq9 Namespace: default ... Containers: nginx: Container ID: cri-o://0d99ecf321d715aded2ec2834f2fecc57dbb7c6eb8e7f710f193df5a0844d846 Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Environment Variables from: cm-data ConfigMap with prefix 'CM_' Optional: false secret-data Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data'> Optional: false ...
ReplicaSet
$ kubectl get replicaset -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR deployment2-vdu6-86579d6868 1 1 1 32m nginx nginx app=webserver,pod-template-hash=86579d6868 vdu1-update-6fcf66b5dd 1 1 1 32m nginx nginx app=webserver,pod-template-hash=6fcf66b5dd vdu2-update 1 1 1 32m nginx nginx app=webserver $ kubectl describe pod vdu2-update-2wvxj Name: vdu2-update-2wvxj Namespace: default ... Containers: nginx: Container ID: cri-o://8e24081e5e325302f1e4403bf76756b90f848a9c712e53d99f547ba6265d7ed6 Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Volumes: cm-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: cm-data Optional: false sec-volume: Type: Secret (a volume populated by a Secret) SecretName: secret-data Optional: false ...
可以通过以下 CLI 命令执行 CNF 更新。
$ openstack vnflcm update VNF_INSTANCE_ID --I sample_param_file.json \
--os-tacker-api-version 2
本文档中 sample_param_file.json 的内容如下
{
"vnfdId": "58bcc1c6-1400-46ec-b7fb-e508bf7e00e9",
"vnfInstanceName": "modify_vnf_after",
"metadata": {
"configmap_secret_paths": [
"Files/kubernetes/configmap_2.yaml",
"Files/kubernetes/secret_2.yaml"
]
}
}
注意
如果要更新 ConfigMap 和 Secret,不仅需要更新它们的 yaml,还需要在请求输入参数的 metadata 字段中指定更新的 yaml 文件路径。
以下是更新 CNF 的示例
$ openstack vnflcm update dec67077-b67c-46ff-b5bf-3b8d34b4ed79 --I sample_param_file.json
Update vnf:dec67077-b67c-46ff-b5bf-3b8d34b4ed79
更新后的资源信息
ConfigMap
$ kubectl describe configmaps cm-data Name: cm-data Namespace: default Labels: <none> Annotations: <none> Data ==== cmKey1.txt: ---- configmap2 data2 foo2 bar2 BinaryData ==== Events: <none> $ kubectl describe configmaps cm-data3 Name: cm-data3 Namespace: default Labels: <none> Annotations: <none> Data ==== cmKey1.txt: ---- configmap data foo bar BinaryData ==== Events: <none>
Secret
$ kubectl describe secrets secret-data Name: secret-data Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password: 16 bytes secKey1.txt: 18 bytes $ kubectl describe secret secret-data3 Name: secret-data3 Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== secKey1.txt: 15 bytes password: 15 bytes
Pod
$ kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES daemonset-vdu5-whd4s 1/1 Running 0 9m49s 10.0.0.76 vagrant <none> <none> deployment2-vdu6-86579d6868-6mbsl 1/1 Running 0 104m 10.0.0.79 vagrant <none> <none> env-test 1/1 Running 1 (9m52s ago) 104m 10.0.0.108 vagrant <none> <none> env-test2 1/1 Running 0 104m 10.0.0.97 vagrant <none> <none> vdu1-update-5d87858fc6-tfgts 1/1 Running 0 9m52s 10.0.0.71 vagrant <none> <none> vdu2-update-tk7qp 1/1 Running 0 9m52s 10.0.0.91 vagrant <none> <none> volume-test 1/1 Running 1 (9m52s ago) 104m 10.0.0.74 vagrant <none> <none> volume-test2 1/1 Running 0 104m 10.0.0.98 vagrant <none> <none> $ kubectl describe pod env-test Name: env-test Namespace: default ... Containers: nginx: Container ID: cri-o://143924c0a3869402db7e07950cf66c6360a4298a8b575e9ea3c35cf77d48854d Image: tomcat Image ID: docker.io/library/tomcat@sha256:857b168692495ee6ff0d6ee89b5b479555c74401bc3c219c88644b9181f03dd5 ... Environment Variables from: cm-data ConfigMap with prefix 'CM_' Optional: false secret-data Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data'> Optional: false ... $ kubectl describe pod env-test2 Name: env-test2 Namespace: default ... Containers: nginx: Container ID: cri-o://1ebf1f8fccfd821f55a0918657735758173ea83037edd84bf651e660afd16f82 Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Environment Variables from: cm-data3 ConfigMap with prefix 'CM_' Optional: false secret-data3 Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data3'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data3'> Optional: false ... $ kubectl describe pod volume-test Name: volume-test Namespace: default ... Containers: nginx: Container ID: cri-o://e46b41347ddc29dbd7afee3dda324a1ac26383ab1f805635dd64895328bbe5a1 Image: cirros Image ID: docker.io/library/cirros@sha256:a40a2b0a21536db691c8e7e055dbb92c81ad15392048abbde32fc5698e07f831 ... Volumes: cm-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: cm-data Optional: false sec-volume: Type: Secret (a volume populated by a Secret) SecretName: secret-data Optional: false ... $ kubectl describe pod volume-test2 Name: volume-test2 Namespace: default ... Containers: nginx: Container ID: cri-o://6255e5c8d0af561789919c5aa07ac90ea691b4d0a91b5f88b9c00592295e9c9b Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Volumes: cm-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: cm-data3 Optional: false sec-volume: Type: Secret (a volume populated by a Secret) SecretName: secret-data3 Optional: false ...
