%20-%20ConfigMap%20%26%20Secrets%20(1).png)
A ConfigMap is used to store non-confidential data in key-value pairs.
They allow decoupling of environment-specific configuration from container images, so that the applications are easily portable.
Pods can consume ConfigMaps as environment variables, command-line arguments, or as configuration files in a volume.
Definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: database-config
data:
user: dev-user
password: password
Usage:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: mypod
image: redis
volumeMounts:
- name: foo
mountPath: "/etc/db-config”
readOnly: true
volumes:
- name: db-config
configMap:
name: database-config
A Secret contains sensitive data such as a password, a token, or a key.
Secrets are similar to ConfigMaps but are specifically intended to hold confidential data.
Definition:
apiVersion: v1
kind: Secret
metadata:
name: database-config
stringData:
username: admin
password: t0p-Secret
Usage:
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: mypod
image: redis
volumeMounts:
- name: foo
mountPath: "/etc/db-config”
readOnly: true
volumes:
- name: db-config
secret:
secretName: database-config
❗️You need to bear in mind that:
Usually, in a production environment, you would use a third party solution for confidential data management like Hashicorp Vault.
%20-%20Intro%20(1640%20%C3%97%20924%20px).png)
%20-%20Containers%20(1640%20%C3%97%20924%20px)%20(5).png)
%20-%20Cluster%20Internals.png)
%20-%20Jobs%20%26%20CronJobs.png)
%20-%20Namespace.png)