I have a config map which creates a config file to my application.
The structure is as below.
apiVersion: v1 kind: ConfigMap metadata: name: database-configmap data: config: | dbport=5432 dcname= dbssl=false locktime=300 domainuser= dattserverhost=localhost conntype=ON-PREM dbinstance= dattusessl=false dbpwd=VrjvBguQ iisport=80 docountupgrade=false doreportupgrade=false dbname=dattdatabase dattuseiis=false dbtype=POSTGRESQL dbusername=postg dbserver=tgres.database.azure.com domainpwd=
Complete file will be dumped to a properties file so the application would use that.
Is there anyway to save some properties (like dbusername,dbpassword) in it as a kubernetes secret and when the deployment pods are created, these secrets and configmap will be merged to the properties file?
Please suggest.
Answer
Short answer: don’t.
Secrets
and ConfigMaps
are different objects. Secrets
are obfuscated with a Base64 encoding and should be used for confidential data while ConfigMaps
are used for non-confidential data.
You should make separate objects for confidential and non-confidential data and than use them in your Deployment
. You can modify your Deployment
to use both Secrets
and ConfigMaps
, for example:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: envtest
spec:
replicas: 1
template:
metadata:
labels:
name: envtest
spec:
containers:
- name: envtest
image: gcr.io/<PROJECT_ID>/envtest
ports:
- containerPort: 3000
env:
- name: LANGUAGE
valueFrom:
configMapKeyRef:
name: language
key: LANGUAGE
- name: API_KEY
valueFrom:
secretKeyRef:
name: apikey
key: API_KEY
There are also different ways of using both Secrets
and ConfigMaps
. For more details, see the sources below:
Attribution
Source : Link , Question Author : uday , Answer Author : Wytrzymały Wiktor