CONFIGMAPS:
A ConfigMap in Kubernetes is used to store configuration data in the form of key-value pairs. This data is typically non-confidential and helps to decouple the configuration settings from the application code, eliminating hardcoded values.
For Example, consider a web application that connects to a database. Instead of hardcoding the database URL, you can define it in a ConfigMap. This way, you can easily change the URL without modifying the application code.
USE CASES IN CONFIG MAPS:
Configure application settings: By using this config maps, we can store the configuration data that helps to run our application like database connections and environment variables
Configuring a pod or container: It is used to send a configuration data to a pod or container at runtime like CLI or files.
Sharing configuration data across multiple resources: By using this configuration data multiple resources can access, such as a common configuration file for different pods or services.
We can store the data: By using this config maps, we can store the data like IP address, URL's and DNS etc...
SOME POINTS ABOUT CONFIG MAPS:
- Creating the configMap is the first process which can be done by commands only or a YAML file.
- After creating the configMap, we use the data by injecting the pods.
- After injecting the pods, if there is any update in the configuration we can modify the configMap, and the changes will be reflected in the injected pod.
CREATING CONFIG MAP FROM LITERAL:
we have created the configMap through --from-literal which means you just need to provide the key value instead of providing the file with key-value pair data.
kubectl create cm my-first-cm --from-literal=Course=DevOps --from-literal=Cloud=AWS --from-literal=Trainer=Mustafa
To get Config Maps:
kubectl get cm
To descibe:
kubectl describe configmap/configmap-name
To delete:
kubectl delete configmap/configmap
CREATE A CONFIG-MAPS FROM FILE:
We have created one file first.conf which has some data, and created the configMap with the help of that file.
cat config-map-data.txt
Name=Mustafa
Course=Python
Duration=60 days
command to create config map:
kubectl create cm cm-name --from-file=filename
CREATE A CONFIG-MAPS FROM ENV FILE:
We have created one environment file first.env which has some data in key-value pairs, and created the configMap with the help of the environment file.
cat one.env
Tool=Kubernetes
Topic=Config Maps
Course=DevOps
command to create config map:
kubectl create cm cm-name --from-env-file=one.env
CREATE A FOLDER FOR CONFIG-MAPS:
We have created multiple files in a directory with different extensions that have different types of data and created the configMap for the entire directory.
mkdir folder1
cat folder1/file1.txt
key1=value1
key2=23
cat folder2/file2.txt
key1=value1
key2=23
command to create config map:
kubectl create cm mummy --from-file=folder1
CREATE A YAML FOR CONFIG-MAPS:
The imperative way is not very good if you have to repeat the same tasks again and again. Now, we will look at how to create configMap through the YAML file.
apiVersion: v1
kind: ConfigMap
metadata:
name: my-cm
data:
# Key-value pairs
APP_NAME: "MyApp"
APP_ENV: "development"
DATABASE_URL: "http://dev-database.example.com"
# Multi-line configuration stored as a key-value pair
APP_PROPERTIES: |
server.port=8080
server.address=0.0.0.0
spring.datasource.url=jdbc:mysql://db:3306/mydb
spring.datasource.username=root
command to create config map:
kubectl create -f one.yml
Injecting a specific key from ConfigMap to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
env:
# Reference a single key from the ConfigMap
- name: value1
valueFrom:
configMapKeyRef:
name: my-cm # Name of the ConfigMap
key: APP_ENV # Specific key to attach
Injecting Multiple keys from ConfigMap to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
env:
# Reference a single key from the ConfigMap
- name: value1
valueFrom:
configMapKeyRef:
name: my-cm # Name of the ConfigMap
key: APP_ENV # Specific key to attach
- name: value2
valueFrom:
configMapKeyRef:
name: my-cm
key: APP_NAME
Injecting Different keys from Multiple ConfigMaps to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
env:
# Reference a single key from the ConfigMap
- name: value1
valueFrom:
configMapKeyRef:
name: my-cm # Name of the ConfigMap-1
key: APP_ENV # Specific key to attach
- name: value2
valueFrom:
configMapKeyRef:
name: configmap-2 # Name of the ConfigMap-2
key: APP_NAME # Specific key to attach
Injecting entire ConfigMap to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
envFrom:
- configMapRef:
name: my-cm
Mounting ConfigMap as a volume to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
volumes:
- name: my-volume
configMap:
name: my-cm
volumeMounts:
- name: my-volume
mountPath: /etc/config
Secrets:
There are lot of confidential information that needs to be stored on the server such as database usernames, passwords, or API Keys.
