Created
April 13, 2022 01:38
-
-
Save moinuddin14/95e078b9387024db426f4f9f9807e237 to your computer and use it in GitHub Desktop.
This is an example gist to understand ConfigMap and Secrets in Kubernetes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # ConfigMap with different ways of data usage | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: game-demo | |
| data: | |
| # property-like keys; each key maps to a simple value | |
| player_initial_lives: "3" | |
| ui_properties_file_name: "user-interface.properties" | |
| # file-like keys | |
| game.properties: | | |
| enemy.types=aliens,monsters | |
| player.maximum-lives=5 | |
| user-interface.properties: | | |
| color.good=purple | |
| color.bad=yellow | |
| allow.textmode=true | |
| --- | |
| # ConfigMap usage both as environment variables and volumes for file types | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: configmap-demo-pod | |
| spec: | |
| containers: | |
| - name: demo | |
| image: alpine | |
| command: ["sleep", "3600"] | |
| env: | |
| # Define the environment variable | |
| - name: PLAYER_INITIAL_LIVES # Notice that the case is different here | |
| # from the key name in the ConfigMap. | |
| valueFrom: | |
| configMapKeyRef: | |
| name: game-demo # The ConfigMap this value comes from. | |
| key: player_initial_lives # The key to fetch. | |
| - name: UI_PROPERTIES_FILE_NAME | |
| valueFrom: | |
| configMapKeyRef: | |
| name: game-demo | |
| key: ui_properties_file_name | |
| volumeMounts: | |
| - name: config | |
| mountPath: "/config" | |
| readOnly: true | |
| volumes: | |
| # You set volumes at the Pod level, then mount them into containers inside that Pod | |
| - name: config | |
| configMap: | |
| # Provide the name of the ConfigMap you want to mount. | |
| name: game-demo | |
| # An array of keys from the ConfigMap to create as files | |
| items: | |
| - key: "game.properties" | |
| path: "game.properties" | |
| - key: "user-interface.properties" | |
| path: "user-interface.properties" | |
| --- | |
| # Secrets Manifest example | |
| apiVersion: v1 | |
| data: | |
| username: YWRtaW4= | |
| password: MWYyZDFlMmU2N2Rm | |
| kind: Secret | |
| metadata: | |
| name: mysecret | |
| namespace: default | |
| type: Opaque | |
| --- | |
| # Usage of Secrets in deployment manifest as environment variables | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: secret-test-pod | |
| spec: | |
| containers: | |
| - name: test-container | |
| image: k8s.gcr.io/busybox | |
| command: [ "/bin/sh", "-c", "env" ] | |
| envFrom: | |
| - secretRef: | |
| name: mysecret | |
| restartPolicy: Never | |
| --- | |
| # Usage of Secrets as volumes | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: mypod | |
| spec: | |
| containers: | |
| - name: mypod | |
| image: redis | |
| volumeMounts: | |
| - name: foo | |
| mountPath: "/etc/foo" | |
| readOnly: true | |
| volumes: | |
| - name: foo | |
| secret: | |
| secretName: mysecret | |
| items: | |
| - key: username | |
| path: my-group/my-username | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment