以下内容均来自个人笔记并重新梳理,如有错误欢迎指正!如果对您有帮助,烦请点赞、关注、转发!欢迎扫码关注个人公众号!
目录
一、基本介绍
Reloader 是一个用于 Kubernetes 的工具,能够监听 Kubernetes 中 ConfigMap 和 Secret 的变化,并通过自动触发 Deployment、StatefulSet、Daemonset 等对象重启,实现应用程序配置的热更新(重新加载)。
二、工作原理
- 监听配置:Reloader 会监听指定 ConfigMap 或 Secret 的配置文件
- 触发事件:当检测到配置文件内容发生变化时,Reloader 会触发一个事件
- 重新加载:Reloader 向控制器发送信号,请求重启 Deployment、StatefulSet、Daemonset 等对象
三、部署方法
1、资源清单
bash
# reloader.yaml
## 定义 RBAC 对象
apiVersion: v1
kind: ServiceAccount
metadata:
name: reloader
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: reloader-role
rules:
- apiGroups:
- ""
resources:
- secrets
- configmaps
verbs:
- list
- get
- watch
- apiGroups:
- "apps"
resources:
- deployments
- daemonsets
- statefulsets
verbs:
- list
- get
- update
- patch
- apiGroups:
- "extensions"
resources:
- deployments
- daemonsets
verbs:
- list
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: reloader-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: reloader-role
subjects:
- kind: ServiceAccount
name: reloader
## 定义 Deployment 对象
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: reloader
spec:
replicas: 1
revisionHistoryLimit: 10
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
selector:
matchLabels:
app: reloader
template:
metadata:
labels:
app: reloader
spec:
containers:
- name: reloader
image: stakater/reloader:v1.0.12
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 9090
env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
startupProbe:
httpGet:
path: /metrics
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 10
readinessProbe:
httpGet:
path: /metrics
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
livenessProbe:
httpGet:
path: /live
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 20m
memory: 20Mi
restartPolicy: Always
securityContext:
runAsNonRoot: true
runAsUser: 65534
serviceAccountName: reloader2、部署命令
bash
kubectl apply -f reloader.yaml四、使用方法
在 Deployment、StatefulSet、DaemonSet 等对象的资源清单中,添加相应的 Annotation 注解即可,示例如下:
bash
apiVersion: apps/v1
kind: Deployment
metadata:
nanme: demo-deployment
annotations:
reloader.stakater.com/auto: "true"
...
🔔 reloader.stakater.com/auto: "true":对所有 ConfigMap 和 Secret 对象生效
🔔 configmap.reloader.stakater.com/reload: "demo1,demo2,...":对指定的 ConfigMap 对象生效
🔔 secret.reloader.stakater.com/reload: "demo1,demo2,...":对指定的 Secret 对象生效