DevOps blogs
Day 35: Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️ - 90DaysOfDevOps

Day 35: Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️ - 90DaysOfDevOps

Aman Awasthi's photo
Aman Awasthi
·

2 min read

What are ConfigMaps and Secrets in k8s

In Kubernetes, ConfigMaps and Secrets are used to store configuration data and secrets, respectively. ConfigMaps store configuration data as key-value pairs, while Secrets store sensitive data in an encrypted form.

  • Example:- Imagine you're in charge of a big spaceship (Kubernetes cluster) with lots of different parts (containers) that need information to function properly. ConfigMaps are like a file cabinet where you store all the information each part needs in simple, labeled folders (key-value pairs). Secrets, on the other hand, are like a safe where you keep important, sensitive information that shouldn't be accessible to just anyone (encrypted data). So, using ConfigMaps and Secrets, you can ensure each part of your spaceship (Kubernetes cluster) has the information it needs to work properly and keep sensitive information secure! 🚀

  • Read more about ConfigMap & Secret.

Today's task:

Task 1:

  • Create a ConfigMap for your Deployment

  • Create a ConfigMap for your Deployment using a file or the command line

Created the below config YAML file -

  • Update the deployment.yml file to include the ConfigMap

  • Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>

  • Verify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.
ubuntu@ip-172-31-60-234:~$ kubectl get configmaps -n todo
NAME               DATA   AGE
kube-root-ca.crt   1      108m
todo-config        3      3m26s

Task 2:

  • Create a Secret for your Deployment
ubuntu@ip-172-31-60-234:~$ echo -n "test@123" | base64
dGVzdEAxMjM=
  • Create a Secret for your Deployment using a file or the command line
apiVersion: v1
kind: Secret
metadata:
  name: todo-secret
data:
  password: dGVzdEAxMjM=
  • Update the deployment.yml file to include the Secret
apiVersion: apps/v1
kind: Deployment
metadata:
    name: todo-secret
    namespace: todo
    labels:
      app: todo
spec:
  replicas: 4
  selector:
    matchLabels:
      app: todo
  template:
    metadata:
      labels:
        app: todo
    spec:
      containers:
        - name: todo
          image: amana6420/node-todo-app
          ports:
          - containerPort: 8000

  • Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>

  • Verify that the Secret has been created by checking the status of the Secrets in your Namespace.

ubuntu@ip-172-31-60-234:~$ kubectl apply -f secret.yml -n todo
secret/todo-secret created
ubuntu@ip-172-31-60-234:~$ kubectl apply -f deployment.yml -n todo
deployment.apps/todo-secret created
ubuntu@ip-172-31-60-234:~$ kubectl get secret -n todo
NAME          TYPE     DATA   AGE
todo-secret   Opaque   1      23s
ubuntu@ip-172-31-60-234:~$ kubectl describe secret todo-secret -n todo
Name:         todo-secret
Namespace:    todo
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
password:  8 bytes

Thank you :)

#90daysofdevopsTrainWithShubhamKubernetesDevops