Day35:Mastering ConfigMaps and Secrets in Kubernetes 🔒🔑🛡️

Day35:Mastering ConfigMaps and Secrets in Kubernetes 🔒🔑🛡️

What are ConfigMaps and Secrets in k8s

In Kubernetes, ConfigMaps and Secrets are used to store configuration data and secrets, respectively. ConfigMaps store configuration data as key-value pairs, while Secrets store sensitive data in an encrypted form.

  • Example :- Imagine you're in charge of a big spaceship (Kubernetes cluster) with lots of different parts (containers) that need information to function properly. ConfigMaps are like a file cabinet where you store all the information each part needs in simple, labeled folders (key-value pairs). Secrets, on the other hand, are like a safe where you keep the important, sensitive information that shouldn't be accessible to just anyone (encrypted data). So, using ConfigMaps and Secrets, you can ensure each part of your spaceship (Kubernetes cluster) has the information it needs to work properly and keep sensitive information secure! 🚀

  • Read more about ConfigMap & Secret.

Task 1:

Create a ConfigMap for your Deployment

Create a ConfigMap for your Deployment using a file or the command line

create a configMap.yaml file

In this example, the apiVersion specifies the version of the Kubernetes API that is being used, and the kind specifies that this is a ConfigMap resource. The metadata section includes information about the ConfigMap, such as its name. The data section is where the key-value pairs are defined.

You can create the ConfigMap by running the following command:

kubectl apply -f configmap.yml

Update the deployment.yml file to include the ConfigMap

here, the pod definition includes an environment variable application whose value is taken from the ConfigMap. The valueFrom field specifies the source of the value, which is the ConfigMap my-config-map and the key application.

Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>

Verify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.

To verify that the ConfigMap has been created, you can use the following command:

This command will display a list of all ConfigMaps in your namespace, along with their status information.

kubectl get configmaps -n <namespace-name>

You can also use the following command to view the details of a specific ConfigMap:

This command will display detailed information about the ConfigMap, including its metadata, data, and status.

kubectl describe configmap <configmap-name> -n <namespace-name>

To see the key-value pairs of an environment variable in a ConfigMap inside a cluster or a pod, you can use the following command:

kubectl exec -it <pod-name> -- bash

Once inside the pod, you can use the following command to see the value of an environment variable:

echo $key-name

You can also use the following command to see all the environment variables defined in the pod:

printenv

In above example, key is application and value of that key is todo-app.

Task 2:

Create a Secret for your Deployment

Create a Secret for your Deployment using a file or the command line

create a secret.yaml file

In this example, the apiVersion specifies the version of the Kubernetes API that is being used, and the kind specifies that this is a Secret resource. The metadata section includes information about the Secret, such as its name. The type specifies the type of the Secret, which is Opaque in this case. The data section is where the key-value pairs are defined, with each value being base64 encoded.

You can create the Secret by running the following command:

Update the deployment.yml file to include the Secret

here, the Deployment definition includes an environment variable env-secret whose value is taken from the Secret. The valueFrom field specifies the source of the value, which is the Secret my-secret and the key password

Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>

Verify that the Secret has been created by checking the status of the Secrets in your Namespace.

To verify that the Secret has been created, you can use the following command:

kubectl get secrets -n <namespace-name>

You can also use the following command to view the details of a specific Secret:

kubectl describe secret <secret-name> -n <namespace-name>

To see the key-value pairs of an environment variable in a ConfigMap inside a cluster or a pod.

here, pod name is secret-demo-pod. We used printenv command to see all the environment variables defined in the pod which shows value of password is test@123. In secret.yaml file value of password is encryted.

Thank you for reading!! I hope you find this article helpful!!

Happy Learning!!

Sayali✨

Did you find this article valuable?

Support Sayali Jadhav by becoming a sponsor. Any amount is appreciated!