Deploy App with ConfigMap and Secret Volumes

Deploy App with ConfigMap and Secret Volumes

In the previous blog post, we demonstrated a complete demo of Kubernetes. But we didn't use the Kubernetes volume. In this blog, we are going to show how to deploy applications with configMap and secret as Kubernetes Volumes. We will use eclipse-mosquitto image.

Create Mosquitto without Volume

Create mosquitto-without-volumes.yaml and apply it to the Kubernetes environment.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mosquitto
  labels:
    app: mosquitto
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mosquitto
template:
  metadata:
    labels:
      app: mosquitto
  spec:
    containers:
      - name: mosquitto
        image: eclipse-mosquitto:2.0.15
        ports:
          - containerPort: 1883

We then create the app pod based on the Yaml file on Kubernetes. And check the mosquitto installation folder and its configuration folder. Once we completed this, we then delete the pod.

kubectl apply -f mosquitto-without-volumes.yaml 
kubectl get pod 
kubectl exec -it mosquitto-{pod_name} -- /bin/sh

ls mosquitto/
ls mosquitto/config/

kubectl delete -f mosquitto-without-volumes.yaml

Configure as ConfigMap and Secret Volumes

We created Mosquitto app with the default configuration. How about if we want to change the configuration? Then we can use ConfigMap and Secret Volumes on Kubernetes.

In the following code snip, ConfigMap "mosquitto-config-file" and Secret "mosquitto-secret-file" are created. And they are used in the following Deployment "mosquitto".

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: mosquitto-config-file
data:
  mosquitto.conf: |
    log_dest stdout
    log_type all
    log_timestamp true
    listener 9001

---
apiVersion: v1
kind: Secret
metadata:
  name: mosquitto-secret-file
type: Opaque
data:
  secret.file: |
    c29tZXN1cGVyc2VjcmV0IGZpbGUgY29udGVudHMgbm9ib2R5IHNob3VsZCBzZWU=

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mosquitto
  labels:
    app: mosquitto
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mosquitto
  template:
    metadata:
      labels:
        app: mosquitto
    spec:
      containers:
        - name: mosquitto
          image: eclipse-mosquitto:2.0.15
          ports:
            - containerPort: 1883
          volumeMounts:
            - name: mosquitto-conf
              mountPath: /mosquitto/config
            - name: mosquitto-secret
              mountPath: /mosquitto/secret
              readOnly: true
      volumes:
        - name: mosquitto-conf
          configMap:
            name: mosquitto-config-file
        - name: mosquitto-secret
          secret:
            secretName: mosquitto-secret-file

Then we log in to the container and verify the result.

kubectl get pod kubectl exec -it mosquitto-{pod_name} -- /bin/sh 
ls config
ls mosquitto/secret
cat mosquitto/secret/secret.file

Summary

In this post, we demonstrated how to use the ConfigureMap and Secret volumes to decouple the configuration files of the deployed application.

Reference

Module 10 of DevOps Bootcamp