Difference between revisions of "Kubernetes/ConfigMap and Secrets"

From Ever changing code
Jump to navigation Jump to search
Line 36: Line 36:
     volumeMounts:
     volumeMounts:
       - name: configmapvolume
       - name: configmapvolume
         mountPath: /etc/config
         mountPath: /etc/config # this will be a directory
   volumes:
   volumes:
     - name: configmapvolume
     - name: configmapvolume
       configMap:
       configMap:               # key will be a file name
         name: kubeapp-config
         name: kubeapp-config   # with value in content
</source>
</source>
| <source lang=yaml>
| <source lang=yaml>

Revision as of 23:25, 19 October 2019

ConfigMap object allows to manage application's configuration using Kubernetes primitives. YAML below:

ConfigMap
As a environment Mounted volume Secrets mounted volume 
apiVersion: v1
kind: Pod
metadata: 
  name: configmap-kube
spec:
  containers:
  - name: nginx
    image: nginx
    command: ['sh', '-c', "echo $(VAR) && sleep 600"]
    env:
    - name: VAR
      valueFrom:
        configMapKeyRef:
          name: kubeapp-config
          key: value1
 
apiVersion: v1
kind: Pod
metadata:
  name: configmap-volume-kube
spec:
  containers:
  - name: nginx
    image: nginx
    command: ['sh', '-c', "echo $(MY_VAR) && sleep 3600"]
    volumeMounts:
      - name: configmapvolume
        mountPath: /etc/config # this will be a directory
  volumes:
    - name: configmapvolume
      configMap:               # key will be a file name
        name: kubeapp-config   # with value in content
 
apiVersion: v1
kind: Pod
metadata:
  name: kube-secret-volume-pod
spec:
  containers:
  - name: nginx
    image: nginx
    command: ['sh', '-c', "echo $(MY_VAR) && sleep 3600"]
    volumeMounts:
      - name: secretvolume
        mountPath: /etc/certs
  volumes:
    - name: secretvolume
      secret:
        secretName: kube-secret


Deploy 

kubectl apply -f configmap-pod.yaml
kubectl logs configmap-pod         #Get the logs from the pod displaying the value

Another way to provide values from a ConfigMap is to mount as a container's volume. The keys you can see within the container 

kubectl exec configmaps-volume-kube -- ls  /etc/config
kubectl exec configmaps-volume-kube -- cat /etc/config/key1


The YAML for a secret: 

apiVersion: v1
kind: Secret
metadata:
  name: kube-secret
stringData:
  cert: 1234abc
  key: ca.crt


Create secrets 

kubectl apply -f secrets.yaml
kubectl describe secrets appsecret 
Name:         kube-secret
Namespace:    default
Labels:       <none>
Annotations:  
Type:         Opaque

Data
====
cert:  5 bytes
key:   5 bytes

References

Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=Kubernetes/ConfigMap_and_Secrets&oldid=4788