Kubernetes allows you to run and manage applications in containers. However, when you need to update configurations like usernames, passwords, or URLs without modifying the application code, ConfigMaps provide an efficient solution. ConfigMaps separate application configuration from the application itself, making it easier to update or manage settings without restarting or altering the code.
In this article, you will learn what ConfigMaps are, and how to create and use them effectively in Kubernetes
What are Kubernetes ConfigMaps?
In Kubernetes, ConfigMap is an API object used to store non-confidential configuration data as key-value pairs. It allows you to separate configuration data from application code, making your applications more portable and environment-independent.
ConfigMaps can be used in multiple ways:
- As environment variables.
- As command-line arguments.
- As configuration files mounted inside the container.
This separation allows you to use the same container image across different environments (like local development or cloud) by simply changing the configuration. For example, you can set DATABASE_HOST to localhost in your local system, and to a Kubernetes service name in the cloud environment.
It’s important to note that ConfigMap does not provide encryption or secrecy, so it's suitable only for non-sensitive data. If you need to store confidential information, you should use Kubernetes Secrets.
Also, ConfigMap is not meant for large data storage:
- The maximum size limit is 1 MB.
- For larger data storage, you should use Kubernetes Volume
What is a Kubernetes ConfigMap used for?
We know that ConfigMap is an API object that is mainly used to store non-confidential data or configurations for other objects to use. Most of the Kubernetes objects have a specification, but ConfigMap has data and binary data fields. Key value pairs are accepted by these fields as values. The data field is used to store UTF-8 strings, while the binary data field is used to store binary data as base64-encoded strings. A valid DNS subdomain name should be given to ConfigMap. The key value that is recorded in the data field and the key value in the binaryData field cannot both be the same.
Without being available to Pods this way directly, it may be used by other components of the system. Data that is utilized for configuration by other system components may be stored in COnfigMap. ConfigMaps are most commonly used to config settings for containers running in a Pod present in the same namespace. We can even use ConfigMap separately.
Where are ConfigMaps stored in Kubernetes?
ConfigMaps in Kubernetes are stored as API objects within the Kubernetes cluster's etcd datastore. They are managed by the Kubernetes API server and can be accessed and manipulated using the kubectl command-line tool or Kubernetes API.
How to use Kubernetes ConfigMaps - Examples
To create ConfigMaps in Kubernetes using YAML manifests, ensure the YAML file includes the apiVersion, kind, metadata, and data fields. The data field should contain key-value pairs representing the configuration data. Here's an example YAML manifest for creating a ConfigMap:
apiVersion: v1 kind: ConfigMap metadata: name: demo-config data: database_host: "172.138.0.1" debug_mode: "1" log_level: "verbose"
Save this manifest to a file named config.yaml. Then, apply it to your Kubernetes cluster using.
kubectl apply -f config.yaml
This will create the ConfigMap object named demo-config with the specified data in your cluster.
1. Using data and binaryData fields
When defining ConfigMaps in Kubernetes YAML manifests, note that the values within the data field must be strings. However, if you need to store binary data, you can utilize the binaryData field instead. Here's an example illustrating this concept:
apiVersion: v1 kind: ConfigMap metadata: name: binary-config data: text-data: "This is a string value" binaryData: binary-file: | U29tZSBiaW5hcnkgZGF0YQ==
In this YAML manifest, the data field contains a string value, while the binaryData field stores binary data represented by a base64-encoded string. This allows you to store both text and binary data within the same ConfigMap object.
2: Listing and inspecting ConfigMaps
To view the ConfigMaps you've created in Kubernetes, you can use the kubectl get command. Here's how you can do it:
kubectl get configmaps
This command will list every ConfigMap in your Kubernetes cluster, along with their names and other pertinent details, when it is executed in your terminal or command prompt.
You can use the kubectl describe command in Kubernetes to view the key-value pairs that are kept in a ConfigMap. This is how you do it:
kubectl describe configmap <configmap-name>
The name of the ConfigMap you wish to investigate should be substituted for <configmap-name>. This command will enable you to confirm the configuration data that has been stored by giving you comprehensive details about the given ConfigMap, including its key-value pairs.
Getting a ConfigMap’s Content as JSON
This command retrieves the ConfigMap named "test-config", extracts its data field, and formats the output using JSONPath. Then, the output is piped to the jq tool for better formatting and readability.
kubectl get configmap <configmap-name> -o=jsonpath='{.data}' | jq
3. Mounting ConfigMaps into Pods as volumes
We must first construct a ConfigMap in order to use it as a file in a pod. The command kubectl create configmap can be used to accomplish this. The ConfigMap must be mounted as a volume in the Pod once it has been generated. The volumes part of the Pod specification can be used to accomplish this.