To keep all the important data secure, Kubernetes has a Secrets feature that encrypts the data.
Secrets can store data up to 1MB which would be enough.
Secrets can be created via imperative or declarative ways.
Secrets are stored in the /tmps directory and can be accessible to pods only.
After creating the Secrets, applications need to use the credentials or database credentials which will be done by injecting with the pods.
Creating Secret from literal:
we have created the Secrets through --from-literal which means you just need to provide the key value instead of providing the file with key-value pair data.
you can see the key and encrypted value because Kubernetes encrypts the secrets.
kubectl create secret generic my-secret --from-literal=username=sm7243
To get Config Maps:
kubectl get secret
To describe:
kubectl describe secret/my-secret
To Get in YAML :
kubectl get secret my-secret -o yaml
To delete:
kubectl delete secret/my-secret
Creating a Secrets from file:
We have created one file first.conf which has some data, and created the Secrets with the help of that file.
cat first.conf
username=sm7234
password=admin@123
kubectl create secret generic secret-from-file --from-file=first.conf
Here generic specifies that the secret type is generic and can store arbitrary key-value pairs.
Secrets from env-file:
We have created one environment file first.env which has some data in key-value pairs, and created the Secrets with the help of the environment file.
cat mustafa.env
Name=mustafa
Place=Hyderabad
Compamy=TCS
kubectl create secret generic secret-from-env --from-env-file=mustafa.env
CREATE A FOLDER FOR SECRETS:
We have created multiple files in a directory with a different extension that has different types of data and created the Secrets for the entire directory.
mkdir folder1
cat folder1/file1.txt
Name=Mustafa
Place=Hyderabad=23
cat folder2/file2.txt
database=mysq1
password=mypassword
command to create secret:
kubectl create secret generic secret-from-folder --from-file=folder1/
To Get in yaml :
kubectl get secret secret-from-env -o yaml
Injecting a specific key from Secrets to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
env:
# Reference a single key from the ConfigMap
- name: value1
valueFrom:
secretKeyRef:
name: user # Name of the ConfigMap
key: username # Specific key to attach
Injecting Multiple keys from Secrets to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
- name: value1
valueFrom:
secretKeyRef:
name: user # Name of the Secret
key: username # Specific key to attach
- name: value2
valueFrom:
secretKeyRef:
name: pass # Name of the ConfigMap
key: password # Specific key to attach
Injecting Different keys from Multiple Secrets to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
- name: value1
valueFrom:
secretKeyRef:
name: my-secret # Name of the Secret-1
key: username # Specific key to attach
- name: value1
valueFrom:
secretKeyRef:
name: new-secret # Name of the Secret-1
key: password # Specific key to attach
Injecting entire ConfigMap to a Pod:
apiVersion: v1
kind: Pod
metadata:
name: pod-1
spec:
containers:
- name: cont-1
image: nginx
envFrom:
- secretMapRef:
name: my-secret
Conclusion: ConfigMaps and Secrets in Kubernetes
ConfigMaps and Secrets are essential tools in Kubernetes for managing configuration data.
ConfigMaps are ideal for storing non-sensitive configuration settings, allowing you to decouple configuration from your application code. They are easy to use for environment-specific settings and enable dynamic updates without modifying application logic.
Secrets, on the other hand, are designed for storing sensitive data like passwords, API keys, or tokens. They provide an additional layer of security by encoding the data and offering support for encryption.
If you love stories that inspire learning, growth, and productivity, consider subscribing for more! If this article added value to your journey, your support would mean the world to me — only if it’s within your means. Let’s stay connected on LinkedIn too. Thank you for reading!