ConfigMap
Estimated time to read: 3 minutes
Kubernetes Secrets store and manage sensitive information, such as passwords, O Auth tokens, and ssh keys. Storing confidential information in a Secret is safer and more flexible than putting it verbatim in a Pod definition or in a container image
Create and Use Secrets
-
Generate the base64 encoding
-
Generate the base64 encoding
-
-
Create Secret using the manifest file ofl-secret.yml
-
Types of Secret
Built-in Type Usage Opaque
arbitrary user-defined data kubernetes.io/service-account-token
ServiceAccount token kubernetes.io/dockercfg
serialized ~/.dockercfg
filekubernetes.io/dockerconfigjson
serialized ~/.docker/config.json
filekubernetes.io/basic-auth
credentials for basic authentication kubernetes.io/ssh-auth
credentials for SSH authentication kubernetes.io/tls
data for a TLS client or server bootstrap.kubernetes.io/token
bootstrap token data -
create Secret using the manifest file ofl-secret.yml by using the below command
-
Verify
ofl-mariadb-root-password
-
Describe the
ofl-mariadb-root-password
secrets -
Secret can be edited by executing the below command.
Read and Decode secret values
-
Read secret values
-
Decode the secret value
Config Map
ConfigMap is an API object used to store non-confidential data in key-value pairs. Pods can consume ConfigMaps as environment variables, command-line arguments, or as configuration files in a volume. A ConfigMap allows you to decouple environment-specific configuration from your container images, so that your applications are easily portable
-
Create a ConfigMap named mariadb-config, by executing the below command.
-
Verify the Config map
-
Describe the config map
-
Edit config map
Using Secrets and ConfigMaps
Secrets and ConfigMaps can be mounted as environment variables or as files within a container. For the MariaDB container, you will need to mount the Secrets as environment variables and the ConfigMap as a file.
First, though, you need to write a Deployment for MariaDB so that you have something to work with.