Skip to main content

ConfigMaps & Secrets

Cmds
k create configmap app-config --from-literal=APP_COLOR=blue (also --from-file=..)
k create secret generic app-secret --from-literal="key=value" --from-literal...
tip

ConfigMaps can be made immutable with "immutable: true"

ConfigMap Manifest
apiVersion: v1
kind: ConfigMap
metadata:
	name: app-config
data:
	APP_COLOR: blue
	APP_MODE: prod
Secret Manifest
apiVersion: v1
kind: Secret
metadata:
  name: db-secret
data:
  DB_Host: c3FsMDE=
  DB_Password: cGFzc3dvcmQxMjM=
  DB_User: cm9vdA==

Make all CofigMap & Secrets available to container

spec.containers[]:
	envFrom:
	- configMapRef:
		name: app-config
	- secretRef:
        name: test-secret

Select specific keys from ConfigMaps

spec.containers[]:
	env:
	- name: APP_COLOR
	  valueFrom:
	  	configMapKeyRef:
			name: app-config
			key: APP_COLOR
        	 secretKeyRef:
          		name: backend-user
          		key: backend-username

Secrets in pods as volumes

podspec.volumes:
	- name: app-secret-volume
	  secret: 
		secretName: app-secret