For instance, the following Pod specification mounts a volume named my-configmap at the path /etc/configmap for a ConfigMap with the name my-configmap:
apiVersion: v1 kind: Pod metadata: name: my-pod spec: containers: - name: my-container image: my-image volumeMounts: - name: configmap-volume mountPath: /etc/configmap volumes: - name: configmap-volume configMap: name: my-configmap
The containers in the Pod can access the files in the ConfigMap once the ConfigMap has been mounted into the Pod. These files can then be used by the containers to launch and operate.
Here is an illustration of how to use a container to access the files in a ConfigMap:
# Get a list of all the files in the ConfigMap ls /etc/configmap # Get the contents of a file in the ConfigMap cat /etc/configmap/my-file.txt
4. Mounting ConfigMaps into Pods as command line arguments
In Kubernetes, you can mount ConfigMaps into Pods as files and then access those files as command-line arguments. This allows you to pass configuration data to your application without hardcoding it into your container image. Here's how you can achieve this:
- Mount the ConfigMap into your Pod as a volume.
- Access the configuration files from the mounted volume as command-line arguments.
Here's an example YAML configuration to illustrate this:
apiVersion: v1 kind: Pod metadata: name: test-pod spec: containers: - name: test-container image: <your-app-image> command: ["/bin/sh", "-c", "your-app-binary --config /mnt/test-config/config.properties"] volumeMounts: - name: config-volume mountPath: /mnt/test-config volumes: - name: config-volume configMap: name: test-config
- A ConfigMap named "test-config" is defined with a single key "config.properties", containing the application configuration.
- The Pod "test-pod" mounts the ConfigMap as a volume at "/mnt/test-config".
- The application container in the Pod executes a command that includes the configuration file "/mnt/test-config/config.properties" as a command-line argument.
5. Using Immutable ConfigMaps
Read-only ConfigMaps that are unmodifiable once created are known as immutable ConfigMaps in Kubernetes. They come in handy when you want to make sure that the configuration data does not alter or become inconsistent during the course of your application. Here is an example of using immutable ConfigMaps:
- Create a ConfigMap with the immutable flag set to true.
- Once created, you cannot modify the data or metadata of the ConfigMap.
- If you need to update the configuration data, create a new ConfigMap with the updated values.
- Update your Pods to use the new ConfigMap.
Here's an example YAML configuration to illustrate using immutable ConfigMaps:
apiVersion: v1 kind: ConfigMap metadata: name: test-config annotations: immutable: "true" # Set the immutable flag to true data: config.properties: | database_url=http://example.com/db debug_mode=true log_level=debug
kubectl apply -f test-config.yaml
- A ConfigMap named "test-config" is defined with the immutable flag set to true.
- The configuration data is specified under the "data" section as key-value pairs.
- Once created, any attempt to modify the "test-config" ConfigMap will result in an error.
- To update the configuration data, create a new ConfigMap with the desired changes and update your Pods to use the new ConfigMap.
By using immutable ConfigMaps, you can help prevent inadvertent modifications that can compromise the stability of your application and guarantee that its configuration stays consistent and dependable.
Understanding ConfigMap Updates
The configmaps can befig edited by using two ways one is by changing the config maps in the config file and by using the command kubectl edit configmap command. It will open the kubernetes configmaps file and there you can make the changes required in that file.
You can also use kubectl update configmap command. to update the config maps for example as shown below.
kubectl update configmap my-configmap --from-literal=key1=value1 --from-literal=key2=value2
- Data Mutation: Kubernetes applies modifications made to an updated ConfigMap to the current ConfigMap object. This implies that rather than producing a new item, the existing one is altered in-place. The modified configuration data is automatically sent to any pods referencing the updated ConfigMap.
- Pod Updates: When the ConfigMap is updated, pods that use ConfigMaps as environment variables or mount them as volumes are not automatically restarted. Consequently, until they are restarted or terminated, running pods continue to operate under the previous configuration.
How to Set Sensitive Config Values
Because ConfigMaps feature encryption, it isn't recommended to store private or sensitive data on them. ConfigMap data may be accessed by anyone with access to the cluster's etcd datastore. Use Secrets, which are made expressly for the safe transfer and maintaining of private information, for sensitive data.
