What are ConfigMaps and Secrets in k8s In Kubernetes?
ConfigMaps and Secrets are used to store configuration data and secrets, respectively. ConfigMaps store configuration data as key-value pairs, while Secrets store sensitive data in an encrypted form.
Config Maps:
Kubernetes resource for storing configuration data.
Key-value pairs or files.
Environment variables or configuration files.
Used to separate configuration from application code.
Secrets:
Kubernetes resource for sensitive data.
Passwords, API keys, tokens.
Encrypted and base64-encoded.
Secure storage and access control.
Example :- Imagine you're in charge of a big spaceship (Kubernetes cluster) with lots of different parts (containers) that need information to function properly. ConfigMaps are like a file cabinet where you store all the information each part needs in simple, labeled folders (key-value pairs). Secrets, on the other hand, are like a safe where you keep the important, sensitive information that shouldn't be accessible to just anyone (encrypted data). So, using ConfigMaps and Secrets, you can ensure each part of your spaceship (Kubernetes cluster) has the information it needs to work properly and keep sensitive information secure! ๐
Today's task:
Task 1:
Create a ConfigMap for your Deployment.
Create a ConfigMap for your Deployment using a file or the command line.
apiVersion: v1 kind: ConfigMap metadata: name: mysql-config namespace: mysql labels: app: mysql data: MYSQL_DB: "database1"Update the deployment.yml file to include the ConfigMap
Apply the updated deployment using the command:
kubectl apply -f deployment.yml -n <namespace-name>apiVersion: apps/v1 kind: Deployment metadata: name: mysql-configuration labels: app: mysql namespace: devops spec: replicas: 3 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql-container image: mysql:8 ports: - containerPort: 3306 env: - name: MYSQL_DATABASE valueFrom: configMapKeyRef: name: mysql-config key: MYSQL_DATABASEVerify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.
Task 2:
Create a Secret for your Deployment
Create a Secret for your Deployment using a file or the command line
echo 'test@123' | base64 #dGVzdEAxMjMKapiVersion: v1 kind: Secret metadata: name: mysql-secret labels: app: mysql type: Opaque data: MYSQL_PASSWORD: dGVzdEAxMjMK
Update the deployment.yml file to include the Secret
- Modify your deployment.yml file to include the Secret. Specify the Secret in the
specsection of your Deployment configuration.
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql-configuration
labels:
app: mysql
namespace: devops
spec:
replicas: 3
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql-container
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: mysql-config
key: MYSQL_DATABASE
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: MYSQL_PASSWORD
- Apply the updated deployment using the command:
kubectl apply -f deployment.yml -n <namespace-name>
Verify that the Secret has been created by checking the status of the Secrets in your Namespace.
kubectl get secrets -n < namespace-name >That's all for today. Thank you for reading so far. Stay updated for new tasks in new topics.