ConfigMaps

In Kubernetes, ConfigMaps and Secrets are used to store configuration data and secrets, respectively. ConfigMaps store configuration data as key-value pairs, while Secrets store sensitive data in an encrypted form.

Example :- Imagine you're in charge of a big spaceship (Kubernetes cluster) with lots of different parts (containers) that need information to function properly. ConfigMaps are like a file cabinet where you store all the information each part needs in simple, labeled folders (key-value pairs). Secrets, on the other hand, are like a safe where you keep the important, sensitive information that shouldn't be accessible to just anyone (encrypted data). So, using ConfigMaps and Secrets, you can ensure each part of your spaceship (Kubernetes cluster) has the information it needs to work properly and keep sensitive information secure! 🚀

ConfigMaps are Kubernetes objects that allow you to separate configuration data/files from image content to keep containerized applications portable.

ConfigMaps bind configuration files, command-line arguments, surroundings variables, port numbers, and alternative configuration artifacts to your Pods containers and system parts at run-time.

ConfigMaps are helpful for storing and sharing non-sensitive, unencrypted configuration data. Like Secrets, you’ll be able to produce config maps from files and with yaml declaration.

Secrets in Kubernetes: If you are deploying some containerize applications in Kubernetes so that the configuration of these applications contains some sensitive data such as username, passwords, keys, etc. This data is very sensitive in nature it is strongly recommended that not use that sensitive data in plain text format in the manifest file.

How do you manage such sensitive data in kubernetes?

The answer is kubernetes secrets, let’s start exploring kubernetes secrets?

Kubernetes secret is an object that contains a small amount of sensitive data which includes passwords, keys, tokens, etc. It Secrets is the solution to handling and managing the secrets inside pod manifest files, so the main aim of the secrets is to reduce the risk of accidental exposure of confidential data.

Kubernetes secrets are created outside of Pods, once it gets created it can be deployed on any pod and any number of times, so we do create secrets before it can be used anywhere inside the pod.

K8’s secrets are store inside etcd database on kubernetes.

You can store secrets as a :

Literal Value
File
Directory

The maximum size of kubernetes secrets is 1 MB. so secrets cannot be more than 1 MB.

Once secrets are created the question is how do we inject into a pod?

There are two ways to inject secrets into pods:

Volumes
Env variables

You can mount secrets as volume or expose secrets as environment variables inside a Pod.

There are two ways to create secrets :

kubectl command
Manifest File

Task 1:

Sequence:1st run ConfigMap 2.Secret.yml and 3rd.deployment.yml

Create a ConfigMap for your Deployment
Create a ConfigMap for your Deployment using a file or the command line
Update the deployment.yml file to include the ConfigMap
Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>
Verify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.

Task 2:

Create a Secret for your Deployment
Create a Secret for your Deployment using a file or the command line
Update the deployment.yml file to include the Secret
Apply the updated deployment using the command: kubectl apply -f deployment.yml -n <namespace-name>
Verify that the Secret has been created by checking the status of the Secrets in your Namespace.