Learn Kubernetes Essentials: ReplicaSets, ConfigMaps, Secrets and Other key concepts Explained

Alisha JahanAlisha Jahan
4 min read

In our last blog on Kubernetes, we had described what Kubernetes is ,its fundamental architecture, and why it's so much of a heavy-hitting tool for container orchestration. If you are new to this, I really do suggest reading that post first to become familiar with the basics.

In this second blog of the series, we’ll go one step further and dive into some essential Kubernetes objects that help manage, organize, and scale your applications inside a cluster. We’ll cover:

  • ReplicaSets – to ensure availability and scale your pods

  • Namespaces – to organize and separate resources

  • ConfigMaps & Secrets – to manage configuration and sensitive data

  • Volumes – to persist and store data

ReplicaSet – Maintaining Pod Availability
A ReplicaSet guarantees that a certain number of identical Pods are always running. If a pod fails or is manually deleted, the ReplicaSet will create a new one to replace it, restoring the desired state.
Why is it needed?

  • High availability

  • Fault tolerance

  • Auto-recovery of crashed pods

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: my-replicaset
spec
  replicas: 3
  selector:
    matchLabels:
      app: demo
  template:
    metadata:
      labels:
        app: demo
    spec:
      containers:
      - name: demo-container
        image: nginx

Explanation:

  • replicas: Ensures 3 pods are always running.

  • selector & labels: Helps the ReplicaSet manage pods with the label (app: demo).

Namespaces – Organizing Your Cluster

Namespaces offer a method to partition cluster resources among several users or teams. They are similar to folders on your machine. They are useful in environments with many users spread across multiple teams, or when you want to separate concerns like development, testing, and production within the same cluster.

Use Cases:

  • Multi-tenant environments

  • Dev/Test/Prod separation

  • Access control & resource limits

apiVersion: v1
kind: Namespace
metadata:
  name: dev-environment

Explanation:
This creates a namespace called dev-environment where you can deploy and manage resources isolated from others.

Key aspects of Kubernetes namespaces:

  • Logical Separation: Namespaces provide a way to separate resources within a cluster, creating distinct environments for different applications, teams, or projects.

  • Resource Scoping: Namespaces provide a scope for resource names, i.e., the same name can be employed to refer to distinct resources (such as deployments or services) within distinct namespaces.

  • Access Control: Namespaces can be employed for the enforcement of Role-Based Access Control (RBAC), enabling administrators to set precise permissions for distinct users or groups within each namespace.

How to Work with Namespaces:

Create a Namespace:

kubectl create namespace dev-team

Deploy into a Namespace:

kubectl apply -f app.yaml -n dev-team

List All Namespaces:

kubectl get namespaces

View Resources in a Namespace:

kubectl get pods -n dev-team

Delete a Namespace:

kubectl delete namespace dev-team

What is a ConfigMap?
A ConfigMap holds non-sensitive configuration data in key-value pairs. Examples of this include environment variables, command-line args, config files, and so on.

Why Use ConfigMaps?

  • Don't hardcode values into your code or container.

  • Make your apps environmentally agnostic (dev, test, prod).

  • Update app configuration without a redeployment of the image.

    Use Cases for ConfigMaps

  • Defining log levels (INFO, DEBUG, etc.)

  • Setting feature flags

  • Setting application environment names (staging, production)

  • Externalizing database URLs or API endpoints

What is a Secret?
A Secret is like a ConfigMap but for storing sensitive information like passwords, OAuth tokens, SSH keys, or TLS certs. The contents of Secrets are base64-encoded, not encrypted by default (though encryption at rest can be activated).

Why Use Secrets?

  • Keeps sensitive values out of your Git repos or Docker images.

  • Can be mounted or injected securely into containers.

  • Improved access control and auditing through Kubernetes RBAC.

Volumes in Kubernetes – Storing Data the Right Way
In Kubernetes, containers are transient—i.e., any data that's stored within a container gets deleted once the container is restarted or killed. That's where Volumes help.
A Kubernetes Volume enables data to exist longer than a single Pod, and even be shared across containers in the same Pod.

Why Volumes Are Required ?
Suppose there is a container which produces log files or holds user uploads. If such a container crashes or gets restarted by Kubernetes, all the data is lost unless held in a persistent volume.

Kubernetes Volumes address this by:

  • Making the data persistent.

  • Enabling the sharing of data across containers.

  • Allowing for various storage backends such as cloud storage, network file systems, local disks, etc.

Types of Volumes

Some common volume types in Kubernetes:

Volume TypeDescription
emptyDirA temporary directory that is erased when the pod stops
hostPathMounts a file or directory from the host node's filesystem
persistentVolumeClaim (PVC)Connects to a PersistentVolume managed by the cluster admin
configMap / secretVolumes that mount ConfigMaps or Secrets as files
nfs, awsElasticBlockStore, etc.Connect to external network/file storage
apiVersion: v1
kind: Pod
metadata:
  name: volume-demo
spec:
  containers:
    - name: app-container
      image: busybox
      command: [ "sh", "-c", "echo Hello > /data/message && sleep 3600" ]
      volumeMounts:
        - name: demo-volume
          mountPath: /data
  volumes:
    - name: demo-volume
      emptyDir: {}

In this example:

  • A Pod named volume-demo is created.

  • It mounts an emptyDir volume at /data.

  • The container writes a message inside /data, and it will be preserved for the Pod's lifetime.

Using Persistent Volumes (PV) and Persistent Volume Claims (PVC)

For truly persistent storage, you’d typically use:

  1. PV (PersistentVolume) – Admin-defined storage resource.

  2. PVC (PersistentVolumeClaim) – User-defined request for storage.

  3. Pod – Mounts the PVC like a volume.

Conclusion
To understand these foundational building blocks—ReplicaSets, Namespaces, ConfigMaps, Secrets, and Volumes—is to set the foundation for how you will handle real-world applications within Kubernetes. These objects assist with scaling, organizing, securing, and persisting your workloads in a strong and declarative manner.
Practice deploying your own resources using these YAML definitions as you keep learning. Kubernetes might seem daunting at the beginning, but with regular practice, you will be running clusters like a pro!

1
Subscribe to my newsletter

Read articles from Alisha Jahan directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Alisha Jahan
Alisha Jahan