Difference between revisions of "Kubernetes/ConfigMap and Secrets"
Jump to navigation
Jump to search
(Created page with "ConfigMap object allows to manage application's configuration using Kubernetes primitives. YAML below: {| class="wikitable" |+ ConfigMap |- ! As a environment ! Mounted volum...") |
|||
| Line 6: | Line 6: | ||
! As a environment | ! As a environment | ||
! Mounted volume | ! Mounted volume | ||
! Secrets mounted volume | |||
|- | |- | ||
| <source lang=yaml> | | <source lang=yaml> | ||
| Line 40: | Line 41: | ||
configMap: | configMap: | ||
name: kubeapp-config | name: kubeapp-config | ||
|<source lang=yaml> | </source> | ||
| <source lang=yaml> | |||
apiVersion: v1 | apiVersion: v1 | ||
kind: Pod | kind: Pod | ||
Revision as of 10:00, 23 July 2019
ConfigMap object allows to manage application's configuration using Kubernetes primitives. YAML below:
| As a environment | Mounted volume | Secrets mounted volume |
|---|---|---|
apiVersion: v1
kind: Pod
metadata:
name: configmap-kube
spec:
containers:
- name: nginx
image: nginx
command: ['sh', '-c', "echo $(VAR) && sleep 600"]
env:
- name: VAR
valueFrom:
configMapKeyRef:
name: kubeapp-config
key: value1
|
apiVersion: v1
kind: Pod
metadata:
name: configmap-volume-kube
spec:
containers:
- name: nginx
image: nginx
command: ['sh', '-c', "echo $(MY_VAR) && sleep 3600"]
volumeMounts:
- name: configmapvolume
mountPath: /etc/config
volumes:
- name: configmapvolume
configMap:
name: kubeapp-config
|
apiVersion: v1
kind: Pod
metadata:
name: kube-secret-volume-pod
spec:
containers:
- name: nginx
image: nginx
command: ['sh', '-c', "echo $(MY_VAR) && sleep 3600"]
volumeMounts:
- name: secretvolume
mountPath: /etc/certs
volumes:
- name: secretvolume
secret:
secretName: kube-secret
|
Deploy
kubectl apply -f configmap-pod.yaml kubectl logs configmap-pod #Get the logs from the pod displaying the value
Another way to provide values from a ConfigMap is to mount as a container's volume. The keys you can see within the container
kubectl exec configmaps-volume-kube -- ls /etc/config kubectl exec configmaps-volume-kube -- cat /etc/config/key1
The YAML for a secret:
apiVersion: v1 kind: Secret metadata: name: kube-secret stringData: cert: 1234abc key: ca.crt
Create secrets
kubectl apply -f secrets.yaml kubectl describe secrets appsecret Name: kube-secret Namespace: default Labels: <none> Annotations: Type: Opaque Data ==== cert: 5 bytes key: 5 bytes