无法将秘密卷挂载到kubernetes
我的清单如下:
1 apiVersion: v1 2 kind: Pod 3 metadata: 4 name: myapp 5 spec: 6 containers: 7 - name: myapp 8 image: "myapp" 9 ports: 10 - containerPort: 3000 11 command: ["bash"] 12 args: ["-c", "sleep 999999"] 13 imagePullSecrets: 14 - name: regsecret 15 volumeMount: 16 - name: "secret-volume" 17 mountPath: "/etc/udev" 18 readOnly: true 19 volumes: 20 - name: "secret-volume" 21 secret: 22 - name: "myappsecret" 它会产生以下错误:
error validating data: [found invalid field volumeMount for v1.PodSpec, field spec.volumes[0].secret: expected object of type map[string]interface{}, but the actual type is []interface {}];
为什么volumeMount无效? 看来这里有说明https://kubernetes.io/docs/resources-reference/v1.5/#volume-v1有这样的指令。
另外我真的不明白如何指定秘密作为一个安装。 尝试了几件事情,包括在这里的build议: https : //github.com/kubernetes/kubernetes/issues/4710
原来volumeMount需要在containers指令下面,而秘密卷结构的细微变化是必须的:
1 apiVersion: v1 2 kind: Pod 3 metadata: 4 name: myapp 5 spec: 6 containers: 7 - name: myapp 8 image: "myapp" 9 ports: 10 - containerPort: 3000 11 command: ["bash"] 12 args: ["-c", "sleep 999999"] 13 volumeMounts: 14 - name: "secret-volume" 15 mountPath: "/etc/secret-volume" 16 readOnly: true 17 imagePullSecrets: 18 - name: regsecret 19 volumes: 20 - name: "secret-volume" 21 secret: 22 secretName: "myappsecret"