Config Map and Secrets In Kubernetes:
I am a DevOps Engineer with an aim to learn and contribute to the Tech World!!
📝 Blogging and Sharing: On this platform, I'll be sharing insightful articles, tutorials, and tips on all things DevOps. Expect deep dives into CI/CD best practices, IaC patterns, containerization strategies, cloud optimization, and much more. Let's learn and grow together!
🎇Topics that we are going to discuss today :💻💻
📌what is configMap in Kubernetes?
📌what is secrets in Kubernetes?
📌How does Kubernetes provide exactly similar configuration to the newly created pods in case any new requirement for scaling up came or for any reason if any of the pods crashed?
🎇 Hands On Practical Task :💻💻
📌Practical Implementation for configMap and Secrets in Kubernetes
✔What is Config Map in Kubernetes?
Like any other resources in Kubernetes such as pods, deployment, and services Config Map is a Manifest file/configuration file
The main use of config Map is for any application such as if we want to have the usage of any Environment variable for any of the database so we can use config Map for that case
Also, we can then attach this config Map to the deployment so that all the pods inside that deployment get access to those data/environment variable in the config Map
It is not that we can only configure the environment variable in the config Map we can configure any non-confidential data which we want that all the pods should also have whenever a new pod gets created
✔What is secrets in Kubernetes?
Secrets is very similar to config Map Here we also configure the data in the secrets
But the only difference with the config Map is that here in secrets we configure the password or any confidential data that is encrypted or encoded but as soon as it reaches the pods Kubernetes automatically decodes / decrypts that password and provides to each pod in that deployment
✔How does Kubernetes provide exactly similar configuration to the newly created pods in case any new requirement for scaling up came or for any reason if any of the pods crashed?
- By using Config Map and secrets
✔Practical Implementation for Config Map and secrets:
- Step1) To start both the Master and Worker nodes and connect to them via SSH
Step2) Now we will create a deployment file for the Kubernetes cluster
apiVersion: apps/v1 kind: Deployment metadata: name: mysql-deployment namespace: mysql labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysqlStep 3) we will create a namespace as mysql so that we can group all the deployment and configMap and secrets to allow them to communicate
$ kubectl create namespace mysql
Step 4) Now we will apply the deployment file by using below command
$ kubectl apply -f deployment.yml
Step 5) Now we will check How many pods is running for that we will use below command
$ kubectl get pods -n mysql
But here in the above screenshot you can see that pods is created but getting crashLoopBackoff which means it is getting created but again getting crashed
And we know the reason for that as we have not provided the environment variable for mysql and also the password also not provided so pods are created but crashing again and again
so for that let us create configMap.yml in next step
Step6) Now create configMaps.yml file
apiVersion: v1 kind: ConfigMap metadata: name: mysql-config namespace: mysql labels: app: mysql data: MYSQL_DB: "cool DB"will also apply this configMaps.yml by using below command
$ kubectl apply -f configMaps.ymlAs we can see that we have passed the environment variable in the config map above now we also need to add the enviroment in the deployment by using the config Map
//deployment.yml
namespace: mysql
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: mysql-config
key: MYSQL_DATABASE
- Let us try to apply now this deployment.yml and then get the pods
- we can see that again the pods are starting and failing so again restarting so now we know the reason because we also need to provide the password for our mysql which is a confidential data so for that we will use the secrets.yml
Step 7) Let us create now secrets.yml
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
namespace: mysql
labels:
app: mysql
type: Opaque
data:
MYSQL_PASSWORD: dGVzdEAxMjM=
Here you can see that in password we have passed the encrypted value which we have done via online encrypter tool and this password will automatically be decoded by kubernetes
Now let us apply the secrets.yml
Now we have to add the environment variable for the secrets in deployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
namespace: mysql
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: password
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: mysql-config
key: MYSQL_DBDATABASE
Now we have succefully applied the config Map and secrets to our pods via deployment
Thanks for reading this article 😊😊
Regards,
Amrit Manash
