Mastering ConfigMaps and Secrets in Kubernetes : A Step-by-Step Guide

Mastering ConfigMaps and Secrets in Kubernetes : A Step-by-Step Guide


ConfigMaps and Secrets are essential components in Kubernetes for managing configuration data and sensitive information. This guide will walk you through creating and using ConfigMaps and Secrets in your Kubernetes deployments, ensuring your applications have the necessary configuration and keep sensitive information secure.

Understanding ConfigMaps and Secrets

ConfigMaps: Store configuration data as key-value pairs, allowing you to separate configuration artifacts from container image content to keep your applications portable.

Secrets: Store sensitive information such as passwords, OAuth tokens, and SSH keys in an encrypted form to prevent unauthorized access.


Task 1 : Create and Use a ConfigMap in Your Deployment

Step 1: Create a ConfigMap

You can create a ConfigMap using a file or the command line. Here’s how to do it using both methods:

Using a File:

  1. Create a file named configmap.yml:

     apiVersion: v1
     kind: ConfigMap
     metadata:
       name: my-config
       namespace: my-namespace
     data:
       APP_ENV: production
       APP_DEBUG: "false"
    
  2. Apply the ConfigMap:

     kubectl apply -f configmap.yml
    

Using the Command Line:

kubectl create configmap my-config --from-literal=APP_ENV=production --from-literal=APP_DEBUG=false -n my-namespace

Step 2: Update Your Deployment to Use the ConfigMap

Update your deployment.yml file to include the ConfigMap:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
  namespace: my-namespace
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: my-image
        env:
        - name: APP_ENV
          valueFrom:
            configMapKeyRef:
              name: my-config
              key: APP_ENV
        - name: APP_DEBUG
          valueFrom:
            configMapKeyRef:
              name: my-config
              key: APP_DEBUG

Step 3: Apply the Updated Deployment

kubectl apply -f deployment.yml -n my-namespace

Step 4: Verify the ConfigMap Creation

kubectl get configmaps -n my-namespace

You should see your ConfigMap listed.

Task 2: Create and Use a Secret in Your Deployment

Step 1: Create a Secret

You can create a Secret using a file or the command line. Here’s how to do it using both methods:

Using a File:

  1. Create a file named secret.yml:

     apiVersion: v1
     kind: Secret
     metadata:
       name: my-secret
       namespace: my-namespace
     type: Opaque
     data:
       username: bXktdXNlcm5hbWU=  # base64 encoded value of "my-username"
       password: bXktcGFzc3dvcmQ=  # base64 encoded value of "my-password"
    
  2. Apply the Secret:

     kubectl apply -f secret.yml
    

Using the Command Line:

kubectl create secret generic my-secret --from-literal=username=my-username --from-literal=password=my-password -n my-namespace

Step 2: Update Your Deployment to Use the Secret

Update your deployment.yml file to include the Secret:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
  namespace: my-namespace
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: my-image
        env:
        - name: USERNAME
          valueFrom:
            secretKeyRef:
              name: my-secret
              key: username
        - name: PASSWORD
          valueFrom:
            secretKeyRef:
              name: my-secret
              key: password

Step 3: Apply the Updated Deployment

kubectl apply -f deployment.yml -n my-namespace

Step 4: Verify the Secret Creation

kubectl get secrets -n my-namespace

You should see your Secret listed.

Conclusion

By mastering ConfigMaps and Secrets, you can effectively manage configuration data and sensitive information in your Kubernetes deployments. This ensures your applications have the necessary configuration to function properly and keeps sensitive information secure. Keep exploring and expanding your knowledge of Kubernetes to become proficient in managing containerized applications!