Day 35: Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️

Day 35: Mastering ConfigMaps and Secrets in Kubernetes🔒🔑🛡️

Day#35 Of 90 Days Of DevOps Challenge

🎉Introduction

Welcome back to our Kubernetes journey!

Yesterday i.e. on Day#34, we tackled Namespaces and Services, equipping ourselves with essential knowledge for managing our Kubernetes cluster💻🔗🚀

Today, we're diving into ConfigMaps and Secrets, two crucial tools for configuring and securing your Kubernetes applications.

🌟What are ConfigMaps and Secrets in Kubernetes?

In the intricate world of Kubernetes, ConfigMaps and Secrets play vital roles. ConfigMaps are used to store configuration data as key-value pairs, whereas Secrets securely safeguard sensitive data in an encrypted form.

Let's simplify this concept

Picture yourself as the captain of a colossal spaceship, your Kubernetes cluster, consisting of various components, or containers, each requiring specific information to function optimally.

ConfigMaps are your trusty file cabinet, neatly organizing all the necessary data in labeled folders, represented as key-value pairs.

On the other hand, Secrets are akin to a secure vault, protecting critical and confidential information, using encryption.

So, with ConfigMaps and Secrets, you ensure that every part of your spaceship, your Kubernetes cluster, has the essential information it needs to operate smoothly, all while keeping sensitive data safely locked away! 🚀

So now, let's move to today's tasks:

📃Task 1: Create a ConfigMap for Your Deployment

  1. Create a ConfigMap

    • You can create a ConfigMap for your Deployment either by using a file or the command line.

    • To create it via the command line, you can use the command.

    kubectl create configmap my-config -n <namespace-name>
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: app-demo
    data:
      name: django-todo-app
      namespace: todo-app
      application: todo-app
      protocol: TCP

    kubectl apply -f <configMap file name> -n <namespace-name>

  1. Update the deployment.yml file

    • Modify your deployment.yml file to include the ConfigMap. Specify the ConfigMap in the spec section of your Deployment configuration.
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: todo-app-deployment
      labels: 
        app: todo-app  
      namespace: todo-app
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: todo-app
      template:
        metadata:
          labels:
            app: todo-app
        spec:
          containers:
            - name: todo-app
              image: vishalphadnis/todo-app
              ports:
              - containerPort: 8000

              env:
                - name: application
                  valueFrom:
                    configMapKeyRef:
                      name: app-demo
                      key: application

  1. Apply the updated deployment

    • Deploy the updated configuration using the following command
    kubectl apply -f deployment.yml -n <namespace-name>

  1. Verify the ConfigMap

    • Ensure that the ConfigMap has been successfully created by checking the status of ConfigMaps within your specified Namespace.
    kubectl get configmaps -n <namespace-name>

  • To view detailed information about the Configmap use the following command
    kubectl describe configmap <configmap-name> -n <namespace-name>

📚Task 2: Create a Secret for Your Deployment

  1. Create a Secret

    • Similar to ConfigMaps, you can create a Secret for your Deployment using either a file or the command line. To create it via the command line, you can use the command
    kubectl create secret generic my-secret -n <namespace-name>
    apiVersion: v1
    kind: Secret
    metadata:
      name: secret-file
      namespace: todo-app
    type: Opaque
    data:
      password: dGVzdEAxMjMK

  1. Apply the created secret

     kubectl apply -f < secret-file-name > -n < namespace-name >
    

  2. Update the deployment.yml file

    • Modify your deployment.yml file to include the Secret. Specify the Secret in the spec section of your Deployment configuration.
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: todo-app-deployment
      labels:
        app: todo-app
      namespace: todo-app
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: todo-app
      template:
        metadata:
          labels:
            app: todo-app
        spec:
          containers:
            - name: todo-app
              image: vishalphadnis/todo-app
              ports:
              - containerPort: 8000

              env:
                - name: secret
                  valueFrom:
                    secretKeyRef:
                      name: secret-file
                      key: password

  1. Apply the updated deployment

    • Deploy the updated configuration using the command
    kubectl apply -f deployment.yml -n <namespace-name>

  1. Verify the Secret

    • Ensure that the Secret has been successfully created by checking the status of Secrets within your specified Namespace
    kubectl get secrets -n < namespace-name >

  • To view detailed information about the secret use the following command
    kubectl describe secret <secret-name> -n <namespace-name>

💥Conclusion

Congratulations! You've taken significant strides in your Kubernetes journey by mastering ConfigMaps and Secrets.

These tools are essential for configuring your applications and safeguarding sensitive data within your Kubernetes cluster.

With this knowledge, you're better equipped to manage complex deployments and ensure the smooth operation of your Kubernetes workloads.

Keep exploring, and stay tuned for more Kubernetes adventures ahead! 🔒🔑🛡️

🚀 Stay tuned for more insightful Kubernetes blogs in the days ahead! 🎉

Thank you for joining us on this exciting Day 35 of the 90 Days of DevOps challenge. I hope you found the information helpful and insightful.

So please keep yourself updated with my latest insights and articles on DevOps 🚀 by following me on :

Hashnode: vishaltoyou.hashcode.dev

LinkedIn: linkedin.com/in/vishalphadnis