Passwords In the webapps we store the properties file for storing and retrieving the data required by application But we never store the application passwords, truststore, keystore passwords etc here We might store them in an encrypted format, but storing them as plain text is not the correct way In Kubernetes we store these sensitive information in Secrets https://medium.com/avmconsulting-blog/secrets-management-in-kubernetes-378cbf8171d0 Secrets Secrets are used to store the sensitive information They are similar to ConfigMaps, except that they are stored in hashed or encoded format Note that they are only encoded (using base64) but are not encrypted So secrets are a safe option to store sensitive information but infact they are not the safest option As such secret objects should be not checked into source code tools, its best to store them encrypted at REST in ETCD Again as in ConfigMaps, we have to create the secrets object first and then inject them into the pods There are 2 ways
A Java map is a object that maps key to value. The key has to be unique. Environment Variables Environment variables can be directly added into Pod definition file under specs.env array But they will be limited to only the pod for which they are added For new Pods, the environment variables have to be added again ConfigMaps ConfigMaps are a way of storing the data in key: value pair This data is then injected into Pods via the definition file The data injected can be created as environment variables in the pod Or the data is just injected as a file that then can be used by the pod Create ConfigMaps There are two ways to create the ConfigMaps like any other Kubernetes objects Imperative Declarative Note that in the declarative way there is no specs , we instead have data section config-map APP_COLOR: Blue APP_ENV: Prod config-map-creation-imperative kubectl create configmap -> Imperative way of creating configmap <config-name> --from-literal=<key>=<value>