Chapter 7. ConfigMaps and Secrets: configuring applications


This chapter covers

  • Changing the main process of a container
  • Passing command-line options to the app
  • Setting environment variables exposed to the app
  • Configuring apps through ConfigMaps
  • Passing sensitive information through Secrets

Up to now you haven’t had to pass any kind of configuration data to the apps you’ve run in the exercises in this book. Because almost all apps require configuration (settings that differ between deployed instances, credentials for accessing external systems, and so on), which shouldn’t be baked into the built app itself, let’s see how to pass configuration options to your app when running it in Kubernetes.

7.1. Configuring containerized applications

Before we go over how to pass configuration data to apps running in Kubernetes, let’s look at how containerized applications are usually configured.

If you skip the fact that you can bake the configuration into the application itself, when starting development of a new app, you usually start off by having the app configured through command-line arguments. Then, as the list of configuration options grows, you can move the configuration into a config file.

7.2. Passing command-line arguments to containers

7.2.1. Defining the command and arguments in Docker

7.2.2. Overriding the command and arguments in Kubernetes

7.3. Setting environment variables for a container

7.3.1. Specifying environment variables in a container definition

7.3.2. Referring to other environment variables in a variable’s value

7.3.3. Understanding the drawback of hardcoding environment variables

7.4. Decoupling configuration with a ConfigMap

7.4.1. Introducing ConfigMaps

7.4.2. Creating a ConfigMap

7.4.3. Passing a ConfigMap entry to a container as an environment variable

7.4.4. Passing all entries of a ConfigMap as environment variables at once

7.4.5. Passing a ConfigMap entry as a command-line argument

7.4.6. Using a configMap volume to expose ConfigMap entries as files

7.4.7. Updating an app’s config without having to restart the app

7.5. Using Secrets to pass sensitive data to containers

7.5.1. Introducing Secrets

7.5.2. Introducing the default token Secret

7.5.3. Creating a Secret

7.5.4. Comparing ConfigMaps and Secrets

7.5.5. Using the Secret in a pod

7.5.6. Understanding image pull Secrets

7.6. Summary