DEV Community

Cover image for ConfigMaps and Secrets in Kubernetes
Jensen Jose
Jensen Jose

Posted on

ConfigMaps and Secrets in Kubernetes

Hello everyone, welcome back to my blog series CK 2024! Today we’ll be diving into the concepts of ConfigMaps and Secrets in Kubernetes. Although we touched on these topics briefly in earlier posts, I realized we haven’t given them the full attention they deserve. So, let's rectify that today with an in-depth look and a hands-on demo.

Understanding ConfigMaps and Secrets

In Kubernetes, ConfigMaps and Secrets allow you to decouple configuration artifacts from image content to keep your containerized applications portable. ConfigMaps are used to store non-confidential data in key-value pairs, while Secrets are intended for confidential data such as passwords, OAuth tokens, and SSH keys.

Why Use ConfigMaps?

In one of our earlier discussions (Day 11), we saw how environment variables could be directly defined in the Pod's YAML file. However, as the number of environment variables grows, maintaining them directly in the Pod definition becomes impractical, especially if these variables are shared across multiple Pods. ConfigMaps help by centralizing this configuration data, making it easier to manage and reuse.

Creating a ConfigMap

Let's walk through creating a ConfigMap. We’ll start with an example where we need to define an environment variable in a Pod. Here’s a basic Pod definition:

apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: mycontainer
      image: busybox
      command: ['sh', '-c', 'echo The app is running! && sleep 3600']
      env:
        - name: MY_VAR
          value: "my_value"
Enter fullscreen mode Exit fullscreen mode

Instead of defining MY_VAR directly in the Pod, we’ll use a ConfigMap.

1. Imperative Approach:

kubectl create configmap myconfigmap --from-literal=MY_VAR=my_value
Enter fullscreen mode Exit fullscreen mode

2. Declarative Approach:

Create a configmap.yaml file:

apiVersion: v1
kind: ConfigMap
metadata:
  name: myconfigmap
data:
  MY_VAR: my_value
Enter fullscreen mode Exit fullscreen mode

Apply this file:

kubectl apply -f configmap.yaml
Enter fullscreen mode Exit fullscreen mode

Injecting ConfigMap into a Pod

Now, let's modify our Pod to use the ConfigMap:

apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: mycontainer
      image: busybox
      command: ['sh', '-c', 'echo The app is running! && sleep 3600']
      envFrom:
        - configMapRef:
            name: myconfigmap
Enter fullscreen mode Exit fullscreen mode

Here, envFrom is used to import all key-value pairs from the ConfigMap into the Pod’s environment.

Conclusion

ConfigMaps and Secrets are essential tools in Kubernetes for managing application configuration and sensitive data. They help maintain clean and efficient Pod definitions and enhance security practices

Feel free to reach out in the comments section- if you have any questions or need further assistance.

For further reference, check out the detailed YouTube video here:

Top comments (1)

Collapse
 
devbastic profile image
Dev Bastic

I'm thinking about declaring my event names and id's in a ConfigMap (too many to put in env. vars). The (micro)services can read them from there, possibly generating and evaluating code from them, to be used by the microservice. Seems to be A Good Plan.