在容器内获取元数据
更新时间:2024-09-25
在容器内获取元数据
当前仅支持在CCE集群中获取元数据
通过 Downward API 访问元数据
Kubernetes Downward API提供了以下两种方式:
- 环境变量(Environment variables)用于单个变量,可以将Pod信息直接注入容器内部。
- Volume挂载(Volume Files)可以将Pod信息生成为文件,直接挂载到容器内部。 目前BCI已经支持了Downward API的大部分常用字段,下文将为您介绍使用方式。
1.环境变量方式
您可以通过Downward API将Pod的名称、命名空间、IP等信息注入到容器的环境变量中。通过环境变量可以获得的值如下表所示。
参数 | 描述 |
---|---|
metadata.name | Pod名称 |
metadata.namespace | Pod命名空间 |
metadata.uid | Pod的UID |
metadata.labels[' |
Pod的标签值 |
metadata.annotations[' |
Pod的注解值 |
spec.serviceAccountName | Pod服务账号名称 |
spec.nodeName | 节点名称 |
status.podIP | 节点IP |
limits.cpu | 容器的 CPU 限制值 |
requests.cpu | 容器的 CPU 请求值 |
limits.memory | 容器的内存限制值 |
requests.memory | 容器的内存请求值 |
注意:
暂不支持的字段如下:
- status.hostIP
- resource: limits.ephemeral-storage
- resource: requests.ephemeral-storage
配置示例:
apiVersion: v1
kind: Pod
metadata:
annotations:
myannotation: "myannotation"
labels:
app: bci-test-vk
mylabel: "mylabel"
name: env-test
namespace: default
spec:
enableServiceLinks: false
nodeSelector:
type: virtual-kubelet
tolerations:
- effect: NoSchedule
key: virtual-kubelet.io/provider
operator: Equal
value: baidu
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
containers:
- image: hub.baidubce.com/cce/nginx-alpine-go
imagePullPolicy: IfNotPresent
name: c01
workingDir: /work
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 250m
memory: 512Mi
requests:
cpu: 250m
memory: 512Mi
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: MY_ENV
value: "test"
- name: METADATA_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: METADATA_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: METADATA_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
- name: METADATA_LABELS
valueFrom:
fieldRef:
fieldPath: metadata.labels['mylabel']
- name: METADATA_ANNOTATIONS_REGION
valueFrom:
fieldRef:
fieldPath: metadata.annotations['myannotation']
- name: MY_CPU_LIMIT
valueFrom:
resourceFieldRef:
containerName: c01
resource: limits.cpu
- name: MY_CPU_REQUEST
valueFrom:
resourceFieldRef:
containerName: c01
resource: requests.cpu
- name: MY_MEM_LIMIT
valueFrom:
resourceFieldRef:
containerName: c01
resource: limits.memory
- name: MY_MEM_REQUEST
valueFrom:
resourceFieldRef:
containerName: c01
resource: requests.memory
2.Volume挂载方式
您可以通过Downward API将Pod的Label、Annotation等信息通过Volume挂载到容器的某个文件中。通过Volume挂载可以获得的值如下表所示。
参数 | 描述 |
---|---|
metadata.name | Pod名称 |
metadata.namespace | Pod命名空间 |
metadata.uid | Pod的UID |
metadata.labels[' |
Pod的标签值 |
metadata.annotations[' |
Pod的注解值 |
metadata.labels | Pod的所有标签 |
metadata.annotations | Pod的所有注解 |
limits.cpu | 容器的 CPU 限制值 |
requests.cpu | 容器的 CPU 请求值 |
limits.memory | 容器的内存限制值 |
requests.memory | 容器的内存请求值 |
配置示例:
apiVersion: v1
kind: Pod
metadata:
annotations:
myannotation: "myannotation"
labels:
app: bci-test-vk
mylabel: "mylabel"
name: volume-test
namespace: default
spec:
nodeSelector:
type: virtual-kubelet
tolerations:
- effect: NoSchedule
key: virtual-kubelet.io/provider
operator: Equal
value: baidu
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
containers:
- image: hub.baidubce.com/cce/nginx-alpine-go
imagePullPolicy: IfNotPresent
name: c01
workingDir: /work
ports:
- containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 250m
memory: 512Mi
requests:
cpu: 250m
memory: 512Mi
volumeMounts:
- name: podinfo
mountPath: /etc/podinfo
volumes:
- name: podinfo
downwardAPI:
items:
- path: "metadata.name"
fieldRef:
fieldPath: metadata.name
- path: "metadata.namespace"
fieldRef:
fieldPath: metadata.namespace
- path: "metadata.uid"
fieldRef:
fieldPath: metadata.uid
- path: "mylabel"
fieldRef:
fieldPath: metadata.labels['mylabel']
- path: "myannotation"
fieldRef:
fieldPath: metadata.annotations['myannotation']
- path: "labels"
fieldRef:
fieldPath: metadata.labels
- path: "annotations"
fieldRef:
fieldPath: metadata.annotations
- path: "workload_cpu_limit"
resourceFieldRef:
containerName: c01
resource: limits.cpu
divisor: 1m
- path: "workload_cpu_request"
resourceFieldRef:
containerName: c01
resource: requests.cpu
divisor: 1m
- path: "workload_mem_limit"
resourceFieldRef:
containerName: c01
resource: limits.memory
divisor: 1Mi
- path: "workload_mem_request"
resourceFieldRef:
containerName: c01
resource: requests.memory
divisor: 1Mi