Hello everyone, welcome back to my blog series CK 2024! Today we’ll be diving into the concepts of ConfigMaps and Secrets in Kubernetes. Although we touched on these topics briefly in earlier posts, I realized we haven’t given them the full attention they deserve. So, let's rectify that today with an in-depth look and a hands-on demo.
Understanding ConfigMaps and Secrets
In Kubernetes, ConfigMaps and Secrets allow you to decouple configuration artifacts from image content to keep your containerized applications portable. ConfigMaps are used to store non-confidential data in key-value pairs, while Secrets are intended for confidential data such as passwords, OAuth tokens, and SSH keys.
Why Use ConfigMaps?
In one of our earlier discussions (Day 11), we saw how environment variables could be directly defined in the Pod's YAML file. However, as the number of environment variables grows, maintaining them directly in the Pod definition becomes impractical, especially if these variables are shared across multiple Pods. ConfigMaps help by centralizing this configuration data, making it easier to manage and reuse.
Creating a ConfigMap
Let's walk through creating a ConfigMap. We’ll start with an example where we need to define an environment variable in a Pod. Here’s a basic Pod definition:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: mycontainer
image: busybox
command: ['sh', '-c', 'echo The app is running! && sleep 3600']
env:
- name: MY_VAR
value: "my_value"
Instead of defining MY_VAR directly in the Pod, we’ll use a ConfigMap.
1. Imperative Approach:
kubectl create configmap myconfigmap --from-literal=MY_VAR=my_value
2. Declarative Approach:
Create a configmap.yaml file:
apiVersion: v1
kind: ConfigMap
metadata:
name: myconfigmap
data:
MY_VAR: my_value
Apply this file:
kubectl apply -f configmap.yaml
Injecting ConfigMap into a Pod
Now, let's modify our Pod to use the ConfigMap:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: mycontainer
image: busybox
command: ['sh', '-c', 'echo The app is running! && sleep 3600']
envFrom:
- configMapRef:
name: myconfigmap
Here, envFrom is used to import all key-value pairs from the ConfigMap into the Pod’s environment.
Conclusion
ConfigMaps and Secrets are essential tools in Kubernetes for managing application configuration and sensitive data. They help maintain clean and efficient Pod definitions and enhance security practices
Feel free to reach out in the comments section- if you have any questions or need further assistance.
For further reference, check out the detailed YouTube video here:
Top comments (1)
I'm thinking about declaring my event names and id's in a ConfigMap (too many to put in env. vars). The (micro)services can read them from there, possibly generating and evaluating code from them, to be used by the microservice. Seems to be A Good Plan.