kubernetes
  • Monitoring and Logging
  • Kubernetes envFrom configmap and secrets
Powered by GitBook
On this page

Kubernetes envFrom configmap and secrets

Introduction

We can use env from configmap and secrets in pods of kubernetes. If same env variable exists secrets will override configmaps values.

I am describing below one deployment of helm chart 

apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: {{ template "test-chart.fullname" . }}
  labels:
    app: {{ template "test-chart.name" . }}
    chart: {{ template "test-chart.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app: {{ template "test-chart.name" . }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ template "test-chart.name" . }}
        release: {{ .Release.Name }}
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/configmaps.yaml") . | sha256sum }}
        checksum/config: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
    spec:
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          command:
            - bash
            - "-c"
          args: 
            - set -x; export TERM=xterm; apt update && apt install -y watch && printenv && exec watch printenv;
          envFrom: 
            - configMapRef: 
                name: {{ .Release.Name }}
            - secretRef: 
                name: {{ .Release.Name }}
          resources:
{{ toYaml .Values.resources | indent 12 }}
    {{- with .Values.nodeSelector }}
      nodeSelector:
{{ toYaml . | indent 8 }}
    {{- end }}
    {{- with .Values.affinity }}
      affinity:
{{ toYaml . | indent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
{{ toYaml . | indent 8 }}
    {{- end }}

---
apiVersion: v1
kind: Secret
metadata:
  name: {{ .Release.Name }}
type: Opaque
data:
  name: {{ .Release.Name | b64enc }}
  env: {{ "secrets" | b64enc }}
  last: {{ "lastsecret" | b64enc }}
  
  
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ .Release.Name }}
  labels:
    app: {{ template "test-chart.fullname" . }}
data:
  name: {{ .Release.Name }}
  env: configmap
  last: configlast

PreviousMonitoring and Logging

Last updated 6 years ago