ConfigMap vs Secrets
| Feature | ConfigMap | Secrets |
|---|
| Purpose | Stores non-sensitive configuration data | Stores sensitive or confidential information |
| Data Encryption | Data is not encrypted | Data is encrypted |
| Use Cases | Storing environment variables, configuration files, etc. | Storing sensitive data like passwords, API keys, certificates |
| Access Control | Accessible to all pods within the cluster | Restricted access based on RBAC policies |
| Kubernetes API | Kubernetes API object of type ConfigMap | Kubernetes API object of type Secret |
| Visibility | Configurations are visible in plain text | Encrypted data is not visible in plain text |
| Usage | Suitable for non-sensitive data that needs to be shared | Suitable for sensitive data that requires encryption |
Similar Reads
Kubernetes Tutorial Kubernetes is an open-source container management platform that automates the deployment, management, and scaling of container-based applications in different kinds of environments like physical, virtual, and cloud-native computing foundations. In this Kubernetes Tutorial, you are going to learn all
8 min read
Introduction to Kubernetes
Installation and Setup
Application Deployment
What are Kubernetes Containers?Kubernetes is an open-source container orchestration framework that was originally developed by Google. Container orchestration is automation. It can facilitate you to deploy the identical application across different environments like physical machines, virtual machines cloud environments, or perha
15 min read
Kubernetes - Introduction to Container OrchestrationIn this article, we will look into Container Orchestration in Kubernetes. But first, let's explore the trends that gave rise to containers, the need for container orchestration, and how that it has created the space for Kubernetes to rise to dominance and growth. The growth of technology into every
4 min read
Kubernetes - ImagesPre-requisite:- Kubernetes A container image is used to represent binary data that is being used to encapsulate an application and all its software dependencies. Container images can be represented as executable software bundles that run standalone and make very defined assumptions about their runti
3 min read
Kubernetes - JobsPre-requisite: Kubernetes In the Kubernetes world, jobs are considered an object to act as a supervisor or controllers of a task. The Kubernetes job will create a pod, monitor the task, and recreate another one if that pod fails for some reason. Upon completion of the task, it will terminate the pod
4 min read
Kubernetes - Labels & SelectorsAn open-source container management platform called Kubernetes automates the deployment, scaling, descaling, and load balancing of containers (also called a container orchestration tool). It was created by Google in Golang and has a sizable community as a result of that. Google eventually donated it
5 min read
Kubernetes - NamespacesKubernetes Namespace is a mechanism that enables you to organize resources. It is like a virtual cluster inside the cluster. A namespace isolates the resources from the resources of other namespaces. For example, You need to have different names for deployments/services in a namespace but you can ha
9 min read
Kubernetes - NodeKubernetes Nodes are the Worker or master machines where the actual work happens. Each Kubernetes node has the services required to execute Pods and is controlled by the Control Plane. Each Kubernetes Node can have multiple pods and pods have containers running inside them. 3 processes in every Node
13 min read
Kubernetes - NodePort ServiceNodePort service in Kubernetes is a service that is used to expose the application to the internet from where the end-users can access it. If you create a NodePort Service Kubernetes will assign the port within the range of (30000-32767). The application can be accessed by end-users using the node's
5 min read
Kubernetes - ClusterIP vs NodePort vs LoadBalancerThree main service types are used in Kubernetes networking: ClusterIP, NodePort, and LoadBalancer. Each has a specific function in controlling external access and service-to-service communication. Comprehending their distinctions is essential for efficiently coordinating applications. This article e
7 min read
Kubernetes - ServicesSoftware deployment, scaling, and management are all automated using Kubernetes, an open-source container orchestration system. K8s is another name for Kubernetes. Kubernetes was initially developed by Google and is now managed by the Cloud Native Computing Foundation. Despite the fact that it now s
3 min read
Kubernetes Pods: How to Create and Manage ThemKubernetes is an open-source container orchestration system mainly used for automated software deployment, management, and scaling. Kubernetes is also known as K8s. Kubernetes was originally developed by Google, but it is now being maintained by the Cloud Native Computing Foundation. It was original
13 min read
How to Run Shell Commands in Kubernetes Pods or ContainersIn Kubernetes, we create pods by adding an extra layer of information on containers. This Kubernetes in short is known as K8s, an open-source container orchestration tool developed by Google. It is used to orchestrate the containers for bringing Agility in software deployment through scaling, and ma
6 min read
Kubernetes - Creating Multiple Container in a PodPre-requisite:- Kubernetes Kubernetes is a container management tool and it automates container deployment, load balancing, and container scaling. It is open-source and developed by Google in 2014 and written in Golang. All cloud providers adopt Kubernetes. It is scheduled runs and manages isolated
3 min read
