ConfigMaps and Secrets are essential components in Kubernetes for managing configuration data and sensitive information. This guide will walk you through creating and using ConfigMaps and Secrets in your Kubernetes deployments, ensuring your applications have the necessary configuration and keep sensitive information secure.
Understanding ConfigMaps and Secrets
ConfigMaps: Store configuration data as key-value pairs, allowing you to separate configuration artifacts from container image content to keep your applications portable.
Secrets: Store sensitive information such as passwords, OAuth tokens, and SSH keys in an encrypted form to prevent unauthorized access.
Task 1 : Create and Use a ConfigMap in Your Deployment
Step 1: Create a ConfigMap
You can create a ConfigMap using a file or the command line. Here’s how to do it using both methods:
Using a File:
Create a file named
configmap.yml
:apiVersion: v1 kind: ConfigMap metadata: name: my-config namespace: my-namespace data: APP_ENV: production APP_DEBUG: "false"
Apply the ConfigMap:
kubectl apply -f configmap.yml
Using the Command Line:
kubectl create configmap my-config --from-literal=APP_ENV=production --from-literal=APP_DEBUG=false -n my-namespace
Step 2: Update Your Deployment to Use the ConfigMap
Update your deployment.yml
file to include the ConfigMap:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
namespace: my-namespace
spec:
replicas: 2
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: my-image
env:
- name: APP_ENV
valueFrom:
configMapKeyRef:
name: my-config
key: APP_ENV
- name: APP_DEBUG
valueFrom:
configMapKeyRef:
name: my-config
key: APP_DEBUG
Step 3: Apply the Updated Deployment
kubectl apply -f deployment.yml -n my-namespace
Step 4: Verify the ConfigMap Creation
kubectl get configmaps -n my-namespace
You should see your ConfigMap listed.
Task 2: Create and Use a Secret in Your Deployment
Step 1: Create a Secret
You can create a Secret using a file or the command line. Here’s how to do it using both methods:
Using a File:
Create a file named
secret.yml
:apiVersion: v1 kind: Secret metadata: name: my-secret namespace: my-namespace type: Opaque data: username: bXktdXNlcm5hbWU= # base64 encoded value of "my-username" password: bXktcGFzc3dvcmQ= # base64 encoded value of "my-password"
Apply the Secret:
kubectl apply -f secret.yml
Using the Command Line:
kubectl create secret generic my-secret --from-literal=username=my-username --from-literal=password=my-password -n my-namespace
Step 2: Update Your Deployment to Use the Secret
Update your deployment.yml
file to include the Secret:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
namespace: my-namespace
spec:
replicas: 2
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-container
image: my-image
env:
- name: USERNAME
valueFrom:
secretKeyRef:
name: my-secret
key: username
- name: PASSWORD
valueFrom:
secretKeyRef:
name: my-secret
key: password
Step 3: Apply the Updated Deployment
kubectl apply -f deployment.yml -n my-namespace
Step 4: Verify the Secret Creation
kubectl get secrets -n my-namespace
You should see your Secret listed.
Conclusion
By mastering ConfigMaps and Secrets, you can effectively manage configuration data and sensitive information in your Kubernetes deployments. This ensures your applications have the necessary configuration to function properly and keeps sensitive information secure. Keep exploring and expanding your knowledge of Kubernetes to become proficient in managing containerized applications!