ConfigMaps:
ConfigMaps in Kubernetes are used to store configuration data, such as environment variables and settings, separately from the application code. They allow you to change configuration without modifying the container image. ConfigMaps are created as key-value pairs and can be injected into pods at runtime. This helps keep the application flexible and easy to manage, as you can update settings without rebuilding the container image. They are useful for configuring applications with environment variables or files and managing settings separately from the code. Overall, ConfigMaps make it easier to handle configuration data in a Kubernetes cluster.
Define Secrets in K8s
In Kubernetes, Secrets are used to store sensitive information, like passwords or API keys, in a secure and encrypted way. They keep this data separate from the main application, reducing the risk of accidental exposure. Secrets are encrypted and can be used by pods to access sensitive data without exposing it directly in the application code. They are handy for storing passwords, API tokens, and other confidential information needed by your applications.
Set Up MySQL Client using ConfigMap & Secrets
Create a ConfigMap for your Deployment using a file or the command line.
vim configMap.yml
kind: ConfigMap
apiVersion: v1
metadata:
name: mysql-config
labels:
app: todo
data:
MYSQL_DB: "todo-db"
Now apply the configMap.
kubectl apply -f configMap.yml
Verify that the ConfigMap has been created by checking the status of the ConfigMaps in your Namespace.
The command shows the list of available configMap
kubectl get configmap
Task 2:
Create a Secret for your Deployment using a file or the command line
vim secrect.yml
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
type: Opaque
data:
password: dHJhaW53aXRoc2h1YmhhbQ==
We can Encode & decode the Base64 key by ourselves.
# To Decode Base64 key
echo "dHJhaW53aXRoc2h1YmhhbQ==" | base64 --decode
# To Encode Base64 key
echo "test@123" | base64
Now, apply the secret.
kubectl apply -f secret.yml
Verify that the Secret has been created by checking the status of the Secrets in your Namespace.
The command shows the list of available secrets
kubectl get secrets
Now update the deployment.yml file to include the configMap & Secret
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: password
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: mysql-config
key: MYSQL_DB
Apply the updated deployment using the command:
kubectl apply -f deployment.yml
To verify the MySQL pods are running, we can get the MySQL pod by running the following command.
kubectl get pods
To expose the MySQL use the K8s service, Create a service.yml file and make the configuration by headless service.
apiVersion: v1
kind: Service
metadata:
name: mysql-service
spec:
ports:
- name: mysql
port: 3306
clusterIP: None
selector:
app: mysql
Now apply for the service, so that the pod is exposed.
kubectl apply -f service.yml
Now on the Worker Node install the MySQL client on it.
sudo apt install mysql-client-core-8.0
Now connect the MySQL to the Master node using the below command
# Get inside of the mysql pod
kubectl exec -it mysql-b7f864b95-nt24h /bin/sh
# Now connect the mysql using username root and password from Secret
mysql -u root -p${MYSQL_ROOT_PASSWORD}
Now we are finally in MySQL console, so we can do CRUD operation in it.
And use the todo-db that we had created before and that is listed in the databases.
For another Kubernetes project.
Follow me on LinkedIn to see interesting posts like this : )
##