14 Configuration and secrets management

Releasing applications to production involves two important aspects: an executable artifact and its configuration. The executable artifact could be a JAR file or a container image. The previous chapters covered several principles, patterns, and tools for building applications that are loosely coupled, resilient, scalable, secure, and observable. You saw how to package applications as executable JAR artifacts or container images. I also guided you through the implementation of the commit stage of a deployment pipeline, which ultimately produces a release candidate.

The other aspect of being ready for production is configuration. Chapter 4 introduced the importance of externalized configuration for cloud native applications and covered several techniques for configuring Spring Boot applications. This chapter will continue that discussion in preparation for deploying an entire cloud native system to a Kubernetes production environment.

14.1 Configuring applications on Kubernetes

14.1.1 Securing the configuration server with Spring Security

14.1.2 Refreshing configuration at runtime with Spring Cloud Bus

14.1.3 Managing secrets with Spring Cloud Config

14.1.4 Disabling Spring Cloud Config

14.2 Using ConfigMaps and Secrets in Kubernetes

14.2.1 Configuring Spring Boot with ConfigMaps

14.2.2 Storing sensitive information with Secrets (or not)

14.2.3 Refreshing configuration at runtime with Spring Cloud Kubernetes

14.3 Configuration management with Kustomize

14.3.1 Using Kustomize to manage and configure Spring Boot applications

14.3.2 Managing Kubernetes configuration for multiple environments with Kustomize

14.3.3 Defining a configuration overlay for staging

14.3.4 Customizing environment variables

14.3.5 Customizing ConfigMaps