Table of contents
- Step 1: Clone the Project and Build the Docker Image
- Step 2: Create the Deployment File
- Step 3: Apply the Deployment File
- Step 4: Configure a ConfigMap
- Step 5: Use ConfigMap in Deployment
- Problem: ConfigMap Changes Don’t Reflect in Running Pods
- Solution: Use VolumeMount
- Secrets: Secure Sensitive Data
- Final Thoughts
Kubernetes makes managing containerized applications easier. In this blog, we'll walk you through deploying a sample application, configuring it using ConfigMaps, and securing sensitive data with Secrets. Let’s get started!
Step 1: Clone the Project and Build the Docker Image
Begin by cloning the project repository and building the Docker image:
docker build -t sample-note-app:v1 .
Step 2: Create the Deployment File
Here’s a basic deployment.yml
file for deploying your app:
apiVersion: apps/v1
kind: Deployment
metadata:
name: sample-note-app
labels:
app: sample-note-app
spec:
replicas: 2
selector:
matchLabels:
app: sample-note-app
template:
metadata:
labels:
app: sample-note-app
spec:
containers:
- name: note-app
image: sample-note-app:v1
ports:
- containerPort: 8000
Step 3: Apply the Deployment File
Run the following command to deploy the application:
kubectl apply -f deployment.yml
Check if your deployment and pods are running:
kubectl get pods -o wide
Step 4: Configure a ConfigMap
Create a ConfigMap file (cm.yml
) to store configuration data:
apiVersion: v1
kind: ConfigMap
metadata:
name: test-cm
data:
db-port: "3306"
Apply it:
kubectl apply -f cm.yml
Verify its creation:
kubectl get configmap test-cm
kubectl describe configmap test-cm
Step 5: Use ConfigMap in Deployment
Update your deployment.yml
to use the ConfigMap as an environment variable:
kubectl edit deployment sample-note-app
Notice how Kubernetes terminates old pods and creates new ones.
Check inside the pods to confirm the environment variable is set.
Problem: ConfigMap Changes Don’t Reflect in Running Pods
If the db-port
value changes in the ConfigMap, it won’t update in running pods without restarting them. This can disrupt live traffic, which isn’t ideal in production.
Solution: Use VolumeMount
Instead of environment variables, use ConfigMap as a mounted file. Update your deployment.yml
like this:
apiVersion: apps/v1
kind: Deployment
metadata:
name: sample-note-app
labels:
app: sample-note-app
spec:
replicas: 2
selector:
matchLabels:
app: sample-note-app
template:
metadata:
labels:
app: sample-note-app
spec:
containers:
- name: note-app
image: sample-note-app:v1
volumeMounts:
- name: db-connection
mountPath: /opt
ports:
- containerPort: 8000
volumes:
- name: db-connection
configMap:
name: test-cm
Apply the changes and check inside the pods. You’ll see a file named db-port
in /opt
with the value 3306
.
Now, if you update the ConfigMap, the file value updates automatically without restarting the pods.
Secrets: Secure Sensitive Data
To store sensitive data like passwords, use Secrets.
- Create a secret:
kubectl create secret generic test-secret --from-literal=db-port="3306"
- View the secret:
kubectl get secrets test-secret
kubectl describe secret test-secret
Note: Kubernetes Secrets are only base64-encoded. For stronger encryption, use tools like HashiCorp Vault or Sealed Secrets.
To learn more, check out "How to Encrypt etcd for Secrets".
Final Thoughts
Kubernetes offers flexibility and power, but understanding its nuances, like using ConfigMaps effectively or securing sensitive data, is critical. By following this guide, you’ll be better prepared to handle real-world challenges.
Got feedback or questions? Drop them in the comments below! 👇
Happy coding! 🚀