部署
$ kubectl get deployments -o wide NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR deployment2-vdu6 1/1 1 1 114m nginx nginx app=webserver vdu1-update 1/1 1 1 114m nginx cirros app=webserver $ kubectl describe pod deployment2-vdu6-86579d6868-6mbsl Name: deployment2-vdu6-86579d6868-6mbsl Namespace: default ... Containers: nginx: Container ID: cri-o://eece8b07f2b66760bdc57e7a3fbc073938d73b37e62401d394d058e4273cdd90 Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Environment Variables from: cm-data3 ConfigMap with prefix 'CM_' Optional: false secret-data3 Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data3'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data3'> Optional: false Optional: false ... $ kubectl describe pod vdu1-update-5d87858fc6-tfgts Name: vdu1-update-5d87858fc6-tfgts Namespace: default ... Containers: nginx: Container ID: cri-o://12e4ada36be199c46971f4e41c4afc82d7cedd77c5120a8a0b751a43a884a307 Image: cirros Image ID: docker.io/library/cirros@sha256:a40a2b0a21536db691c8e7e055dbb92c81ad15392048abbde32fc5698e07f831 ... Environment Variables from: cm-data ConfigMap with prefix 'CM_' Optional: false secret-data Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data'> Optional: false ...
DaemonSet
$ kubectl get daemonset -o wide NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR daemonset-vdu5 1 1 1 1 1 <none> 126m nginx cirros app=nginx $ kubectl describe pod daemonset-vdu5-whd4s Name: daemonset-vdu5-whd4s Namespace: default ... Containers: nginx: Container ID: cri-o://f291342b342ad106410b99212f4e934730dbdf94cc2d2daf767efd7cb7305d68 Image: cirros Image ID: docker.io/library/cirros@sha256:a40a2b0a21536db691c8e7e055dbb92c81ad15392048abbde32fc5698e07f831 ... Environment Variables from: cm-data ConfigMap with prefix 'CM_' Optional: false secret-data Secret with prefix 'SEC_' Optional: false Environment: CMENV: <set to the key 'cmKey1.txt' of config map 'cm-data'> Optional: false SECENV: <set to the key 'password' in secret 'secret-data'> Optional: false ...
ReplicaSet
$ kubectl get replicaset.apps -o wide NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR deployment2-vdu6-86579d6868 1 1 1 131m nginx nginx app=webserver,pod-template-hash=86579d6868 vdu1-update-5d87858fc6 1 1 1 37m nginx cirros app=webserver,pod-template-hash=5d87858fc6 vdu1-update-6fcf66b5dd 0 0 0 131m nginx nginx app=webserver,pod-template-hash=6fcf66b5dd vdu2-update 1 1 1 131m nginx nginx app=webserver $ kubectl describe pod vdu2-update-tk7qp Name: vdu2-update-tk7qp Namespace: default ... Containers: nginx: Container ID: cri-o://05f13a7b7d171e2d68bcbceefbce0537b851bd0f0f7de60fba0d9500349d6f4d Image: nginx Image ID: docker.io/library/nginx@sha256:86e53c4c16a6a276b204b0fd3a8143d86547c967dc8258b3d47c3a21bb68d3c6 ... Volumes: cm-volume: Type: ConfigMap (a volume populated by a ConfigMap) Name: cm-data Optional: false sec-volume: Type: Secret (a volume populated by a Secret) SecretName: secret-data Optional: false ...
可以看到,只有 ConfigMap/Secret 或镜像已更新的 Pod 会被重新启动。 对于 ConfigMap/Secret 或镜像已更新的 Deployment、DaemonSet 和 ReplicaSet,它们的 pod 将被删除并重新创建。
