QbitUniverse

Kubernetes Building Blocks

Kubernetes ConfigMaps and Secrets

Marcin Narloch
Docker Building Blocks

In the previous post we’ve looked into Kubernetes Ingress – a very powerfull reverse proxy workload providing a very flexible routing into applications (Pods) hosted on the Kubernetes platform.

This time we’ll be talking about Pod’s ConfigMaps and Secrets. These two constructs allow us to store application configuration which is non-sensitive i.e. plain text (ConfigMap) and one that is meant to be secured (Secret).

More details: Kubernetes ConfigMaps and Kubernetes Secrets

Create ConfigMap and Secret

Let’s start with creating ConfigMap and Secret workloads. You can generally do this either by adopting Imperative or Declarative syntax with the kubectl create command.

More Details: kubectl create

Imperative

kubectl create cm [CONFIG MAP NAME]
kubectl create secret [SECRET NAME]

Declarative

kubectl apply -f [CONFIG MAP TEMPLATE].yaml
kubectl apply -f [SECRET TEMPLATE].yaml

[CONFIG MAP TEMPLATE].yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: [CONFIG MAP NAME]
data:
  [KEY]: [VALUE]

[SECRET TEMPLATE].yaml

apiVersion: v1
kind: Secret
metadata:
  name: [SECRET NAME]
type: Opaque
data:
  [KEY]: [BASE64 encoded VALUE]

List ConfigMaps and Secrets

To find out what ConfigMaps or Secrets are running and in which Namespaces you’ll probably want to use some of these kubectl get po commands. It’s also possible to filter the queries on Pod attributes or fields.

More Details: kubectl get

List All ConfigMaps and Secrets in Namespace

kubectl get cm -n [NAMESPACE]
kubectl get secret -n [NAMESPACE]

List All ConfigMaps and Secrets in All Namespaces

kubectl get cm --all-namespaces
kubectl get secret --all-namespaces

List All ConfigMaps and Secrets with Labels

kubectl get cm --all-namespaces --show-labels
kubectl get secret --all-namespaces --show-labels

ConfigMap and Secret Details

These commands will allow you to look deeper into your chosen ConfigMap or Secret where you’ll find out contents of these resources.

More Details: kubectl describe

Get ConfigMap and Secret

kubectl get cm [CONFIG MAP NAME] -n [NAMESPACE]
kubectl get secret [SECRET NAME] -n [NAMESPACE]

Get ConfigMap and Secret – Wide Output

kubectl get cm [CONFIG MAP NAME] -n [NAMESPACE] -o wide
kubectl get secret [SECRET NAME] -n [NAMESPACE] -o wide

Get ConfigMap and Secret – YAML Output

kubectl get cm [CONFIG MAP NAME] -n [NAMESPACE] -o yaml
kubectl get secret [SECRET NAME] -n [NAMESPACE] -o yaml

Export ConfigMap and Secret – YAML Output to File

kubectl get cm [CONFIG MAP NAME] -n [NAMESPACE] -o yaml --export > [FILE NAME].yaml
kubectl get secret [SECRET NAME] -n [NAMESPACE] -o yaml --export > [FILE NAME].yaml

Describe ConfigMap and Secret

kubectl describe cm [CONFIG MAP NAME] -n [NAMESPACE]
kubectl describe secret [SECRET NAME] -n [NAMESPACE]

Patch ConfigMap and Secret

To modify an existing ConfigMap or Secret directly on the Kubernetes data plane use the kubectl patch command.

More Details: kubectl patch

Patch ConfigMap and Secret with bash

kubectl patch cm [CONFIG MAP NAME] -n [NAMESPACE] -p "$(cat [CONFIG MAP TEMPLATE].yaml)"
kubectl patch secret [SECRET NAME] -n [NAMESPACE] -p "$(cat [SECRET TEMPLATE].yaml)"

Patch ConfigMap and Secret with Powershell

kubectl patch cm [CONFIG MAP NAME] -n [NAMESPACE] -p $(Get-Content [CONFIG MAP TEMPLATE].yaml -Raw)
kubectl patch secret [SECRET NAME] -n [NAMESPACE] -p $(Get-Content [SECRET TEMPLATE].yaml -Raw)

Delete ConfigMap and Secret

Finally, to dispose of a ConfigMap or Secret simply use the kubectl delete command allowing you to target single resource or even filter on labels or namespaces.

More Details: kubectl delete

Imperative

Delete ConfigMap and Secret By Name

kubectl delete cm [CONFIG MAP NAME] -n [NAMESPACE]
kubectl delete secret [SECRET NAME] -n [NAMESPACE]

Delete ConfigMap and Secret By Label

kubectl delete cm -l name=[LABEL] -n [NAMESPACE]
kubectl delete secret -l name=[LABEL] -n [NAMESPACE]

Delete All ConfigMaps and Secrets in Namespace

kubectl delete cm -n [NAMESPACE] --all
kubectl delete secrets -n [NAMESPACE] --all

Declarative

kubectl delete -f [CONFIG MAP TEMPLATE].yaml
kubectl delete -f [SECRET TEMPLATE].yaml

<< Kubernetes Ingress | Kubernetes ConfigMaps and Secrets | Kubernetes Housekeeping >>

Marcin Narloch

Marcin Narloch

Creative and out-of-the-box thinker with strong interests and knowledge in technology and innovation.
marcin.narloch@qbituniverse.com
https://qbituniverse.com
Docker Building Blocks Previous post Kubernetes Housekeeping
Docker Building Blocks Next post Kubernetes Ingress

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post