Kubernetes - Replication ControllerWith the help of the open-source container orchestration technology Kubernetes, software deployment, scalability, and management are mostly automated. Another name for Kubernetes is K8s. Google created Kubernetes, which is now overseen by the Cloud Native Computing Foundation. Even though it now wor
7 min read
Kuberneters - Difference Between Replicaset and Replication ControllerPre-requisite: Kubernetes Kubernetes is also known as K8s is an open-source container orchestration tool developed by google which is used for automating software deployment, scaling, and management. Currently, it is being maintained by the cloud native computing foundation(CNCF). K8s has two versio
4 min read
What is Kubernetes Deployment?Kubernetes is an open-source Container Management tool that automates container deployment, container scaling, descaling, and container load balancing (also called as container orchestration tool). It is written in Golang and has a huge community because it was first developed by Google and later do
10 min read
Configmaps
Kubernetes - ConfigMapsKubernetes allows you to run and manage applications in containers. However, when you need to update configurations like usernames, passwords, or URLs without modifying the application code, ConfigMaps provide an efficient solution. ConfigMaps separate application configuration from the application
10 min read
Kubernetes - Create Config Map From FilesPre-requisite: Kubernetes While creating a manifest file in Kubernetes, we can define environment variables. However, when you have a lot of manifest files, it will become difficult to manage the environment data stored in various manifest files. To overcome this issue, we can manage environment dat
3 min read
Kubernetes - Create ConfigMap From YAML FileA ConfigMap is a dictionary consisting of non-confidential data. Its primary role is to keep the configuration separate from the container image. ConfigMap can be created in different ways. This article will cover the declarative approach to creating ConfigMap from the YAML file. Example: apiVersion
1 min read
Kubernetes - Config Map From DirectoryPre-requisite:- Kubernetes Software deployment, scalability, and administration are mostly automated using Kubernetes, an open-source container orchestration framework. K8s is another name for Kubernetes. Kubernetes was initially developed by Google and is now managed by the Cloud Native Computing F
2 min read
Kubernetes - Injecting ConfigMap as FilesPre-requisite:- Kubernetes The automated deployment, scaling, and administration of software using a system called Kubernetes, an open-source container orchestration tool. K8s is another name for Kubernetes. Kubernetes was initially developed by Google and is now managed by the Cloud Native Computin
3 min read
Kubernetes - Injecting ConfigMap in PodsPre-requisite: Kubernetes Leveraging the open-source container orchestration engine Kubernetes to automate the deployment, scalability, and management of applications. Another name for Kubernetes is K8s. Google originally created Kubernetes, which is currently overseen by the Cloud Native Computing
3 min read
Scaling and Updating Applications
Kubernetes - Service DNS An open-source container orchestration system called Kubernetes is primarily employed for the automated deployment, scaling, and management of software. Another name for Kubernetes is K8s. Initially created by Google, Kubernetes is currently maintained by the Cloud Native Computing Foundation. Altho
11 min read
Additional Topics
What is Kubernetes API ?Complete GuideKubernetes API is an application that serves Kubernetes functionality through a RESTful interface and stores the state of the cluster via HTTP. Users can directly interact with the Kubernetes API or via tools like kubectl. It supports retrieving, creating, updating, and deleting primary resources vi
14 min read
Kubernetes - Taint and TolerationA pod is a group of one or more containers and is the smallest deployable unit in Kubernetes. A node is a representation of a single machine in a cluster (we can simply view these machines as a set of CPU and RAM). A node can be a virtual machine, a physical machine in a data center hosted on a clou
6 min read
Kubernetes Resource Model (KRM) and How to Make Use of YAML?Here we will explain how YAML can simplify system management and automation of most processes so that Kubernetes is a convenient working system. Basic Kubernetes Models: KRM and Everything-as-CodeAccording to Kubernetes co-founder Brian Grant, Kubernetes is very convenient thanks to the Kubernetes R
6 min read
Installing Private Git Server on K8s Cluster with Gitea and AKSIn this article, we are going to install a self-hosted Gitea server on top of Azure Kubernetes Service with Helm and set up a git repo. Having a private Git server might be beneficial these days. Gitea is a community-managed Git-compatible lightweight code hosting solution written in Go. It is publi
4 min read
Enable Remote Debugging For Java Application Deployed in Kubernetes EnvironmentDuring Development, developers have to debug their applications to resolve code problems. In order to debug a java application which is deployed on remote machine in a Kubernetes cluster, first developer has to do some steps to enable its application ready for debugging. Below are the manual steps t
2 min read
How to Enable JMX For Java Application Running in the Kubernetes Cluster?Many times we want to monitor our application's CPU utilization, background thread behavior, and most importantly memory consumptions for tasks that deal with loads for data (500MB - 1GB) or much more data. Such monitoring helps to find which operation is causing heavy CPU or Memory utilization and
3 min read