Day 35: Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️

Pooja BhavaniPooja Bhavani
3 min read

What are ConfigMaps and Secrets in k8s

In Kubernetes, ConfigMaps and Secrets are used to store configuration data and secrets, respectively. ConfigMaps store configuration data as key-value pairs, while Secrets store sensitive data in an encrypted form.

  • Example :- Imagine you're in charge of a big spaceship (Kubernetes cluster) with lots of different parts (containers) that need information to function properly. ConfigMaps are like a file cabinet where you store all the information each part needs in simple, labeled folders (key-value pairs). Secrets, on the other hand, are like a safe where you keep the important, sensitive information that shouldn't be accessible to just anyone (encrypted data). So, using ConfigMaps and Secrets, you can ensure each part of your spaceship (Kubernetes cluster) has the information it needs to work properly and keep sensitive information secure! 🚀

Task 1:

  • Create a folder of mysql -db and enter into it
mkdir MYSQL-DB && cd MYSQL-DB
  • Create a file configmap.yml
# vim configMap.yml
-------------------------------------------------------------------------------
apiVersion: v1
kind: ConfigMap
metadata:
  name: mysql-config
  namespace: django-app
  labels:
    app: mysql
data:
  MYSQL_DATABASE: "todo-db"

  • Verify that the configmap is working by accessing the todo-app

kubectl apply -f configMap.yml -n django-app

kubectl get configMap -n django-app


kubectl get pods -n django-app

  • Now update the deployment.yml file to include the ConfigMap
# vim deployment.yml
-------------------------------------------------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql-deploymnet
  namespace: django-app
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - name: mysql
          image: mysql:8
          ports:
            - containerPort: 3306
          env:
            - name: MYSQL_DATABASE
              valueFrom:
                configMapKeyRef:
                  name: mysql-config
                  key: MYSQL_DATABASE

  • Verify that the deployment is working by accessing the todo-app

kubectl apply -f deployment.yml -n django-app

kubectl get deployment -n django-app

kubectl get pods -n django-app

Task 2:

  • create a yaml file Secret.yaml
# vim secret.yaml
-------------------------------------------------------------------------------
apiVersion: v1
kind: Secret
metadata:
  name: mysql-secret
  namespace: django-app
  labels:
    app: mysql
type: Opaque
data:
  MYSQL_ROOT_PASSWORD: c3JpcGFydGh1

  • Verify that the secret is working by accessing the todo-app

kubectl apply -f secrets.yaml -n django-app

kubectl get secrets -n django-app

  • Now update the deployment.yml file to include the secrets
# vim deployment.yaml
-------------------------------------------------------------------------------
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql-deploymnet
  namespace: django-app
  labels:
    app: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - name: mysql
          image: mysql:8
          ports:
            - containerPort: 3306
          env:
            - name: MYSQL_DATABASE
              valueFrom:
                configMapKeyRef:
                  name: mysql-config
                  key: MYSQL_DATABASE
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_ROOT_PASSWORD

  • Verify that the deployment is working by accessing the todo-app

kubectl apply -f deploymnet.yml -n django-app

kubectl get deployment -n django-app

kubectl get pods -n django-app

0
Subscribe to my newsletter

Read articles from Pooja Bhavani directly inside your inbox. Subscribe to the newsletter, and don't miss out.

kubernetes configmaps and secrets

Written by

Pooja Bhavani
Pooja Bhavani

Hi, I am Pooja Bhavani, an enthusiastic DevOps Engineer with a focus on deploying production-ready applications, infrastructure automation, cloud-native technologies. With hands-on experience across DevOps Tools and AWS Cloud, I thrive on making infrastructure scalable, secure, and efficient. My journey into DevOps has been fueled by curiosity and a passion for solving real-world challenges through automation, cloud architecture, and seamless deployments. I enjoy working on projects that push boundaries whether it's building resilient systems, optimizing CI/CD pipelines, or exploring emerging technologies like Amazon Q and GenAI. I'm currently diving deeper into platform engineering and GitOps workflows, and I often share practical tutorials, insights, and use cases from my projects and experiences. ✨ Let’s connect, collaborate, and grow together in this ever-evolving DevOps world. Open to opportunities, ideas, and conversations that drive impactful tech!