You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/en/client/java-sdk-user-guide.md
+15-15Lines changed: 15 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -421,11 +421,9 @@ The configuration methods, in descending order of priority, are
421
421
422
422
Starting from version 2.4.0, the availability of the client in the Kubernetes environment has been enhanced. After enabling the ConfigMap cache, the client will cache a copy of the configuration information fetched from the server in the ConfigMap. In the case of service unavailability, network issues, and loss of local cache files, the configuration can still be restored from the ConfigMap. Here are the relevant configurations:
423
423
424
-
> Since read and write operations on the ConfigMap are required, the pod where the client is located must have the corresponding permissions. The specific configuration method can be referred to below.
425
-
426
424
`apollo.cache.kubernetes.enable`:Whether to enable the ConfigMap cache mechanism, the default is false.
427
425
428
-
`apollo.configmap-namespace`:The namespace of the ConfigMap to be used (the namespace in Kubernetes), the default value is "default".
426
+
`apollo.cache.kubernetes.configmap-namespace`:The namespace of the ConfigMap to be used (the namespace in Kubernetes), the default value is "default".
429
427
430
428
The configuration information will be placed in the specified ConfigMap according to the following correspondence:
431
429
@@ -443,42 +441,44 @@ value: The content is the JSON format string of the corresponding configuration
443
441
>
444
442
> namespace is the configuration namespace used by the application, which is generally application
445
443
446
-
How to authorize a Pod's Service Account to have read and write permissions for ConfigMap:
444
+
> Since read and write operations on the ConfigMap are required, the pod where the client is located must have the corresponding permissions. The specific configuration method can be referred to below.
447
445
446
+
How to authorize a Pod's Service Account to have read and write permissions for ConfigMap:
448
447
449
448
1. Create a Service Account: If there is no Service Account, you need to create one.
450
-
```apiVersion: v1
449
+
```
450
+
apiVersion: v1
451
451
kind: ServiceAccount
452
452
metadata:
453
453
name: my-service-account
454
-
namespace: my-namespace
454
+
namespace: default
455
455
```
456
456
2. Create a Role or ClusterRole: Define a Role or ClusterRole to grant read and write permissions for a specific ConfigMap. If the ConfigMap is used across multiple Namespaces, a ClusterRole should be used.
3. Bind the Service Account to the Role or ClusterRole: Use RoleBinding or ClusterRoleBinding to bind the Service Account to the Role or ClusterRole created above.
469
469
```
470
470
apiVersion: rbac.authorization.k8s.io/v1
471
471
kind: RoleBinding
472
472
metadata:
473
-
name: configmap-reader-binding
474
-
namespace: my-namespace
473
+
name: configmap-reader-binding
474
+
namespace: dafault
475
475
subjects:
476
476
- kind: ServiceAccount
477
477
name: my-service-account
478
-
namespace: my-namespace
479
-
roleRef:
478
+
namespace: dafault
479
+
roleRef:
480
480
kind: Role
481
-
name: configmap-reader
481
+
name: configmap-role
482
482
apiGroup: rbac.authorization.k8s.io
483
483
```
484
484
4. Specify the Service Account in the Pod configuration: Ensure that the Pod's configuration uses the Service Account created above.
@@ -487,7 +487,7 @@ How to authorize a Pod's Service Account to have read and write permissions for
0 commit comments