Day 35: Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️
Pooja Bhavani3 min read
What are ConfigMaps and Secrets in k8s
In Kubernetes, ConfigMaps and Secrets are used to store configuration data and secrets, respectively. ConfigMaps store configuration data as key-value pairs, while Secrets store sensitive data in an encrypted form.
- Example :- Imagine you're in charge of a big spaceship (Kubernetes cluster) with lots of different parts (containers) that need information to function properly. ConfigMaps are like a file cabinet where you store all the information each part needs in simple, labeled folders (key-value pairs). Secrets, on the other hand, are like a safe where you keep the important, sensitive information that shouldn't be accessible to just anyone (encrypted data). So, using ConfigMaps and Secrets, you can ensure each part of your spaceship (Kubernetes cluster) has the information it needs to work properly and keep sensitive information secure! 🚀
Task 1:
- Create a folder of mysql -db and enter into it
mkdir MYSQL-DB && cd MYSQL-DB
- Create a file configmap.yml
# vim configMap.yml
-------------------------------------------------------------------------------
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-config
namespace: django-app
labels:
app: mysql
data:
MYSQL_DATABASE: "todo-db"
Verify that the configmap is working by accessing the todo-app
kubectl apply -f configMap.yml -n django-app
kubectl get configMap -n django-app
kubectl get pods -n django-app
- Now update the deployment.yml file to include the ConfigMap
# vim deployment.yml
-------------------------------------------------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql-deploymnet
namespace: django-app
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: mysql-config
key: MYSQL_DATABASE
Verify that the deployment is working by accessing the todo-app
kubectl apply -f deployment.yml -n django-app
kubectl get deployment -n django-app
kubectl get pods -n django-app
Task 2:
- create a yaml file Secret.yaml
# vim secret.yaml
-------------------------------------------------------------------------------
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
namespace: django-app
labels:
app: mysql
type: Opaque
data:
MYSQL_ROOT_PASSWORD: c3JpcGFydGh1
Verify that the secret is working by accessing the todo-app
kubectl apply -f secrets.yaml -n django-app
kubectl get secrets -n django-app
- Now update the deployment.yml file to include the secrets
# vim deployment.yaml
-------------------------------------------------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql-deploymnet
namespace: django-app
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: mysql-config
key: MYSQL_DATABASE
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: MYSQL_ROOT_PASSWORD
Verify that the deployment is working by accessing the todo-app
kubectl apply -f deploymnet.yml -n django-app
kubectl get deployment -n django-app
kubectl get pods -n django-app
0
Subscribe to my newsletter
Read articles from Pooja Bhavani directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by