Kubernetes/ConfigMap and Secrets
Jump to navigation
Jump to search
ConfigMap object allows to manage application's configuration using Kubernetes primitives. YAML below:
kubectl create configmap my-config-map --namespace=web -oyaml --dry-run > config-map.yml
apiVersion: v1 kind: ConfigMap metadata: creationTimestamp: null name: my-config-map namespace: web data: # added when editing myKey: myValue1 anotherKey: myValue2
| As a environment | Mounted volume | Secrets mounted volume |
|---|---|---|
apiVersion: v1
kind: Pod
metadata:
name: configmap-kube
spec:
containers:
- name: nginx
image: nginx
command: ['sh', '-c', "echo $(VAR) && sleep 600"]
env:
- name: VAR
valueFrom:
configMapKeyRef:
name: kubeapp-config
key: value1
|
apiVersion: v1
kind: Pod
metadata:
name: configmap-volume-kube
spec:
containers:
- name: nginx
image: nginx
command: ['sh', '-c', "echo $(MY_VAR) && sleep 3600"]
volumeMounts:
- name: configmapvolume
mountPath: /etc/config # this will be a directory
volumes:
- name: configmapvolume
configMap: # key will be a file name
name: kubeapp-config # with value in content
|
apiVersion: v1
kind: Pod
metadata:
name: kube-secret-volume-pod
spec:
containers:
- name: nginx
image: nginx
command: ['sh', '-c', "echo $(MY_VAR) && sleep 3600"]
volumeMounts:
- name: secretvolume
mountPath: /etc/certs
volumes:
- name: secretvolume
secret:
secretName: kube-secret
|
Deploy
kubectl apply -f configmap-pod.yaml kubectl logs configmap-pod #Get the logs from the pod displaying the value
Another way to provide values from a ConfigMap is to mount as a container's volume. The keys you can see within the container
kubectl exec configmaps-volume-kube -- ls /etc/config kubectl exec configmaps-volume-kube -- cat /etc/config/key1
The YAML for a secret:
apiVersion: v1 kind: Secret metadata: name: kube-secret stringData: cert: 1234abc key: ca.crt
Create secrets
kubectl apply -f secrets.yaml kubectl describe secrets appsecret Name: kube-secret Namespace: default Labels: <none> Annotations: Type: Opaque Data ==== cert: 5 bytes key: 5 bytes