Sunday, September 1, 2024

Home / DevOps / Kubernetes - ConfigMaps and Secrets [Part 10]

Kubernetes - ConfigMaps and Secrets [Part 10]

by on in

 


ConfigMaps are used to provide the configuration information for the workloads.  This can either be fine-grained string format or file format.

Secrets: It is similar like ConfigMaps but it will provide the sensitive information into workloads.

Created a ConfigMaps file:


ConfigMaps can be mount as file system in the Pod and passing a environmental variables or passing a ConfigMaps through command line from the K8S.

Created a Yaml file for mounting the ConfigMaps as file system inside of the pod.

apiVersion: v1
kind: Pod
metadata:
  name: kuard-config
spec:
  containers:
    - name: test-container
      image: gcr.io/kuar-demo/kuard-amd64:blue
      imagePullPolicy: Always
      command:
        - "/kuard"
        - "$(EXTRA_PARAM)"
      env:
        - name: ANOTHER_PARAM
          valueFrom:
            configMapKeyRef:
              name: my-config
              key: another-param
        - name: EXTRA_PARAM
          valueFrom:
            configMapKeyRef:
              name: my-config
              key: extra-param
      volumeMounts:
        - name: config-volume
          mountPath: /config
  volumes:
    - name: config-volume
      configMap:
        name: my-config
  restartPolicy: Never

Secrets:

Secrets used to managing passwords, security tokens, other type of private keys.  Secrets are exposed to Pods via explicit declaration in the Pod manifests and Kubernetes API. Secrets are stored in the tmpfs file system [RAM disk].

Defined the Secrets inside the Pod configuration:

apiVersion: v1
kind: Pod
metadata:
  name: kuard-tls
spec:
  containers:
    - name: kuard-tls
      image: gcr.io/kuar-demo/kuard-amd64:blue
      imagePullPolicy: Always
      volumeMounts:
      - name: tls-certs
        mountPath: "/tls"
        readOnly: true
  volumes:
    - name: tls-certs
      secret:
        secretName: kuard-tls

Created a secrets for the docker pull registry:

# kubectl create secret docker-registry my-image-pull-secret --docker-username=<username> --docker-password=<password> --docker-email=<email-address>

Updating the ConfigMap or Secrets file:

#kubectl replace -f filename

(or)

Edit the configuration file through command line

$ kubectl edit configmap my-config




Author Image

About Admin
Soratemplates is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design. The main mission of templatesyard is to provide the best quality blogger templates.

You May Also Like:
By at
Tags

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)