Day 35: Mastering ConfigMaps and Secrets in Kubernetes

Day 35: Mastering ConfigMaps and Secrets in Kubernetes

  • What are ConfigMaps in k8s?

    A ConfigMap is an API object used to store non-confidential data in key-value pairs. Pods can consume ConfigMaps as environment variables, command-line arguments, or configuration files in a volume.

    A ConfigMap allows you to decouple environment-specific configuration from your container images, so that your applications are easily portable.

    Basically, it is used to store the Configuration data.

  • What are secrets in k8s?

    A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key in an encrypted form.. Such information might otherwise be put in a Pod specification or in a container's image. Using a Secret means that you don't need to include confidential data in your application code.

Task 1:

  • Create a ConfigMap for your Deployment and Create a ConfigMap for your Deployment using a file or the command line.

      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: mysql-config
        namespace: mysql
        labels:
          app: mysql
    
      data:
        MYSQL_DATABASE: "CoolDB"
    

  • Update the deployment.yml file to include the ConfigMap.

spec: 
      containers: 
      - name: mysql
        image: mysql:8
        ports: 
          - containerPort: 3306
        env:
          - name: MYSQL_DATABASE
            valueFrom: 
              configMapKeyRef:
                name: mysql-config
                key: MYSQL_DATABASE

  • Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>

      kubectl apply -f deployment.yml -n mysql
    
  • Verify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.

      kubectl get configmaps -n mysql
    

Task 2:

  • Create a Secret for your Deployment and Create a Secret for your Deployment using a file or the command line.

      apiVersion: v1
      kind: Secret
      metadata: 
        name: mysql-secret
        namespace: mysql
        labels:
          app: mysql
      type: Opaque
      data:
        MYSQL_PASSWORD: dHJhaW53aXRoc2h1YmhhbQ==
    

    • Update the deployment.yml file to include the Secret.
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: mysql-deployment
      namespace: mysql
      labels:
        app: mysql
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: mysql
      template:
        metadata:
          labels:
            app: mysql
        spec:
          containers:
          - name: mysql
            image: mysql:8
            ports:
              - containerPort: 3306
            env:
              - name: MYSQL_DATABASE
                valueFrom:
                  configMapKeyRef:
                    name: mysql-config
                    key: MYSQL_DATABASE
              - name: MYSQL_ROOT_PASSWORD

  • Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>.
kubectl apply -f deployment.yml-n mysql
  • Verify that the Secret has been created by checking the status of the Secrets in your Namespace.

      kubectl get secrets -n mysql