Configmaps in Kubernetes
A ConfigMap is used to store non-confidential data. The data is in key-value pairs. Pods can consume ConfigMaps as command-line arguments, environment variables or as configuration files in a volume.
Using a ConfigMap we can decouple environment-specific configuration from the container images. This can help us create our portable applications. ConfigMap does not provide encryption so it is always recommended not to store confidential information in the Configmap. Instead of using config, secretes can be used to store confidential information or security keys or passwords.
There are following different ways using which ConfigMap data can be used inside a Pod:
- Command-line arguments to a container
- Environment variables for a container
- Add a file in read-only volume.
- Write code to run inside the Pod that uses the Kubernetes API to read a ConfigMap.
To know more about Configmap, visit Kubernetes' official page here.
In this article, we will see two examples to access data from configmaps. In one example we will use config maps as environment variables in the pod command and in the other we will populate a volume with data stored in a ConfigMap.
Pre-requisites
- Kubernetes Cluster with at least 1 worker node.
If you want to learn to create a Kubernetes Cluster, click here. This guide will help you create a Kubernetes cluster with 1 Master and 2 Nodes on AWS Ubuntu 18.04 EC2 Instances.
What will we do?
- Create a Configmap and access its data
Create a Configmap and access its data.
Create a file with the following config-map definition.
vim my-configmap-demo1.yaml
apiVersion: v1 kind: ConfigMap metadata: name: my-configmap-demo1 data: variable_one: one variable_two: two
Configmap can be created using the following command.
kubectl create -f my-configmap-demo1.yaml
Get details of the config map we created.
kubectl get configmaps
kubectl describe configmaps my-configmap-demo1
In the above screenshot, you can see that we have our data "variable_one" and "variable_two" available in the config map we created.
Now, this config map can be accessed in the Pod.
To access configmap data as environment variables in pod commands, let's create a pod definition file with the following content.
vim my-pod-with-configmaps-as-environment-variables.yml
apiVersion: v1 kind: Pod metadata: name: my-pod-configmap-demo spec: containers: - name: my-container-configmap-demo image: k8s.gcr.io/busybox command: [ "/bin/sh", "-c", "echo $(variable_one_env) $(variable_two_env)" ] env: - name: variable_one_env valueFrom: configMapKeyRef: name: my-configmap-demo1 key: variable_one - name: variable_two_env valueFrom: configMapKeyRef: name: my-configmap-demo1 key: variable_two restartPolicy: Never
Now, we are ready to create a pod that can access data from configmap as environment variables.
kubectl get podss
kubectl create -f my-pod-with-configmaps-as-environment-variables.yml
kubectl get pod
Since the pod has successfully completed its execution and existed as there is no process that can keep the pods alive, we can check its logs to see if configmap was available in the pod or not. To verify this, we have used echo command in the pod that will print the values of the variables.
kubectl get pods
kubectl logs my-pod-configmap-demo
In the above screenshot, it can be seen that the configmap data was accessible in the pod and it has printed values using echo command as "one" and "two".
Configmap data is also available as files in volumes.
To access configmap data through volume, create a pod definition using the following content.
vim my-pod-with-configmaps-added-to-volume.yml
apiVersion: v1 kind: Pod metadata: name: my-pod-configmap-demo2 spec: containers: - name: my-container-configmap-demo2 image: k8s.gcr.io/busybox command: [ "/bin/sh", "-c", "ls /etc/myconfig/" ] volumeMounts: - name: my-config-volume mountPath: /etc/myconfig volumes: - name: my-config-volume configMap: name: my-configmap-demo1 restartPolicy: Never
Now, let's create a pod that can have configmap data available as files from "my-config-volume" volume. This configmap data will be available under "/etc/myconfig" directory in the pod.
kubectl get pods
kubectl create -f my-pod-with-configmaps-added-to-volume.yml
kubectl get pods
This time also, the pod has exited successfully as there is no process to keep the pod alive.
But, we have used "ls /etc/myconfig" command which will list the content of "/etc/myconfig" directory.
kubectl get pods
In the logs we can see of configmap data was available as files under "/etc/myconfig"
kubectl logs my-pod-configmap-demo2
In the above screenshot, you can see that the configmap data was available in the pod as "variable_one" and "variable_two" files.
Conclusion
In this article, we learned to create a configmap and access it in 2 ways. We saw the steps to access the configmap data as environment variables to the pod command and files in volume in the pod.