πŸš€ Mastering ConfigMaps and Secrets in Kubernetes.

Apurva GargoteApurva Gargote
3 min read

Table of contents

1️⃣ Task: Creating a ConfigMap

πŸ“ Method 1: Using a YAML File

Create a file named configmap.yml and add the following content:

apiVersion: v1
kind: ConfigMap
metadata:
  name: my-config    # Name of the ConfigMap
data:
  APP_ENV: "production"  # Environment setting
  LOG_LEVEL: "debug"  # Logging level

πŸ“Œ Explanation:

  • apiVersion: v1 β†’ Specifies the Kubernetes API version.

  • kind: ConfigMap β†’ Defines that this is a ConfigMap.

  • metadata.name: my-config β†’ Assigns a name to the ConfigMap.

  • data β†’ Stores key-value pairs used for configuration.

πŸ”Ή Apply the ConfigMap using the command:

kubectl apply -f configmap.yml -n <namespace-name>

πŸ“Œ What this does:

  • Applies the configmap.yml file to the specified namespace in Kubernetes.

πŸ“ Method 2: Using the Command Line

If you don’t want to create a file, you can create a ConfigMap directly with this command:

kubectl create configmap my-config --from-literal=APP_ENV=production --from-literal=LOG_LEVEL=debug -n <namespace-name>

πŸ“Œ Explanation:

  • kubectl create configmap β†’ Command to create a ConfigMap.

  • my-config β†’ Name of the ConfigMap.

  • --from-literal=APP_ENV=production β†’ Directly sets a key-value pair (APP_ENV=production).

  • -n <namespace-name> β†’ Specifies the namespace where the ConfigMap will be created.

πŸ”Ž Verify that the ConfigMap is created

kubectl get configmaps -n <namespace-name>

πŸ“Œ Shows a list of ConfigMaps in the specified namespace.

kubectl describe configmap my-config -n <namespace-name>

πŸ“Œ Displays details about the my-config ConfigMap.

2️⃣ Task: Using the ConfigMap in a Deployment

Modify your deployment.yml file to use the ConfigMap:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: my-container
          image: nginx
          envFrom:
            - configMapRef:
                name: my-config  # Using the ConfigMap in the container

πŸ“Œ Explanation:

  • envFrom.configMapRef.name: my-config β†’ Loads all key-value pairs from the ConfigMap into environment variables for the container.

πŸ”Ή Apply the updated Deployment

kubectl apply -f deployment.yml -n <namespace-name>

3️⃣ Task: Creating a Secret

πŸ“ Method 1: Using a YAML File

Create a file named secret.yml:

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
type: Opaque
data:
  DB_PASSWORD: cGFzc3dvcmQ=  # Base64 encoded password (password)

πŸ“Œ Encoding the Secret in Base64

Run the following command in your terminal to generate the Base64-encoded password:

echo -n "password" | base64

βœ… Example Output:

cGFzc3dvcmQ=

πŸ“Œ Explanation:

  • kind: Secret β†’ Defines that this is a Secret.

  • type: Opaque β†’ Specifies an arbitrary secret type.

  • data.DB_PASSWORD: cGFzc3dvcmQ= β†’ Base64-encoded value for password (password encoded in Base64).

πŸ”Ή Apply the Secret

kubectl apply -f secret.yml -n <namespace-name>

πŸ“ Method 2: Using the Command Line

kubectl create secret generic my-secret --from-literal=DB_PASSWORD=password -n <namespace-name>

πŸ“Œ Explanation:

  • kubectl create secret generic β†’ Creates a generic Secret.

  • my-secret β†’ Name of the Secret.

  • --from-literal=DB_PASSWORD=password β†’ Adds a key-value pair with DB_PASSWORD=password.

  • Kubernetes automatically encodes the value in Base64.

πŸ”Ž Verify that the Secret is created

kubectl get secrets -n <namespace-name>

πŸ“Œ Lists all Secrets in the namespace.

kubectl describe secret my-secret -n <namespace-name>

πŸ“Œ Shows detailed information about the Secret.

4️⃣ Task: Using the Secret in a Deployment

Modify your deployment.yml file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: my-container
          image: nginx
          env:
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: my-secret  # Using the Secret in the container
                  key: DB_PASSWORD

πŸ“Œ Explanation:

  • env.name: DB_PASSWORD β†’ The environment variable inside the container.

  • valueFrom.secretKeyRef.name: my-secret β†’ Refers to the Kubernetes Secret named my-secret.

  • valueFrom.secretKeyRef.key: DB_PASSWORD β†’ Uses the DB_PASSWORD key from the Secret.

πŸ”Ή Apply the updated Deployment

kubectl apply -f deployment.yml -n <namespace-name>
0
Subscribe to my newsletter

Read articles from Apurva Gargote directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#90daysofdevops#90daysofdevops chanllenge#90daysofdevopschallengeTrainWithShubhamKuberneteskubernetes-configmapDevops

Written by

Apurva Gargote
Apurva Gargote

πŸ‘¨β€πŸ’» Last-year student diving deep into DevOps, Cloud Engineering, and Infrastructure Automation. Passionate about building scalable, efficient, and secure systems. Let’s connect and build something amazing! πŸš€