Skip to main content

Kubernetes: 20. ConfigMaps

 A Java map is a object that maps key to value. The key has to be unique.

Environment Variables
  • Environment variables can be directly added into Pod definition file under specs.env array
  • But they will be limited to only the pod for which they are added
  • For new Pods, the environment variables have to be added again
ConfigMaps
  • ConfigMaps are a way of storing the data in key: value pair
  • This data is then injected into Pods via the definition file
  • The data injected can be created as environment variables in the pod
  • Or the data is just injected as a file that then can be used by the pod
Create ConfigMaps
There are two ways to create the ConfigMaps like any other Kubernetes objects
  1. Imperative 
  2. Declarative
    • Note that in the declarative way there is no specs, we instead have data section
config-map
APP_COLOR: Blue
APP_ENV: Prod

config-map-creation-imperative
kubectl create configmap
-> Imperative way of creating configmap

<config-name> --from-literal=<key>=<value>
-> Add key value pairs by mentioning from-literal

kubectl create configmap
-> Imperative way of creating configmap

<config-name> --from-file=<path-to-file>
-> Add key value pairs by passing through a file by mentioning from-file

kubectl create configmap \
<config-name> --from-literal=APP_COLOR=Blue \
--from-literal=APP_ENV=Prod \

kubectl create configmap \
<config-name> --from-file=app_config.properties

config-map-creation-declarative.yaml
apiVersion: v1
kind: ConfigMap
metadata:
    name: app-config

data:
    APP_COLOR=Blue
    APP_ENV=Prod

kubectl create -f config-map-definition.yaml
-> Create the configmap

kubectl get configmaps
-> Get all the configmaps in the existing namespace

kubectl describe configmaps
-> Describe all the configmaps in the existing namespace

kubectl describe configmaps <config-map-name>
-> Describe the configmap <config-map-name> in the existing namespace

Add ConfigMaps to the Pods
  • ConfigMaps can be added in variety of ways to the pods
  • The entire ConfigMap references can be injected into the pod
  • This can be seen from below spec.envFrom.configMapRef array
    • Here we provide the name of the configMapRef
    • Since this is an array, you can inject multiple configMaps
  • Only a single value from ConfigMap can be injected
  • This can be seen from spec.env array
    • Here we provide the name of our variable
    • Value is taken from a ConfigMap, with the name of the ConfigMap and the key name provided
    • Since this is any array, you can inject multiple variables
  • ConfigMap can be injected as a file by using volumes
  • This can be seen from spec.volumes
    • Name of the configMap that has to be injected into the Pod is provided
    • ConfigMap is then mounted as a file on the pod
pod-definition.yaml
apiVersion: v1
kind: Pod
metadata:
    name: my-color-webapp

spec:
    containers:
    - name: my-color-container
      image: simple-webapp-color
      ports:
      - containerPort: 8080
      envFrom:
      - configMapRef:
            name: app-config

      env:
      - name: APP_COLOR
        valueFrom:
            configMapKeyRef:
                name: app-config
                key: APP_COLOR

      volumes:
      - name: app-config-volume
        configMap:
            name: app-config

Labels:

Comments

Post a Comment

Popular posts from this blog

Kubernetes: 19. Configure Application

Configuring application consists of Configuring commands and arguments on applications Configuring environment variables Configuring secrets Docker Commands docker run ubuntu  -> Runs ubuntu container and exit, container CMD is set to [bash], so the container quitely exits docker run ubuntu echo "Hello World" -> Runs ubuntu container, prints "Hello World" exits quitely. To update the default settings, create your own image from the base image lets call this ubuntu-sleeper image FROM ubuntu CMD sleep 5 CMD can also be mentioned in the JSON format like CMD ["sleep", "5"] Note that with JSON format the first element should always be the command to execute,  for eg, it CANNOT be ["sleep 5"] Run build the new ubuntu-sleeper image and run the new image docker build -t ubuntu-sleeper .  -> Build the image docker run ubuntu-sleeper -> Run the new image So the new image will launch ubuntu container, sleep for 5 seconds and quitely ex...
Post a Comment
Read more

Kubernetes: 15. Multiple Schedulers

Custom Scheduler Kubernetes allows to create custom schedulers There can be multiple schedulers running at a same time apart from the default scheduler or A custom scheduler can replace the default kube-scheduler to become the default one So a few pods that requires additional checks apart from taints and toleration, node affinity can go through the custom scheduler before getting scheduled on the node Whereas the rest of the pods can go through the default kube-scheduler Create Custom Scheduler We can either download the kube-scheduler and run it as a service or alternatively create it using a static pod Below here we are downloading the binaries to run it The property scheduler-name is used to define the name of the scheduler, if not set then it will be defaulted to default-scheduler For your custom schedulers, update this property name to set a custom name for your scheduler For Static pods, the name can be updated directly in the pod-definition file Use kubectl create -f <pod-de...
Post a Comment
Read more

Kubernetes: 21. Secrets

Passwords In the webapps we store the properties file for storing and retrieving the data required by application But we never store the application passwords, truststore, keystore passwords etc here We might store them in an encrypted format, but storing them as plain text is not the correct way In Kubernetes we store these sensitive information in Secrets https://medium.com/avmconsulting-blog/secrets-management-in-kubernetes-378cbf8171d0 Secrets Secrets are used to store the sensitive information They are similar to ConfigMaps, except that they are stored in hashed or encoded format Note that they are only encoded (using base64) but are not encrypted So secrets are a safe option to store sensitive information but infact they are not the safest option As such secret objects should be not checked into source code tools, its best to store them encrypted at REST in ETCD Again as in ConfigMaps, we have to create the secrets object first and then inject them into the pods There are 2 ways ...
Post a Comment
Read more